projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
PIPE_CONNECT: fix feature-cache refresh
[exim.git] / src / src / transports / smtp.c
CommitLineData
0756eb3c
PH		 1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
f9ba5e22 5/* Copyright (c) University of Cambridge 1995 - 2018 */
0756eb3c
PH		 6/* See the file NOTICE for conditions of use and distribution. */
7
8#include "../exim.h"
9#include "smtp.h"
10
0756eb3c
PH		 11
12/* Options specific to the smtp transport. This transport also supports LMTP
13over TCP/IP. The options must be in alphabetic order (note that "_" comes
14before the lower case letters). Some live in the transport_instance block so as
15to be publicly visible; these are flagged with opt_public. */
16
17optionlist smtp_transport_options[] = {
506900af
JH		 18 { "*expand_multi_domain", opt_stringptr | opt_hidden | opt_public,
19 (void *)offsetof(transport_instance, expand_multi_domain) },
9c695f6d
JH		 20 { "*expand_retry_include_ip_address", opt_stringptr | opt_hidden,
21 (void *)(offsetof(smtp_transport_options_block, expand_retry_include_ip_address)) },
22
48c7f9e2
PH		 23 { "address_retry_include_sender", opt_bool,
24 (void *)offsetof(smtp_transport_options_block, address_retry_include_sender) },
0756eb3c
PH		 25 { "allow_localhost", opt_bool,
26 (void *)offsetof(smtp_transport_options_block, allow_localhost) },
617d3932
JH		 27#ifdef EXPERIMENTAL_ARC
28 { "arc_sign", opt_stringptr,
29 (void *)offsetof(smtp_transport_options_block, arc_sign) },
30#endif
0756eb3c
PH		 31 { "authenticated_sender", opt_stringptr,
32 (void *)offsetof(smtp_transport_options_block, authenticated_sender) },
382afc6b
PH		 33 { "authenticated_sender_force", opt_bool,
34 (void *)offsetof(smtp_transport_options_block, authenticated_sender_force) },
0756eb3c
PH		 35 { "command_timeout", opt_time,
36 (void *)offsetof(smtp_transport_options_block, command_timeout) },
37 { "connect_timeout", opt_time,
38 (void *)offsetof(smtp_transport_options_block, connect_timeout) },
39 { "connection_max_messages", opt_int | opt_public,
40 (void *)offsetof(transport_instance, connection_max_messages) },
5ec37a55
PP		 41# ifdef SUPPORT_DANE
42 { "dane_require_tls_ciphers", opt_stringptr,
43 (void *)offsetof(smtp_transport_options_block, dane_require_tls_ciphers) },
44# endif
0756eb3c
PH		 45 { "data_timeout", opt_time,
46 (void *)offsetof(smtp_transport_options_block, data_timeout) },
47 { "delay_after_cutoff", opt_bool,
48 (void *)offsetof(smtp_transport_options_block, delay_after_cutoff) },
80a47a2c 49#ifndef DISABLE_DKIM
f7572e5a 50 { "dkim_canon", opt_stringptr,
ff5aac2b 51 (void *)offsetof(smtp_transport_options_block, dkim.dkim_canon) },
f7572e5a 52 { "dkim_domain", opt_stringptr,
ff5aac2b 53 (void *)offsetof(smtp_transport_options_block, dkim.dkim_domain) },
d73e45df
JH		 54 { "dkim_hash", opt_stringptr,
55 (void *)offsetof(smtp_transport_options_block, dkim.dkim_hash) },
7c6ec81b
JH		 56 { "dkim_identity", opt_stringptr,
57 (void *)offsetof(smtp_transport_options_block, dkim.dkim_identity) },
f7572e5a 58 { "dkim_private_key", opt_stringptr,
ff5aac2b 59 (void *)offsetof(smtp_transport_options_block, dkim.dkim_private_key) },
f7572e5a 60 { "dkim_selector", opt_stringptr,
ff5aac2b 61 (void *)offsetof(smtp_transport_options_block, dkim.dkim_selector) },
f7572e5a 62 { "dkim_sign_headers", opt_stringptr,
ff5aac2b 63 (void *)offsetof(smtp_transport_options_block, dkim.dkim_sign_headers) },
f7572e5a 64 { "dkim_strict", opt_stringptr,
ff5aac2b 65 (void *)offsetof(smtp_transport_options_block, dkim.dkim_strict) },
2bc0f45e
JH		 66 { "dkim_timestamps", opt_stringptr,
67 (void *)offsetof(smtp_transport_options_block, dkim.dkim_timestamps) },
80a47a2c 68#endif
0756eb3c
PH		 69 { "dns_qualify_single", opt_bool,
70 (void *)offsetof(smtp_transport_options_block, dns_qualify_single) },
71 { "dns_search_parents", opt_bool,
72 (void *)offsetof(smtp_transport_options_block, dns_search_parents) },
578897ea 73 { "dnssec_request_domains", opt_stringptr,
7cd171b7 74 (void *)offsetof(smtp_transport_options_block, dnssec.request) },
578897ea 75 { "dnssec_require_domains", opt_stringptr,
7cd171b7 76 (void *)offsetof(smtp_transport_options_block, dnssec.require) },
9e4f5962
PP		 77 { "dscp", opt_stringptr,
78 (void *)offsetof(smtp_transport_options_block, dscp) },
0756eb3c
PH		 79 { "fallback_hosts", opt_stringptr,
80 (void *)offsetof(smtp_transport_options_block, fallback_hosts) },
81 { "final_timeout", opt_time,
82 (void *)offsetof(smtp_transport_options_block, final_timeout) },
83 { "gethostbyname", opt_bool,
84 (void *)offsetof(smtp_transport_options_block, gethostbyname) },
85 { "helo_data", opt_stringptr,
86 (void *)offsetof(smtp_transport_options_block, helo_data) },
87 { "hosts", opt_stringptr,
88 (void *)offsetof(smtp_transport_options_block, hosts) },
89 { "hosts_avoid_esmtp", opt_stringptr,
90 (void *)offsetof(smtp_transport_options_block, hosts_avoid_esmtp) },
c51b8e75
PH		 91 { "hosts_avoid_pipelining", opt_stringptr,
92 (void *)offsetof(smtp_transport_options_block, hosts_avoid_pipelining) },
80a47a2c 93#ifdef SUPPORT_TLS
0756eb3c
PH		 94 { "hosts_avoid_tls", opt_stringptr,
95 (void *)offsetof(smtp_transport_options_block, hosts_avoid_tls) },
80a47a2c 96#endif
0756eb3c
PH		 97 { "hosts_max_try", opt_int,
98 (void *)offsetof(smtp_transport_options_block, hosts_max_try) },
533244af
PH		 99 { "hosts_max_try_hardlimit", opt_int,
100 (void *)offsetof(smtp_transport_options_block, hosts_max_try_hardlimit) },
80a47a2c 101#ifdef SUPPORT_TLS
0756eb3c
PH		 102 { "hosts_nopass_tls", opt_stringptr,
103 (void *)offsetof(smtp_transport_options_block, hosts_nopass_tls) },
875512a3
JH		 104 { "hosts_noproxy_tls", opt_stringptr,
105 (void *)offsetof(smtp_transport_options_block, hosts_noproxy_tls) },
80a47a2c 106#endif
0756eb3c
PH		 107 { "hosts_override", opt_bool,
108 (void *)offsetof(smtp_transport_options_block, hosts_override) },
ee8b8090
JH		 109#ifdef EXPERIMENTAL_PIPE_CONNECT
110 { "hosts_pipe_connect", opt_stringptr,
111 (void *)offsetof(smtp_transport_options_block, hosts_pipe_connect) },
112#endif
0756eb3c
PH		 113 { "hosts_randomize", opt_bool,
114 (void *)offsetof(smtp_transport_options_block, hosts_randomize) },
f2de3a33 115#if defined(SUPPORT_TLS) && !defined(DISABLE_OCSP)
44662487
JH		 116 { "hosts_request_ocsp", opt_stringptr,
117 (void *)offsetof(smtp_transport_options_block, hosts_request_ocsp) },
118#endif
0756eb3c
PH		 119 { "hosts_require_auth", opt_stringptr,
120 (void *)offsetof(smtp_transport_options_block, hosts_require_auth) },
80a47a2c 121#ifdef SUPPORT_TLS
c0635b6d 122# ifdef SUPPORT_DANE
7a31d643
JH		 123 { "hosts_require_dane", opt_stringptr,
124 (void *)offsetof(smtp_transport_options_block, hosts_require_dane) },
125# endif
f2de3a33 126# ifndef DISABLE_OCSP
f5d78688
JH		 127 { "hosts_require_ocsp", opt_stringptr,
128 (void *)offsetof(smtp_transport_options_block, hosts_require_ocsp) },
129# endif
0756eb3c
PH		 130 { "hosts_require_tls", opt_stringptr,
131 (void *)offsetof(smtp_transport_options_block, hosts_require_tls) },
80a47a2c 132#endif
0756eb3c
PH		 133 { "hosts_try_auth", opt_stringptr,
134 (void *)offsetof(smtp_transport_options_block, hosts_try_auth) },
f98442df
JH		 135 { "hosts_try_chunking", opt_stringptr,
136 (void *)offsetof(smtp_transport_options_block, hosts_try_chunking) },
c0635b6d 137#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
96e47838
TL		 138 { "hosts_try_dane", opt_stringptr,
139 (void *)offsetof(smtp_transport_options_block, hosts_try_dane) },
140#endif
fb05276a
JH		 141 { "hosts_try_fastopen", opt_stringptr,
142 (void *)offsetof(smtp_transport_options_block, hosts_try_fastopen) },
8ccd00b1 143#ifndef DISABLE_PRDR
fd98a5c6
JH		 144 { "hosts_try_prdr", opt_stringptr,
145 (void *)offsetof(smtp_transport_options_block, hosts_try_prdr) },
146#endif
99400968
JH		 147#ifdef SUPPORT_TLS
148 { "hosts_verify_avoid_tls", opt_stringptr,
149 (void *)offsetof(smtp_transport_options_block, hosts_verify_avoid_tls) },
150#endif
0756eb3c
PH		 151 { "interface", opt_stringptr,
152 (void *)offsetof(smtp_transport_options_block, interface) },
153 { "keepalive", opt_bool,
154 (void *)offsetof(smtp_transport_options_block, keepalive) },
f1513293
PH		 155 { "lmtp_ignore_quota", opt_bool,
156 (void *)offsetof(smtp_transport_options_block, lmtp_ignore_quota) },
0756eb3c
PH		 157 { "max_rcpt", opt_int | opt_public,
158 (void *)offsetof(transport_instance, max_addresses) },
506900af 159 { "multi_domain", opt_expand_bool | opt_public,
0756eb3c
PH		 160 (void *)offsetof(transport_instance, multi_domain) },
161 { "port", opt_stringptr,
162 (void *)offsetof(smtp_transport_options_block, port) },
163 { "protocol", opt_stringptr,
164 (void *)offsetof(smtp_transport_options_block, protocol) },
9c695f6d 165 { "retry_include_ip_address", opt_expand_bool,
0756eb3c
PH		 166 (void *)offsetof(smtp_transport_options_block, retry_include_ip_address) },
167 { "serialize_hosts", opt_stringptr,
168 (void *)offsetof(smtp_transport_options_block, serialize_hosts) },
169 { "size_addition", opt_int,
1ddf77d0 170 (void *)offsetof(smtp_transport_options_block, size_addition) },
f0989ec0 171#ifdef SUPPORT_SOCKS
1ddf77d0
JH		 172 { "socks_proxy", opt_stringptr,
173 (void *)offsetof(smtp_transport_options_block, socks_proxy) },
7eb6c37c 174#endif
80a47a2c 175#ifdef SUPPORT_TLS
1ddf77d0 176 { "tls_certificate", opt_stringptr,
0756eb3c
PH		 177 (void *)offsetof(smtp_transport_options_block, tls_certificate) },
178 { "tls_crl", opt_stringptr,
179 (void *)offsetof(smtp_transport_options_block, tls_crl) },
54c90be1
PP		 180 { "tls_dh_min_bits", opt_int,
181 (void *)offsetof(smtp_transport_options_block, tls_dh_min_bits) },
0756eb3c
PH		 182 { "tls_privatekey", opt_stringptr,
183 (void *)offsetof(smtp_transport_options_block, tls_privatekey) },
3f0945ff 184 { "tls_require_ciphers", opt_stringptr,
0756eb3c 185 (void *)offsetof(smtp_transport_options_block, tls_require_ciphers) },
3f0945ff
PP		 186 { "tls_sni", opt_stringptr,
187 (void *)offsetof(smtp_transport_options_block, tls_sni) },
0756eb3c
PH		 188 { "tls_tempfail_tryclear", opt_bool,
189 (void *)offsetof(smtp_transport_options_block, tls_tempfail_tryclear) },
a63be306
WB		 190 { "tls_try_verify_hosts", opt_stringptr,
191 (void *)offsetof(smtp_transport_options_block, tls_try_verify_hosts) },
e51c7be2
JH		 192 { "tls_verify_cert_hostnames", opt_stringptr,
193 (void *)offsetof(smtp_transport_options_block,tls_verify_cert_hostnames)},
0756eb3c 194 { "tls_verify_certificates", opt_stringptr,
a63be306
WB		 195 (void *)offsetof(smtp_transport_options_block, tls_verify_certificates) },
196 { "tls_verify_hosts", opt_stringptr,
71c15846
JH		 197 (void *)offsetof(smtp_transport_options_block, tls_verify_hosts) },
198#endif
199#ifdef SUPPORT_I18N
200 { "utf8_downconvert", opt_stringptr,
201 (void *)offsetof(smtp_transport_options_block, utf8_downconvert) },
80a47a2c 202#endif
0756eb3c
PH		 203};
204
205/* Size of the options list. An extern variable has to be used so that its
206address can appear in the tables drtables.c. */
207
71c15846 208int smtp_transport_options_count = nelem(smtp_transport_options);
0756eb3c 209
d185889f
JH		 210
211#ifdef MACRO_PREDEF
212
213/* Dummy values */
214smtp_transport_options_block smtp_transport_option_defaults = {0};
215void smtp_transport_init(transport_instance *tblock) {}
216BOOL smtp_transport_entry(transport_instance *tblock, address_item *addr) {return FALSE;}
217void smtp_transport_closedown(transport_instance *tblock) {}
218
219#else /*!MACRO_PREDEF*/
220
221
0756eb3c
PH		 222/* Default private options block for the smtp transport. */
223
224smtp_transport_options_block smtp_transport_option_defaults = {
838d897c 225 .hosts = NULL,
847cd15f 226 .fallback_hosts = NULL,
838d897c
JH		 227 .hostlist = NULL,
228 .fallback_hostlist = NULL,
838d897c
JH		 229 .helo_data = US"$primary_hostname",
230 .interface = NULL,
231 .port = NULL,
232 .protocol = US"smtp",
233 .dscp = NULL,
234 .serialize_hosts = NULL,
235 .hosts_try_auth = NULL,
236 .hosts_require_auth = NULL,
237 .hosts_try_chunking = US"*",
c0635b6d 238#ifdef SUPPORT_DANE
838d897c
JH		 239 .hosts_try_dane = NULL,
240 .hosts_require_dane = NULL,
5ec37a55 241 .dane_require_tls_ciphers = NULL,
96e47838 242#endif
838d897c 243 .hosts_try_fastopen = NULL,
8ccd00b1 244#ifndef DISABLE_PRDR
838d897c 245 .hosts_try_prdr = US"*",
fd98a5c6 246#endif
f2de3a33 247#ifndef DISABLE_OCSP
838d897c
JH		 248 .hosts_request_ocsp = US"*", /* hosts_request_ocsp (except under DANE; tls_client_start()) */
249 .hosts_require_ocsp = NULL,
f5d78688 250#endif
838d897c
JH		 251 .hosts_require_tls = NULL,
252 .hosts_avoid_tls = NULL,
253 .hosts_verify_avoid_tls = NULL,
254 .hosts_avoid_pipelining = NULL,
ee8b8090
JH		 255#ifdef EXPERIMENTAL_PIPE_CONNECT
256 .hosts_pipe_connect = NULL,
257#endif
838d897c 258 .hosts_avoid_esmtp = NULL,
57cc2785 259#ifdef SUPPORT_TLS
838d897c
JH		 260 .hosts_nopass_tls = NULL,
261 .hosts_noproxy_tls = US"*",
57cc2785 262#endif
838d897c
JH		 263 .command_timeout = 5*60,
264 .connect_timeout = 5*60,
265 .data_timeout = 5*60,
266 .final_timeout = 10*60,
267 .size_addition = 1024,
268 .hosts_max_try = 5,
269 .hosts_max_try_hardlimit = 50,
270 .address_retry_include_sender = TRUE,
271 .allow_localhost = FALSE,
272 .authenticated_sender_force = FALSE,
273 .gethostbyname = FALSE,
274 .dns_qualify_single = TRUE,
275 .dns_search_parents = FALSE,
276 .dnssec = { .request=NULL, .require=NULL },
277 .delay_after_cutoff = TRUE,
278 .hosts_override = FALSE,
279 .hosts_randomize = FALSE,
280 .keepalive = TRUE,
281 .lmtp_ignore_quota = FALSE,
282 .expand_retry_include_ip_address = NULL,
283 .retry_include_ip_address = TRUE,
f0989ec0 284#ifdef SUPPORT_SOCKS
838d897c 285 .socks_proxy = NULL,
b8bf753b 286#endif
80a47a2c 287#ifdef SUPPORT_TLS
838d897c
JH		 288 .tls_certificate = NULL,
289 .tls_crl = NULL,
290 .tls_privatekey = NULL,
291 .tls_require_ciphers = NULL,
292 .tls_sni = NULL,
293 .tls_verify_certificates = US"system",
294 .tls_dh_min_bits = EXIM_CLIENT_DH_DEFAULT_MIN_BITS,
295 .tls_tempfail_tryclear = TRUE,
296 .tls_verify_hosts = NULL,
297 .tls_try_verify_hosts = US"*",
298 .tls_verify_cert_hostnames = US"*",
80a47a2c 299#endif
71c15846
JH		 300#ifdef SUPPORT_I18N
301 .utf8_downconvert = NULL,
302#endif
80a47a2c 303#ifndef DISABLE_DKIM
838d897c
JH		 304 .dkim =
305 {.dkim_domain = NULL,
7c6ec81b 306 .dkim_identity = NULL,
838d897c
JH		 307 .dkim_private_key = NULL,
308 .dkim_selector = NULL,
309 .dkim_canon = NULL,
7c6ec81b 310 .dkim_sign_headers = NULL,
838d897c 311 .dkim_strict = NULL,
d73e45df 312 .dkim_hash = US"sha256",
2bc0f45e 313 .dkim_timestamps = NULL,
617d3932
JH		 314 .dot_stuffed = FALSE,
315 .force_bodyhash = FALSE,
316# ifdef EXPERIMENTAL_ARC
317 .arc_signspec = NULL,
318# endif
319 },
320# ifdef EXPERIMENTAL_ARC
321 .arc_sign = NULL,
322# endif
80a47a2c 323#endif
0756eb3c
PH		 324};
325
6c1c3d1d
WB		 326/* some DSN flags for use later */
327
328static int rf_list[] = {rf_notify_never, rf_notify_success,
329 rf_notify_failure, rf_notify_delay };
330
45500060 331static uschar *rf_names[] = { US"NEVER", US"SUCCESS", US"FAILURE", US"DELAY" };
6c1c3d1d
WB		 332
333
0756eb3c
PH		 334
335/* Local statics */
336
87cb4a16
JH		 337static uschar *smtp_command; /* Points to last cmd for error messages */
338static uschar *mail_command; /* Points to MAIL cmd for error messages */
339static uschar *data_command = US""; /* Points to DATA cmd for error messages */
340static BOOL update_waiting; /* TRUE to update the "wait" database */
875512a3
JH		 341
342/*XXX move to smtp_context */
87cb4a16 343static BOOL pipelining_active; /* current transaction is in pipe mode */
0756eb3c
PH		 344
345
ee8b8090
JH		 346static unsigned ehlo_response(uschar * buf, unsigned checks);
347
348
0756eb3c
PH		 349/*************************************************
350* Setup entry point *
351*************************************************/
352
353/* This function is called when the transport is about to be used,
354but before running it in a sub-process. It is used for two things:
355
356 (1) To set the fallback host list in addresses, when delivering.
26da7e20
PH		 357 (2) To pass back the interface, port, protocol, and other options, for use
358 during callout verification.
0756eb3c
PH		 359
360Arguments:
361 tblock pointer to the transport instance block
362 addrlist list of addresses about to be transported
363 tf if not NULL, pointer to block in which to return options
929ba01c
PH		 364 uid the uid that will be set (not used)
365 gid the gid that will be set (not used)
0756eb3c
PH		 366 errmsg place for error message (not used)
367
368Returns: OK always (FAIL, DEFER not used)
369*/
370
371static int
372smtp_transport_setup(transport_instance *tblock, address_item *addrlist,
929ba01c 373 transport_feedback *tf, uid_t uid, gid_t gid, uschar **errmsg)
0756eb3c 374{
ee8b8090 375smtp_transport_options_block *ob = SOB tblock->options_block;
0756eb3c
PH		 376
377errmsg = errmsg; /* Keep picky compilers happy */
929ba01c
PH		 378uid = uid;
379gid = gid;
0756eb3c
PH		 380
381/* Pass back options if required. This interface is getting very messy. */
382
02b41d71 383if (tf)
0756eb3c
PH		 384 {
385 tf->interface = ob->interface;
386 tf->port = ob->port;
387 tf->protocol = ob->protocol;
388 tf->hosts = ob->hosts;
389 tf->hosts_override = ob->hosts_override;
390 tf->hosts_randomize = ob->hosts_randomize;
391 tf->gethostbyname = ob->gethostbyname;
392 tf->qualify_single = ob->dns_qualify_single;
393 tf->search_parents = ob->dns_search_parents;
26da7e20 394 tf->helo_data = ob->helo_data;
0756eb3c
PH		 395 }
396
397/* Set the fallback host list for all the addresses that don't have fallback
398host lists, provided that the local host wasn't present in the original host
399list. */
400
401if (!testflag(addrlist, af_local_host_removed))
02b41d71
JH		 402 for (; addrlist; addrlist = addrlist->next)
403 if (!addrlist->fallback_hosts) addrlist->fallback_hosts = ob->fallback_hostlist;
0756eb3c
PH		 404
405return OK;
406}
407
408
409
410/*************************************************
411* Initialization entry point *
412*************************************************/
413
414/* Called for each instance, after its options have been read, to
415enable consistency checks to be done, or anything else that needs
416to be set up.
417
418Argument: pointer to the transport instance block
419Returns: nothing
420*/
421
422void
423smtp_transport_init(transport_instance *tblock)
424{
ee8b8090 425smtp_transport_options_block *ob = SOB tblock->options_block;
0756eb3c
PH		 426
427/* Retry_use_local_part defaults FALSE if unset */
428
429if (tblock->retry_use_local_part == TRUE_UNSET)
430 tblock->retry_use_local_part = FALSE;
431
432/* Set the default port according to the protocol */
433
ee8b8090
JH		 434if (!ob->port)
435 ob->port = strcmpic(ob->protocol, US"lmtp") == 0
436 ? US"lmtp"
437 : strcmpic(ob->protocol, US"smtps") == 0
438 ? US"smtps" : US"smtp";
0756eb3c
PH		 439
440/* Set up the setup entry point, to be called before subprocesses for this
441transport. */
442
443tblock->setup = smtp_transport_setup;
444
445/* Complain if any of the timeouts are zero. */
446
447if (ob->command_timeout <= 0 || ob->data_timeout <= 0 ||
448 ob->final_timeout <= 0)
449 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
450 "command, data, or final timeout value is zero for %s transport",
451 tblock->name);
452
453/* If hosts_override is set and there are local hosts, set the global
454flag that stops verify from showing router hosts. */
455
456if (ob->hosts_override && ob->hosts != NULL) tblock->overrides_hosts = TRUE;
457
458/* If there are any fallback hosts listed, build a chain of host items
459for them, but do not do any lookups at this time. */
460
461host_build_hostlist(&(ob->fallback_hostlist), ob->fallback_hosts, FALSE);
462}
463
464
465
466
467
468/*************************************************
469* Set delivery info into all active addresses *
470*************************************************/
471
472/* Only addresses whose status is >= PENDING are relevant. A lesser
473status means that an address is not currently being processed.
474
475Arguments:
447d236c
PH		 476 addrlist points to a chain of addresses
477 errno_value to put in each address's errno field
478 msg to put in each address's message field
479 rc to put in each address's transport_return field
480 pass_message if TRUE, set the "pass message" flag in the address
c562fd30 481 host if set, mark addrs as having used this host
895fbaf2
JH		 482 smtp_greeting from peer
483 helo_response from peer
0756eb3c
PH		 484
485If errno_value has the special value ERRNO_CONNECTTIMEOUT, ETIMEDOUT is put in
486the errno field, and RTEF_CTOUT is ORed into the more_errno field, to indicate
487this particular type of timeout.
488
489Returns: nothing
490*/
491
7cd1141b
PH		 492static void
493set_errno(address_item *addrlist, int errno_value, uschar *msg, int rc,
895fbaf2
JH		 494 BOOL pass_message, host_item * host
495#ifdef EXPERIMENTAL_DSN_INFO
496 , const uschar * smtp_greeting, const uschar * helo_response
497#endif
498 )
0756eb3c
PH		 499{
500address_item *addr;
501int orvalue = 0;
502if (errno_value == ERRNO_CONNECTTIMEOUT)
503 {
504 errno_value = ETIMEDOUT;
505 orvalue = RTEF_CTOUT;
506 }
895fbaf2 507for (addr = addrlist; addr; addr = addr->next)
168dec3b 508 if (addr->transport_return >= PENDING)
447d236c 509 {
168dec3b
JH		 510 addr->basic_errno = errno_value;
511 addr->more_errno |= orvalue;
02b41d71 512 if (msg)
168dec3b
JH		 513 {
514 addr->message = msg;
515 if (pass_message) setflag(addr, af_pass_message);
516 }
517 addr->transport_return = rc;
518 if (host)
895fbaf2 519 {
168dec3b 520 addr->host_used = host;
895fbaf2
JH		 521#ifdef EXPERIMENTAL_DSN_INFO
522 if (smtp_greeting)
523 {uschar * s = Ustrchr(smtp_greeting, '\n'); if (s) *s = '\0';}
524 addr->smtp_greeting = smtp_greeting;
525
526 if (helo_response)
527 {uschar * s = Ustrchr(helo_response, '\n'); if (s) *s = '\0';}
528 addr->helo_response = helo_response;
529#endif
530 }
447d236c 531 }
0756eb3c
PH		 532}
533
895fbaf2
JH		 534static void
535set_errno_nohost(address_item *addrlist, int errno_value, uschar *msg, int rc,
536 BOOL pass_message)
537{
538set_errno(addrlist, errno_value, msg, rc, pass_message, NULL
539#ifdef EXPERIMENTAL_DSN_INFO
540 , NULL, NULL
541#endif
542 );
543}
0756eb3c
PH		 544
545
546/*************************************************
547* Check an SMTP response *
548*************************************************/
549
550/* This function is given an errno code and the SMTP response buffer
551to analyse, together with the host identification for generating messages. It
552sets an appropriate message and puts the first digit of the response code into
553the yield variable. If no response was actually read, a suitable digit is
554chosen.
555
556Arguments:
447d236c
PH		 557 host the current host, to get its name for messages
558 errno_value pointer to the errno value
559 more_errno from the top address for use with ERRNO_FILTER_FAIL
560 buffer the SMTP response buffer
561 yield where to put a one-digit SMTP response code
4c04137d 562 message where to put an error message
447d236c
PH		 563 pass_message set TRUE if message is an SMTP response
564
565Returns: TRUE if an SMTP "QUIT" command should be sent, else FALSE
0756eb3c
PH		 566*/
567
a7538db1
JH		 568static BOOL
569check_response(host_item *host, int *errno_value, int more_errno,
447d236c 570 uschar *buffer, int *yield, uschar **message, BOOL *pass_message)
0756eb3c 571{
0d9fa8c0 572uschar * pl = pipelining_active ? US"pipelined " : US"";
e9166683 573const uschar * s;
0756eb3c
PH		 574
575*yield = '4'; /* Default setting is to give a temporary error */
576
e9166683 577switch(*errno_value)
0756eb3c 578 {
e9166683
JH		 579 case ETIMEDOUT: /* Handle response timeout */
580 *message = US string_sprintf("SMTP timeout after %s%s",
581 pl, smtp_command);
582 if (transport_count > 0)
583 *message = US string_sprintf("%s (%d bytes written)", *message,
584 transport_count);
585 return FALSE;
586
587 case ERRNO_SMTPFORMAT: /* Handle malformed SMTP response */
588 s = string_printing(buffer);
589 while (isspace(*s)) s++;
590 *message = *s == 0
591 ? string_sprintf("Malformed SMTP reply (an empty line) "
592 "in response to %s%s", pl, smtp_command)
593 : string_sprintf("Malformed SMTP reply in response to %s%s: %s",
594 pl, smtp_command, s);
595 return FALSE;
596
597 case ERRNO_FILTER_FAIL: /* Handle a failed filter process error;
598 can't send QUIT as we mustn't end the DATA. */
599 *message = string_sprintf("transport filter process failed (%d)%s",
600 more_errno,
601 more_errno == EX_EXECFAILED ? ": unable to execute command" : "");
602 return FALSE;
603
604 case ERRNO_CHHEADER_FAIL: /* Handle a failed add_headers expansion;
605 can't send QUIT as we mustn't end the DATA. */
606 *message =
607 string_sprintf("failed to expand headers_add or headers_remove: %s",
608 expand_string_message);
609 return FALSE;
610
611 case ERRNO_WRITEINCOMPLETE: /* failure to write a complete data block */
612 *message = string_sprintf("failed to write a data block");
613 return FALSE;
0756eb3c 614
8c5d388a 615#ifdef SUPPORT_I18N
e9166683
JH		 616 case ERRNO_UTF8_FWD: /* no advertised SMTPUTF8, for international message */
617 *message = US"utf8 support required but not offered for forwarding";
618 DEBUG(D_deliver|D_transport) debug_printf("%s\n", *message);
619 return TRUE;
250b6871 620#endif
e9166683 621 }
250b6871 622
0756eb3c
PH		 623/* Handle error responses from the remote mailer. */
624
625if (buffer[0] != 0)
626 {
e9166683
JH		 627 *message = string_sprintf("SMTP error from remote mail server after %s%s: "
628 "%s", pl, smtp_command, s = string_printing(buffer));
447d236c 629 *pass_message = TRUE;
0756eb3c
PH		 630 *yield = buffer[0];
631 return TRUE;
632 }
633
634/* No data was read. If there is no errno, this must be the EOF (i.e.
19b9dc85
PH		 635connection closed) case, which causes deferral. An explicit connection reset
636error has the same effect. Otherwise, put the host's identity in the message,
637leaving the errno value to be interpreted as well. In all cases, we have to
638assume the connection is now dead. */
0756eb3c 639
19b9dc85 640if (*errno_value == 0 || *errno_value == ECONNRESET)
0756eb3c
PH		 641 {
642 *errno_value = ERRNO_SMTPCLOSED;
c562fd30 643 *message = US string_sprintf("Remote host closed connection "
02b41d71 644 "in response to %s%s", pl, smtp_command);
0756eb3c 645 }
de6273b4
JH		 646else
647 *message = US string_sprintf("%s [%s]", host->name, host->address);
0756eb3c
PH		 648
649return FALSE;
650}
651
652
653
654/*************************************************
655* Write error message to logs *
656*************************************************/
657
658/* This writes to the main log and to the message log.
659
660Arguments:
0756eb3c 661 host the current host
ec62d0a9
HSHR		 662 detail the current message (addr_item->message)
663 basic_errno the errno (addr_item->basic_errno)
0756eb3c
PH		 664
665Returns: nothing
666*/
667
668static void
ec62d0a9 669write_logs(const host_item *host, const uschar *suffix, int basic_errno)
0756eb3c 670{
52f12a7c
JH		 671gstring * message = LOGGING(outgoing_port)
672 ? string_fmt_append(NULL, "H=%s [%s]:%d", host->name, host->address,
584ddd64 673 host->port == PORT_NONE ? 25 : host->port)
52f12a7c 674 : string_fmt_append(NULL, "H=%s [%s]", host->name, host->address);
c562fd30 675
ec62d0a9 676if (suffix)
0756eb3c 677 {
52f12a7c 678 message = string_fmt_append(message, ": %s", suffix);
ec62d0a9 679 if (basic_errno > 0)
52f12a7c 680 message = string_fmt_append(message, ": %s", strerror(basic_errno));
0756eb3c
PH		 681 }
682else
52f12a7c 683 message = string_fmt_append(message, " %s", exim_errstr(basic_errno));
ec62d0a9 684
52f12a7c
JH		 685log_write(0, LOG_MAIN, "%s", string_from_gstring(message));
686deliver_msglog("%s %s\n", tod_stamp(tod_log), message->s);
0756eb3c
PH		 687}
688
c562fd30
JH		 689static void
690msglog_line(host_item * host, uschar * message)
691{
37f3dc43
JH		 692deliver_msglog("%s H=%s [%s] %s\n", tod_stamp(tod_log),
693 host->name, host->address, message);
c562fd30
JH		 694}
695
0756eb3c
PH		 696
697
0cbf2b82 698#ifndef DISABLE_EVENT
d68218c7
JH		 699/*************************************************
700* Post-defer action *
701*************************************************/
702
703/* This expands an arbitrary per-transport string.
704 It might, for example, be used to write to the database log.
705
706Arguments:
d68218c7
JH		 707 addr the address item containing error information
708 host the current host
709
710Returns: nothing
711*/
712
713static void
774ef2d7 714deferred_event_raise(address_item *addr, host_item *host)
d68218c7 715{
774ef2d7 716uschar * action = addr->transport->event_action;
55414b25 717const uschar * save_domain;
a7538db1
JH		 718uschar * save_local;
719
d68218c7 720if (!action)
a7538db1 721 return;
d68218c7 722
a7538db1
JH		 723save_domain = deliver_domain;
724save_local = deliver_localpart;
725
726/*XXX would ip & port already be set up? */
727deliver_host_address = string_copy(host->address);
774ef2d7
JH		 728deliver_host_port = host->port == PORT_NONE ? 25 : host->port;
729event_defer_errno = addr->basic_errno;
d68218c7
JH		 730
731router_name = addr->router->name;
732transport_name = addr->transport->name;
a7538db1
JH		 733deliver_domain = addr->domain;
734deliver_localpart = addr->local_part;
735
774ef2d7 736(void) event_raise(action, US"msg:host:defer",
a7538db1
JH		 737 addr->message
738 ? addr->basic_errno > 0
739 ? string_sprintf("%s: %s", addr->message, strerror(addr->basic_errno))
740 : string_copy(addr->message)
741 : addr->basic_errno > 0
742 ? string_copy(US strerror(addr->basic_errno))
743 : NULL);
744
745deliver_localpart = save_local;
746deliver_domain = save_domain;
d68218c7
JH		 747router_name = transport_name = NULL;
748}
749#endif
750
0756eb3c 751/*************************************************
ee8b8090
JH		 752* Reap SMTP specific responses *
753*************************************************/
754static int
755smtp_discard_responses(smtp_context * sx, smtp_transport_options_block * ob,
756 int count)
757{
758uschar flushbuffer[4096];
759
760while (count-- > 0)
761 {
762 if (!smtp_read_response(sx, flushbuffer, sizeof(flushbuffer),
763 '2', ob->command_timeout)
764 && (errno != 0 || flushbuffer[0] == 0))
765 break;
766 }
767return count;
768}
769
770
771/* Return boolean success */
772
773static BOOL
774smtp_reap_banner(smtp_context * sx)
775{
776BOOL good_response = smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
777 '2', (SOB sx->conn_args.ob)->command_timeout);
778#ifdef EXPERIMENTAL_DSN_INFO
779sx->smtp_greeting = string_copy(sx->buffer);
780#endif
781return good_response;
782}
783
784static BOOL
785smtp_reap_ehlo(smtp_context * sx)
786{
787if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
788 (SOB sx->conn_args.ob)->command_timeout))
789 {
790 if (errno != 0 || sx->buffer[0] == 0 || sx->lmtp)
791 {
792#ifdef EXPERIMENTAL_DSN_INFO
793 sx->helo_response = string_copy(sx->buffer);
794#endif
795 return FALSE;
796 }
797 sx->esmtp = FALSE;
798 }
799#ifdef EXPERIMENTAL_DSN_INFO
800sx->helo_response = string_copy(sx->buffer);
801#endif
802return TRUE;
803}
804
805
806
807#ifdef EXPERIMENTAL_PIPE_CONNECT
808static uschar *
809ehlo_cache_key(const smtp_context * sx)
810{
811host_item * host = sx->conn_args.host;
812return Ustrchr(host->address, ':')
813 ? string_sprintf("[%s]:%d.EHLO", host->address,
814 host->port == PORT_NONE ? sx->port : host->port)
815 : string_sprintf("%s:%d.EHLO", host->address,
816 host->port == PORT_NONE ? sx->port : host->port);
817}
818
819static void
820write_ehlo_cache_entry(const smtp_context * sx)
821{
822open_db dbblock, * dbm_file;
823
824if ((dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE)))
825 {
826 uschar * ehlo_resp_key = ehlo_cache_key(sx);
827 dbdata_ehlo_resp er = { .data = sx->ehlo_resp };
828
cb6bd80f
JH		 829 HDEBUG(D_transport) debug_printf("writing clr %04x/%04x cry %04x/%04x\n",
830 sx->ehlo_resp.cleartext_features, sx->ehlo_resp.cleartext_auths,
831 sx->ehlo_resp.crypted_features, sx->ehlo_resp.crypted_auths);
832
ee8b8090
JH		 833 dbfn_write(dbm_file, ehlo_resp_key, &er, (int)sizeof(er));
834 dbfn_close(dbm_file);
835 }
836}
837
838static void
839invalidate_ehlo_cache_entry(smtp_context * sx)
840{
841open_db dbblock, * dbm_file;
842
843if ( sx->early_pipe_active
844 && (dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE)))
845 {
846 uschar * ehlo_resp_key = ehlo_cache_key(sx);
847 dbfn_delete(dbm_file, ehlo_resp_key);
848 dbfn_close(dbm_file);
849 }
850}
851
852static BOOL
853read_ehlo_cache_entry(smtp_context * sx)
854{
855open_db dbblock;
856open_db * dbm_file;
857
858if (!(dbm_file = dbfn_open(US"misc", O_RDONLY, &dbblock, FALSE)))
859 { DEBUG(D_transport) debug_printf("ehlo-cache: no misc DB\n"); }
860else
861 {
862 uschar * ehlo_resp_key = ehlo_cache_key(sx);
863 dbdata_ehlo_resp * er;
864
865 if (!(er = dbfn_read(dbm_file, ehlo_resp_key)))
866 { DEBUG(D_transport) debug_printf("no ehlo-resp record\n"); }
867 else if (time(NULL) - er->time_stamp > retry_data_expire)
868 {
869 DEBUG(D_transport) debug_printf("ehlo-resp record too old\n");
870 dbfn_close(dbm_file);
871 if ((dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE)))
872 dbfn_delete(dbm_file, ehlo_resp_key);
873 }
874 else
875 {
876 sx->ehlo_resp = er->data;
877 dbfn_close(dbm_file);
878 DEBUG(D_transport) debug_printf(
879 "EHLO response bits from cache: cleartext 0x%04x crypted 0x%04x\n",
880 er->data.cleartext_features, er->data.crypted_features);
881 return TRUE;
882 }
883 dbfn_close(dbm_file);
884 }
885return FALSE;
886}
887
888
889
890/* Return an auths bitmap for the set of AUTH methods offered by the server
891which match our authenticators. */
892
893static unsigned short
894study_ehlo_auths(smtp_context * sx)
895{
896uschar * names;
897auth_instance * au;
898uschar authnum;
899unsigned short authbits = 0;
900
901if (!sx->esmtp) return 0;
902if (!regex_AUTH) regex_AUTH = regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
903if (!regex_match_and_setup(regex_AUTH, sx->buffer, 0, -1)) return 0;
904expand_nmax = -1; /* reset */
905names = string_copyn(expand_nstring[1], expand_nlength[1]);
906
907for (au = auths, authnum = 0; au; au = au->next, authnum++) if (au->client)
908 {
909 const uschar * list = names;
910 int sep = ' ';
911 uschar name[32];
912
913 while (string_nextinlist(&list, &sep, name, sizeof(name)))
914 if (strcmpic(au->public_name, name) == 0)
915 { authbits |= BIT(authnum); break; }
916 }
917
918DEBUG(D_transport)
919 debug_printf("server offers %s AUTH, methods '%s', bitmap 0x%04x\n",
920 tls_out.active.sock >= 0 ? "crypted" : "plaintext", names, authbits);
921
922if (tls_out.active.sock >= 0)
923 sx->ehlo_resp.crypted_auths = authbits;
924else
925 sx->ehlo_resp.cleartext_auths = authbits;
926return authbits;
927}
928
929
930
931
932/* Wait for and check responses for early-pipelining.
933
934Called from the lower-level smtp_read_response() function
935used for general code that assume synchronisation, if context
936flags indicate outstanding early-pipelining commands. Also
937called fom sync_responses() which handles pipelined commands.
938
939Arguments:
940 sx smtp connection context
941 countp number of outstanding responses, adjusted on return
942
943Return:
944 OK all well
945 FAIL SMTP error in response
946*/
947int
948smtp_reap_early_pipe(smtp_context * sx, int * countp)
949{
950BOOL pending_BANNER = sx->pending_BANNER;
951BOOL pending_EHLO = sx->pending_EHLO;
952
953sx->pending_BANNER = FALSE; /* clear early to avoid recursion */
954sx->pending_EHLO = FALSE;
955
956if (pending_BANNER)
957 {
958 DEBUG(D_transport) debug_printf("%s expect banner\n", __FUNCTION__);
959 (*countp)--;
960 if (!smtp_reap_banner(sx))
961 {
962 DEBUG(D_transport) debug_printf("bad banner\n");
963 goto fail;
964 }
965 }
966
967if (pending_EHLO)
968 {
969 unsigned peer_offered;
970 unsigned short authbits = 0, * ap;
971
972 DEBUG(D_transport) debug_printf("%s expect ehlo\n", __FUNCTION__);
973 (*countp)--;
974 if (!smtp_reap_ehlo(sx))
975 {
976 DEBUG(D_transport) debug_printf("bad response for EHLO\n");
977 goto fail;
978 }
979
980 /* Compare the actual EHLO response to the cached value we assumed;
981 on difference, dump or rewrite the cache and arrange for a retry. */
982
983 ap = tls_out.active.sock < 0
984 ? &sx->ehlo_resp.cleartext_auths : &sx->ehlo_resp.crypted_auths;
985
986 peer_offered = ehlo_response(sx->buffer,
987 (tls_out.active.sock < 0 ? OPTION_TLS : OPTION_REQUIRETLS)
988 | OPTION_CHUNKING | OPTION_PRDR | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
989 | OPTION_UTF8 | OPTION_EARLY_PIPE
990 );
991 if ( peer_offered != sx->peer_offered
992 || (authbits = study_ehlo_auths(sx)) != *ap)
993 {
994 HDEBUG(D_transport)
cb6bd80f
JH		 995 debug_printf("EHLO %s extensions changed, 0x%04x/0x%04x -> 0x%04x/0x%04x\n",
996 tls_out.active.sock < 0 ? "cleartext" : "crypted",
ee8b8090 997 sx->peer_offered, *ap, peer_offered, authbits);
cb6bd80f
JH		 998 *(tls_out.active.sock < 0
999 ? &sx->ehlo_resp.cleartext_features : &sx->ehlo_resp.crypted_features) = peer_offered;
ee8b8090
JH		 1000 *ap = authbits;
1001 if (peer_offered & OPTION_EARLY_PIPE)
1002 write_ehlo_cache_entry(sx);
1003 else
1004 invalidate_ehlo_cache_entry(sx);
1005
1006 return OK; /* just carry on */
1007 }
1008 }
1009return OK;
1010
1011fail:
1012 invalidate_ehlo_cache_entry(sx);
1013 (void) smtp_discard_responses(sx, sx->conn_args.ob, *countp);
1014 return FAIL;
1015}
1016#endif
1017
1018
1019/*************************************************
0756eb3c
PH		 1020* Synchronize SMTP responses *
1021*************************************************/
1022
1023/* This function is called from smtp_deliver() to receive SMTP responses from
1024the server, and match them up with the commands to which they relate. When
1025PIPELINING is not in use, this function is called after every command, and is
1026therefore somewhat over-engineered, but it is simpler to use a single scheme
1027that works both with and without PIPELINING instead of having two separate sets
1028of code.
1029
1030The set of commands that are buffered up with pipelining may start with MAIL
1031and may end with DATA; in between are RCPT commands that correspond to the
1032addresses whose status is PENDING_DEFER. All other commands (STARTTLS, AUTH,
1033etc.) are never buffered.
1034
1035Errors after MAIL or DATA abort the whole process leaving the response in the
1036buffer. After MAIL, pending responses are flushed, and the original command is
1037re-instated in big_buffer for error messages. For RCPT commands, the remote is
1038permitted to reject some recipient addresses while accepting others. However
1039certain errors clearly abort the whole process. Set the value in
1040transport_return to PENDING_OK if the address is accepted. If there is a
1041subsequent general error, it will get reset accordingly. If not, it will get
1042converted to OK at the end.
1043
1044Arguments:
df5b41e3 1045 sx smtp connection context
48c7f9e2 1046 count the number of responses to read
48c7f9e2
PH		 1047 pending_DATA 0 if last command sent was not DATA
1048 +1 if previously had a good recipient
1049 -1 if not previously had a good recipient
0756eb3c
PH		 1050
1051Returns: 3 if at least one address had 2xx and one had 5xx
1052 2 if at least one address had 5xx but none had 2xx
1053 1 if at least one host had a 2xx response, but none had 5xx
1054 0 no address had 2xx or 5xx but no errors (all 4xx, or just DATA)
1055 -1 timeout while reading RCPT response
1056 -2 I/O or other non-response error for RCPT
1057 -3 DATA or MAIL failed - errno and buffer set
ee8b8090 1058 -4 banner or EHLO failed (early-pipelining)
0756eb3c
PH		 1059*/
1060
1061static int
df5b41e3 1062sync_responses(smtp_context * sx, int count, int pending_DATA)
0756eb3c 1063{
ee8b8090
JH		 1064address_item * addr = sx->sync_addr;
1065smtp_transport_options_block * ob = sx->conn_args.ob;
0756eb3c
PH		 1066int yield = 0;
1067
ee8b8090
JH		 1068#ifdef EXPERIMENTAL_PIPE_CONNECT
1069if (smtp_reap_early_pipe(sx, &count) != OK)
1070 return -4;
1071#endif
1072
0756eb3c
PH		 1073/* Handle the response for a MAIL command. On error, reinstate the original
1074command in big_buffer for error message use, and flush any further pending
1075responses before returning, except after I/O errors and timeouts. */
1076
df5b41e3 1077if (sx->pending_MAIL)
0756eb3c 1078 {
7c576fca 1079 DEBUG(D_transport) debug_printf("%s expect mail\n", __FUNCTION__);
0756eb3c 1080 count--;
251b9eb4 1081 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
e9166683 1082 '2', ob->command_timeout))
0756eb3c 1083 {
e027f545 1084 DEBUG(D_transport) debug_printf("bad response for MAIL\n");
0756eb3c 1085 Ustrcpy(big_buffer, mail_command); /* Fits, because it came from there! */
df5b41e3 1086 if (errno == 0 && sx->buffer[0] != 0)
0756eb3c 1087 {
e97957bc 1088 int save_errno = 0;
df5b41e3 1089 if (sx->buffer[0] == '4')
e97957bc
PH		 1090 {
1091 save_errno = ERRNO_MAIL4XX;
df5b41e3 1092 addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
e97957bc 1093 }
ee8b8090 1094 count = smtp_discard_responses(sx, ob, count);
e97957bc 1095 errno = save_errno;
0756eb3c 1096 }
c562fd30
JH		 1097
1098 if (pending_DATA) count--; /* Number of RCPT responses to come */
1099 while (count-- > 0) /* Mark any pending addrs with the host used */
1100 {
1101 while (addr->transport_return != PENDING_DEFER) addr = addr->next;
ee8b8090 1102 addr->host_used = sx->conn_args.host;
c562fd30
JH		 1103 addr = addr->next;
1104 }
0756eb3c
PH		 1105 return -3;
1106 }
1107 }
1108
1109if (pending_DATA) count--; /* Number of RCPT responses to come */
1110
1111/* Read and handle the required number of RCPT responses, matching each one up
1112with an address by scanning for the next address whose status is PENDING_DEFER.
1113*/
1114
1115while (count-- > 0)
1116 {
4c2471ca
JH		 1117 while (addr->transport_return != PENDING_DEFER)
1118 if (!(addr = addr->next))
1119 return -2;
0756eb3c
PH		 1120
1121 /* The address was accepted */
ee8b8090 1122 addr->host_used = sx->conn_args.host;
0756eb3c 1123
7c576fca 1124 DEBUG(D_transport) debug_printf("%s expect rcpt\n", __FUNCTION__);
251b9eb4 1125 if (smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
e9166683 1126 '2', ob->command_timeout))
0756eb3c
PH		 1127 {
1128 yield |= 1;
1129 addr->transport_return = PENDING_OK;
1130
1131 /* If af_dr_retry_exists is set, there was a routing delay on this address;
09945f1e
PH		 1132 ensure that any address-specific retry record is expunged. We do this both
1133 for the basic key and for the version that also includes the sender. */
0756eb3c
PH		 1134
1135 if (testflag(addr, af_dr_retry_exists))
09945f1e
PH		 1136 {
1137 uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
1138 sender_address);
1139 retry_add_item(addr, altkey, rf_delete);
0756eb3c 1140 retry_add_item(addr, addr->address_retry_key, rf_delete);
09945f1e 1141 }
0756eb3c
PH		 1142 }
1143
1144 /* Timeout while reading the response */
1145
1146 else if (errno == ETIMEDOUT)
1147 {
c562fd30 1148 uschar *message = string_sprintf("SMTP timeout after RCPT TO:<%s>",
ee8b8090 1149 transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes));
df5b41e3 1150 set_errno_nohost(sx->first_addr, ETIMEDOUT, message, DEFER, FALSE);
0756eb3c 1151 retry_add_item(addr, addr->address_retry_key, 0);
f6c332bd 1152 update_waiting = FALSE;
0756eb3c
PH		 1153 return -1;
1154 }
1155
1156 /* Handle other errors in obtaining an SMTP response by returning -1. This
1157 will cause all the addresses to be deferred. Restore the SMTP command in
1158 big_buffer for which we are checking the response, so the error message
1159 makes sense. */
1160
df5b41e3 1161 else if (errno != 0 || sx->buffer[0] == 0)
0756eb3c
PH		 1162 {
1163 string_format(big_buffer, big_buffer_size, "RCPT TO:<%s>",
ee8b8090 1164 transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes));
0756eb3c
PH		 1165 return -2;
1166 }
1167
1168 /* Handle SMTP permanent and temporary response codes. */
1169
1170 else
1171 {
1172 addr->message =
447d236c 1173 string_sprintf("SMTP error from remote mail server after RCPT TO:<%s>: "
ee8b8090 1174 "%s", transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes),
df5b41e3 1175 string_printing(sx->buffer));
447d236c 1176 setflag(addr, af_pass_message);
e9166683 1177 if (!sx->verify)
ee8b8090 1178 msglog_line(sx->conn_args.host, addr->message);
0756eb3c
PH		 1179
1180 /* The response was 5xx */
1181
df5b41e3 1182 if (sx->buffer[0] == '5')
0756eb3c
PH		 1183 {
1184 addr->transport_return = FAIL;
1185 yield |= 2;
1186 }
1187
1188 /* The response was 4xx */
1189
1190 else
1191 {
0756eb3c
PH		 1192 addr->transport_return = DEFER;
1193 addr->basic_errno = ERRNO_RCPT4XX;
df5b41e3 1194 addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
0756eb3c 1195
e9166683
JH		 1196 if (!sx->verify)
1197 {
0cbf2b82 1198#ifndef DISABLE_EVENT
e9166683
JH		 1199 event_defer_errno = addr->more_errno;
1200 msg_event_raise(US"msg:rcpt:host:defer", addr);
5ef5dd52
JB		 1201#endif
1202
e9166683
JH		 1203 /* Log temporary errors if there are more hosts to be tried.
1204 If not, log this last one in the == line. */
0756eb3c 1205
ee8b8090 1206 if (sx->conn_args.host->next)
67ea939c
JH		 1207 if (LOGGING(outgoing_port))
1208 log_write(0, LOG_MAIN, "H=%s [%s]:%d %s", sx->conn_args.host->name,
1209 sx->conn_args.host->address,
1210 sx->port == PORT_NONE ? 25 : sx->port, addr->message);
1211 else
1212 log_write(0, LOG_MAIN, "H=%s [%s]: %s", sx->conn_args.host->name,
1213 sx->conn_args.host->address, addr->message);
0756eb3c 1214
0cbf2b82 1215#ifndef DISABLE_EVENT
e9166683
JH		 1216 else
1217 msg_event_raise(US"msg:rcpt:defer", addr);
5ef5dd52
JB		 1218#endif
1219
e9166683
JH		 1220 /* Do not put this message on the list of those waiting for specific
1221 hosts, as otherwise it is likely to be tried too often. */
0756eb3c 1222
e9166683 1223 update_waiting = FALSE;
0756eb3c 1224
e9166683
JH		 1225 /* Add a retry item for the address so that it doesn't get tried again
1226 too soon. If address_retry_include_sender is true, add the sender address
1227 to the retry key. */
0756eb3c 1228
e9166683
JH		 1229 retry_add_item(addr,
1230 ob->address_retry_include_sender
1231 ? string_sprintf("%s:<%s>", addr->address_retry_key, sender_address)
1232 : addr->address_retry_key,
1233 0);
1234 }
0756eb3c
PH		 1235 }
1236 }
1237 } /* Loop for next RCPT response */
1238
1239/* Update where to start at for the next block of responses, unless we
1240have already handled all the addresses. */
1241
e9166683 1242if (addr) sx->sync_addr = addr->next;
0756eb3c
PH		 1243
1244/* Handle a response to DATA. If we have not had any good recipients, either
1245previously or in this block, the response is ignored. */
1246
7c576fca 1247if (pending_DATA != 0)
0756eb3c 1248 {
7c576fca 1249 DEBUG(D_transport) debug_printf("%s expect data\n", __FUNCTION__);
251b9eb4 1250 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
7c576fca 1251 '3', ob->command_timeout))
e97957bc 1252 {
7c576fca
JH		 1253 int code;
1254 uschar *msg;
1255 BOOL pass_message;
1256 if (pending_DATA > 0 || (yield & 1) != 0)
e97957bc 1257 {
7c576fca
JH		 1258 if (errno == 0 && sx->buffer[0] == '4')
1259 {
1260 errno = ERRNO_DATA4XX;
1261 sx->first_addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
1262 }
1263 return -3;
e97957bc 1264 }
ee8b8090 1265 (void)check_response(sx->conn_args.host, &errno, 0, sx->buffer, &code, &msg, &pass_message);
7c576fca
JH		 1266 DEBUG(D_transport) debug_printf("%s\nerror for DATA ignored: pipelining "
1267 "is in use and there were no good recipients\n", msg);
e97957bc 1268 }
0756eb3c
PH		 1269 }
1270
1271/* All responses read and handled; MAIL (if present) received 2xx and DATA (if
1272present) received 3xx. If any RCPTs were handled and yielded anything other
1273than 4xx, yield will be set non-zero. */
1274
1275return yield;
1276}
1277
1278
1279
ee8b8090
JH		 1280
1281
1282/* Try an authenticator's client entry */
1283
1284static int
1285try_authenticator(smtp_context * sx, auth_instance * au)
1286{
1287smtp_transport_options_block * ob = sx->conn_args.ob; /* transport options */
1288host_item * host = sx->conn_args.host; /* host to deliver to */
1289int rc;
1290
1291sx->outblock.authenticating = TRUE;
1292rc = (au->info->clientcode)(au, sx, ob->command_timeout,
1293 sx->buffer, sizeof(sx->buffer));
1294sx->outblock.authenticating = FALSE;
1295DEBUG(D_transport) debug_printf("%s authenticator yielded %d\n", au->name, rc);
1296
1297/* A temporary authentication failure must hold up delivery to
1298this host. After a permanent authentication failure, we carry on
1299to try other authentication methods. If all fail hard, try to
1300deliver the message unauthenticated unless require_auth was set. */
1301
1302switch(rc)
1303 {
1304 case OK:
1305 f.smtp_authenticated = TRUE; /* stops the outer loop */
1306 client_authenticator = au->name;
1307 if (au->set_client_id)
1308 client_authenticated_id = expand_string(au->set_client_id);
1309 break;
1310
1311 /* Failure after writing a command */
1312
1313 case FAIL_SEND:
1314 return FAIL_SEND;
1315
1316 /* Failure after reading a response */
1317
1318 case FAIL:
1319 if (errno != 0 || sx->buffer[0] != '5') return FAIL;
1320 log_write(0, LOG_MAIN, "%s authenticator failed H=%s [%s] %s",
1321 au->name, host->name, host->address, sx->buffer);
1322 break;
1323
1324 /* Failure by some other means. In effect, the authenticator
1325 decided it wasn't prepared to handle this case. Typically this
1326 is the result of "fail" in an expansion string. Do we need to
1327 log anything here? Feb 2006: a message is now put in the buffer
1328 if logging is required. */
1329
1330 case CANCELLED:
1331 if (*sx->buffer != 0)
1332 log_write(0, LOG_MAIN, "%s authenticator cancelled "
1333 "authentication H=%s [%s] %s", au->name, host->name,
1334 host->address, sx->buffer);
1335 break;
1336
1337 /* Internal problem, message in buffer. */
1338
1339 case ERROR:
1340 set_errno_nohost(sx->addrlist, ERRNO_AUTHPROB, string_copy(sx->buffer),
1341 DEFER, FALSE);
1342 return ERROR;
1343 }
1344return OK;
1345}
1346
1347
1348
1349
1350/* Do the client side of smtp-level authentication.
1351
fcc8e047 1352Arguments:
ee8b8090
JH		 1353 sx smtp connection context
1354
1355sx->buffer should have the EHLO response from server (gets overwritten)
fcc8e047
JH		 1356
1357Returns:
1358 OK Success, or failed (but not required): global "smtp_authenticated" set
1359 DEFER Failed authentication (and was required)
1360 ERROR Internal problem
1361
1362 FAIL_SEND Failed communications - transmit
1363 FAIL - response
1364*/
1365
251b9eb4 1366static int
ee8b8090 1367smtp_auth(smtp_context * sx)
fcc8e047 1368{
ee8b8090
JH		 1369host_item * host = sx->conn_args.host; /* host to deliver to */
1370smtp_transport_options_block * ob = sx->conn_args.ob; /* transport options */
1371int require_auth = verify_check_given_host(CUSS &ob->hosts_require_auth, host);
1372#ifdef EXPERIMENTAL_PIPE_CONNECT
1373unsigned short authbits = tls_out.active.sock >= 0
1374 ? sx->ehlo_resp.crypted_auths : sx->ehlo_resp.cleartext_auths;
1375#endif
1376uschar * fail_reason = US"server did not advertise AUTH support";
fcc8e047 1377
8768d548 1378f.smtp_authenticated = FALSE;
a7538db1 1379client_authenticator = client_authenticated_id = client_authenticated_sender = NULL;
fcc8e047 1380
ee8b8090
JH		 1381if (!regex_AUTH)
1382 regex_AUTH = regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
1383
1384/* Is the server offering AUTH? */
fcc8e047 1385
ee8b8090
JH		 1386if ( sx->esmtp
1387 &&
1388#ifdef EXPERIMENTAL_PIPE_CONNECT
1389 sx->early_pipe_active ? authbits
1390 :
1391#endif
1392 regex_match_and_setup(regex_AUTH, sx->buffer, 0, -1)
1393 )
a7538db1 1394 {
ee8b8090 1395 uschar * names = NULL;
a7538db1 1396 expand_nmax = -1; /* reset */
fcc8e047 1397
ee8b8090
JH		 1398#ifdef EXPERIMENTAL_PIPE_CONNECT
1399 if (!sx->early_pipe_active)
1400#endif
1401 names = string_copyn(expand_nstring[1], expand_nlength[1]);
1402
a7538db1 1403 /* Must not do this check until after we have saved the result of the
ee8b8090 1404 regex match above as the check could be another RE. */
fcc8e047 1405
ee8b8090
JH		 1406 if ( require_auth == OK
1407 || verify_check_given_host(CUSS &ob->hosts_try_auth, host) == OK)
a7538db1 1408 {
ee8b8090 1409 auth_instance * au;
fcc8e047 1410
a7538db1 1411 DEBUG(D_transport) debug_printf("scanning authentication mechanisms\n");
ee8b8090
JH		 1412 fail_reason = US"no common mechanisms were found";
1413
1414#ifdef EXPERIMENTAL_PIPE_CONNECT
1415 if (sx->early_pipe_active)
1416 {
1417 /* Scan our authenticators (which support use by a client and were offered
1418 by the server (checked at cache-write time)), not suppressed by
1419 client_condition. If one is found, attempt to authenticate by calling its
1420 client function. We are limited to supporting up to 16 authenticator
1421 public-names by the number of bits in a short. */
1422
1423 uschar bitnum;
1424 int rc;
1425
1426 for (bitnum = 0, au = auths;
1427 !f.smtp_authenticated && au && bitnum < 16;
1428 bitnum++, au = au->next) if (authbits & BIT(bitnum))
1429 {
1430 if ( au->client_condition
1431 && !expand_check_condition(au->client_condition, au->name,
1432 US"client authenticator"))
1433 {
1434 DEBUG(D_transport) debug_printf("skipping %s authenticator: %s\n",
1435 au->name, "client_condition is false");
1436 continue;
1437 }
1438
1439 /* Found data for a listed mechanism. Call its client entry. Set
1440 a flag in the outblock so that data is overwritten after sending so
1441 that reflections don't show it. */
1442
1443 fail_reason = US"authentication attempt(s) failed";
1444
1445 if ((rc = try_authenticator(sx, au)) != OK)
1446 return rc;
1447 }
1448 }
1449 else
1450#endif
fcc8e047 1451
a7538db1
JH		 1452 /* Scan the configured authenticators looking for one which is configured
1453 for use as a client, which is not suppressed by client_condition, and
1454 whose name matches an authentication mechanism supported by the server.
1455 If one is found, attempt to authenticate by calling its client function.
1456 */
fcc8e047 1457
8768d548 1458 for (au = auths; !f.smtp_authenticated && au; au = au->next)
a7538db1
JH		 1459 {
1460 uschar *p = names;
ee8b8090
JH		 1461
1462 if ( !au->client
1463 || ( au->client_condition
1464 && !expand_check_condition(au->client_condition, au->name,
1465 US"client authenticator")))
a7538db1
JH		 1466 {
1467 DEBUG(D_transport) debug_printf("skipping %s authenticator: %s\n",
1468 au->name,
1469 (au->client)? "client_condition is false" :
1470 "not configured as a client");
1471 continue;
1472 }
fcc8e047 1473
a7538db1 1474 /* Loop to scan supported server mechanisms */
fcc8e047 1475
cab0c277 1476 while (*p)
a7538db1 1477 {
a7538db1 1478 int len = Ustrlen(au->public_name);
ee8b8090
JH		 1479 int rc;
1480
a7538db1 1481 while (isspace(*p)) p++;
fcc8e047 1482
a7538db1
JH		 1483 if (strncmpic(au->public_name, p, len) != 0 ||
1484 (p[len] != 0 && !isspace(p[len])))
1485 {
1486 while (*p != 0 && !isspace(*p)) p++;
1487 continue;
1488 }
fcc8e047 1489
a7538db1
JH		 1490 /* Found data for a listed mechanism. Call its client entry. Set
1491 a flag in the outblock so that data is overwritten after sending so
1492 that reflections don't show it. */
fcc8e047 1493
a7538db1 1494 fail_reason = US"authentication attempt(s) failed";
a7538db1 1495
ee8b8090
JH		 1496 if ((rc = try_authenticator(sx, au)) != OK)
1497 return rc;
fcc8e047 1498
a7538db1
JH		 1499 break; /* If not authenticated, try next authenticator */
1500 } /* Loop for scanning supported server mechanisms */
1501 } /* Loop for further authenticators */
fcc8e047 1502 }
a7538db1 1503 }
fcc8e047 1504
a7538db1 1505/* If we haven't authenticated, but are required to, give up. */
fcc8e047 1506
8768d548 1507if (require_auth == OK && !f.smtp_authenticated)
a7538db1 1508 {
251b9eb4 1509 set_errno_nohost(sx->addrlist, ERRNO_AUTHFAIL,
a7538db1 1510 string_sprintf("authentication required but %s", fail_reason), DEFER,
895fbaf2 1511 FALSE);
a7538db1
JH		 1512 return DEFER;
1513 }
4d8d62b9 1514
a7538db1 1515return OK;
fcc8e047
JH		 1516}
1517
1518
1519/* Construct AUTH appendix string for MAIL TO */
1520/*
1521Arguments
1522 buffer to build string
1523 addrlist chain of potential addresses to deliver
1524 ob transport options
1525
8768d548 1526Globals f.smtp_authenticated
fcc8e047
JH		 1527 client_authenticated_sender
1528Return True on error, otherwise buffer has (possibly empty) terminated string
1529*/
1530
1531BOOL
1532smtp_mail_auth_str(uschar *buffer, unsigned bufsize, address_item *addrlist,
1533 smtp_transport_options_block *ob)
1534{
1535uschar *local_authenticated_sender = authenticated_sender;
1536
1537#ifdef notdef
8768d548 1538 debug_printf("smtp_mail_auth_str: as<%s> os<%s> SA<%s>\n", authenticated_sender, ob->authenticated_sender, f.smtp_authenticated?"Y":"N");
fcc8e047
JH		 1539#endif
1540
1541if (ob->authenticated_sender != NULL)
1542 {
1543 uschar *new = expand_string(ob->authenticated_sender);
1544 if (new == NULL)
1545 {
8768d548 1546 if (!f.expand_string_forcedfail)
fcc8e047
JH		 1547 {
1548 uschar *message = string_sprintf("failed to expand "
1549 "authenticated_sender: %s", expand_string_message);
895fbaf2 1550 set_errno_nohost(addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
fcc8e047
JH		 1551 return TRUE;
1552 }
1553 }
1554 else if (new[0] != 0) local_authenticated_sender = new;
1555 }
1556
1557/* Add the authenticated sender address if present */
1558
8768d548 1559if ((f.smtp_authenticated || ob->authenticated_sender_force) &&
fcc8e047
JH		 1560 local_authenticated_sender != NULL)
1561 {
1562 string_format(buffer, bufsize, " AUTH=%s",
1563 auth_xtextencode(local_authenticated_sender,
1564 Ustrlen(local_authenticated_sender)));
1565 client_authenticated_sender = string_copy(local_authenticated_sender);
1566 }
1567else
1568 *buffer= 0;
1569
1570return FALSE;
1571}
1572
1573
1574
c0635b6d 1575#ifdef SUPPORT_DANE
2d5fdd53
JH		 1576/* Lookup TLSA record for host/port.
1577Return: OK success with dnssec; DANE mode
1578 DEFER Do not use this host now, may retry later
1579 FAIL_FORCED No TLSA record; DANE not usable
1580 FAIL Do not use this connection
1581*/
1582
0e66b3b6 1583int
4b0fe319 1584tlsa_lookup(const host_item * host, dns_answer * dnsa, BOOL dane_required)
0e66b3b6
JH		 1585{
1586/* move this out to host.c given the similarity to dns_lookup() ? */
1587uschar buffer[300];
55414b25 1588const uschar * fullname = buffer;
58c30e47
JH		 1589int rc;
1590BOOL sec;
0e66b3b6
JH		 1591
1592/* TLSA lookup string */
1593(void)sprintf(CS buffer, "_%d._tcp.%.256s", host->port, host->name);
1594
58c30e47
JH		 1595rc = dns_lookup(dnsa, buffer, T_TLSA, &fullname);
1596sec = dns_is_secure(dnsa);
1597DEBUG(D_transport)
1598 debug_printf("TLSA lookup ret %d %sDNSSEC\n", rc, sec ? "" : "not ");
1599
1600switch (rc)
0e66b3b6 1601 {
2d5fdd53
JH		 1602 case DNS_AGAIN:
1603 return DEFER; /* just defer this TLS'd conn */
1604
899b8bbc 1605 case DNS_SUCCEED:
624f33df
JH		 1606 if (sec)
1607 {
1608 DEBUG(D_transport)
1609 {
1610 dns_scan dnss;
1611 dns_record * rr;
1612 for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
1b76ad22
JH		 1613 rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
1614 if (rr->type == T_TLSA && rr->size > 3)
1615 {
1616 uint16_t payload_length = rr->size - 3;
1617 uschar s[MAX_TLSA_EXPANDED_SIZE], * sp = s, * p = US rr->data;
1618
1619 sp += sprintf(CS sp, "%d ", *p++); /* usage */
1620 sp += sprintf(CS sp, "%d ", *p++); /* selector */
1621 sp += sprintf(CS sp, "%d ", *p++); /* matchtype */
1622 while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4))
1623 sp += sprintf(CS sp, "%02x", *p++);
1624
1625 debug_printf(" %s\n", s);
1626 }
624f33df
JH		 1627 }
1628 return OK;
1629 }
899b8bbc
JH		 1630 log_write(0, LOG_MAIN,
1631 "DANE error: TLSA lookup for %s not DNSSEC", host->name);
1632 /*FALLTRHOUGH*/
1633
ef3a1a30
JH		 1634 case DNS_NODATA: /* no TLSA RR for this lookup */
1635 case DNS_NOMATCH: /* no records at all for this lookup */
6b524204 1636 return dane_required ? FAIL : FAIL_FORCED;
2d5fdd53
JH		 1637
1638 default:
1639 case DNS_FAIL:
1640 return dane_required ? FAIL : DEFER;
0e66b3b6 1641 }
0e66b3b6
JH		 1642}
1643#endif
1644
1645
a39bd74d
JB		 1646
1647typedef struct smtp_compare_s
1648{
1649 uschar *current_sender_address;
1650 struct transport_instance *tblock;
1651} smtp_compare_t;
1652
d093f8e5
JH		 1653
1654/* Create a unique string that identifies this message, it is based on
1655sender_address, helo_data and tls_certificate if enabled.
1656*/
a39bd74d
JB		 1657
1658static uschar *
1659smtp_local_identity(uschar * sender, struct transport_instance * tblock)
1660{
1661address_item * addr1;
1662uschar * if1 = US"";
1663uschar * helo1 = US"";
1664#ifdef SUPPORT_TLS
1665uschar * tlsc1 = US"";
1666#endif
1667uschar * save_sender_address = sender_address;
1668uschar * local_identity = NULL;
ee8b8090 1669smtp_transport_options_block * ob = SOB tblock->options_block;
a39bd74d
JB		 1670
1671sender_address = sender;
1672
1673addr1 = deliver_make_addr (sender, TRUE);
1674deliver_set_expansions(addr1);
1675
1676if (ob->interface)
1677 if1 = expand_string(ob->interface);
1678
1679if (ob->helo_data)
1680 helo1 = expand_string(ob->helo_data);
1681
1682#ifdef SUPPORT_TLS
1683if (ob->tls_certificate)
1684 tlsc1 = expand_string(ob->tls_certificate);
1685local_identity = string_sprintf ("%s^%s^%s", if1, helo1, tlsc1);
1686#else
1687local_identity = string_sprintf ("%s^%s", if1, helo1);
1688#endif
1689
1690deliver_set_expansions(NULL);
1691sender_address = save_sender_address;
1692
1693return local_identity;
1694}
1695
1696
1697
1698/* This routine is a callback that is called from transport_check_waiting.
1699This function will evaluate the incoming message versus the previous
1700message. If the incoming message is using a different local identity then
1701we will veto this new message. */
1702
1703static BOOL
1704smtp_are_same_identities(uschar * message_id, smtp_compare_t * s_compare)
1705{
dadff1d4
HSHR		 1706uschar * message_local_identity,
1707 * current_local_identity,
1708 * new_sender_address;
1709
1710current_local_identity =
a39bd74d 1711 smtp_local_identity(s_compare->current_sender_address, s_compare->tblock);
a39bd74d 1712
dadff1d4
HSHR		 1713if (!(new_sender_address = deliver_get_sender_address(message_id)))
1714 return 0;
1715
1716message_local_identity =
1717 smtp_local_identity(new_sender_address, s_compare->tblock);
a39bd74d
JB		 1718
1719return Ustrcmp(current_local_identity, message_local_identity) == 0;
1720}
1721
1722
1723
8ac90765
JH		 1724static unsigned
1725ehlo_response(uschar * buf, unsigned checks)
9094b84b 1726{
e9166683
JH		 1727size_t bsize = Ustrlen(buf);
1728
ee8b8090 1729/* debug_printf("%s: check for 0x%04x\n", __FUNCTION__, checks); */
8ac90765 1730
ee8b8090 1731#ifdef SUPPORT_TLS
8ac90765
JH		 1732# ifdef EXPERIMENTAL_REQUIRETLS
1733if ( checks & OPTION_REQUIRETLS
1734 && pcre_exec(regex_REQUIRETLS, NULL, CS buf,bsize, 0, PCRE_EOPT, NULL,0) < 0)
8ac90765 1735# endif
ee8b8090
JH		 1736 checks &= ~OPTION_REQUIRETLS;
1737
1738if ( checks & OPTION_TLS
1739 && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1740#endif
ee8b8090 1741 checks &= ~OPTION_TLS;
9094b84b 1742
14de8063 1743if ( checks & OPTION_IGNQ
ff5aac2b
JH		 1744 && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0,
1745 PCRE_EOPT, NULL, 0) < 0)
14de8063 1746 checks &= ~OPTION_IGNQ;
9094b84b 1747
14de8063 1748if ( checks & OPTION_CHUNKING
f98442df 1749 && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1750 checks &= ~OPTION_CHUNKING;
f98442df 1751
9094b84b 1752#ifndef DISABLE_PRDR
14de8063 1753if ( checks & OPTION_PRDR
ff5aac2b 1754 && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1755#endif
ee8b8090 1756 checks &= ~OPTION_PRDR;
9094b84b
JH		 1757
1758#ifdef SUPPORT_I18N
14de8063 1759if ( checks & OPTION_UTF8
ff5aac2b 1760 && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1761#endif
ee8b8090 1762 checks &= ~OPTION_UTF8;
9094b84b 1763
14de8063 1764if ( checks & OPTION_DSN
ff5aac2b 1765 && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1766 checks &= ~OPTION_DSN;
9094b84b 1767
14de8063 1768if ( checks & OPTION_PIPE
ff5aac2b
JH		 1769 && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0,
1770 PCRE_EOPT, NULL, 0) < 0)
14de8063 1771 checks &= ~OPTION_PIPE;
9094b84b 1772
14de8063 1773if ( checks & OPTION_SIZE
ff5aac2b 1774 && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1775 checks &= ~OPTION_SIZE;
9094b84b 1776
ee8b8090
JH		 1777#ifdef EXPERIMENTAL_PIPE_CONNECT
1778if ( checks & OPTION_EARLY_PIPE
1779 && pcre_exec(regex_EARLY_PIPE, NULL, CS buf, bsize, 0,
1780 PCRE_EOPT, NULL, 0) < 0)
1781#endif
1782 checks &= ~OPTION_EARLY_PIPE;
1783
1784/* debug_printf("%s: found 0x%04x\n", __FUNCTION__, checks); */
9094b84b
JH		 1785return checks;
1786}
1787
1788
6d5c916c
JH		 1789
1790/* Callback for emitting a BDAT data chunk header.
6d5c916c 1791
e027f545
JH		 1792If given a nonzero size, first flush any buffered SMTP commands
1793then emit the command.
1794
d2aa036b
JH		 1795Reap previous SMTP command responses if requested, and always reap
1796the response from a previous BDAT command.
1797
1798Args:
1799 tctx transport context
1800 chunk_size value for SMTP BDAT command
1801 flags
1802 tc_chunk_last add LAST option to SMTP BDAT command
1803 tc_reap_prev reap response to previous SMTP commands
6d5c916c
JH		 1804
1805Returns: OK or ERROR
1806*/
1807
1808static int
d2aa036b
JH		 1809smtp_chunk_cmd_callback(transport_ctx * tctx, unsigned chunk_size,
1810 unsigned flags)
6d5c916c 1811{
ee8b8090 1812smtp_transport_options_block * ob = SOB tctx->tblock->options_block;
e9166683 1813smtp_context * sx = tctx->smtp_context;
e027f545
JH		 1814int cmd_count = 0;
1815int prev_cmd_count;
6d5c916c 1816
4e910c01
JH		 1817/* Write SMTP chunk header command. If not reaping responses, note that
1818there may be more writes (like, the chunk data) done soon. */
6d5c916c 1819
e027f545 1820if (chunk_size > 0)
87cb4a16 1821 {
ee8b8090
JH		 1822#ifdef EXPERIMENTAL_PIPE_CONNECT
1823 BOOL new_conn = !!(sx->outblock.conn_args);
1824#endif
251b9eb4 1825 if((cmd_count = smtp_write_command(sx,
4e910c01
JH		 1826 flags & tc_reap_prev ? SCMD_FLUSH : SCMD_MORE,
1827 "BDAT %u%s\r\n", chunk_size, flags & tc_chunk_last ? " LAST" : "")
e027f545 1828 ) < 0) return ERROR;
87cb4a16
JH		 1829 if (flags & tc_chunk_last)
1830 data_command = string_copy(big_buffer); /* Save for later error message */
ee8b8090
JH		 1831#ifdef EXPERIMENTAL_PIPE_CONNECT
1832 /* That command write could have been the one that made the connection.
1833 Copy the fd from the client conn ctx (smtp transport specific) to the
1834 generic transport ctx. */
1835
1836 if (new_conn)
1837 tctx->u.fd = sx->outblock.cctx->sock;
1838#endif
87cb4a16 1839 }
e027f545 1840
e9166683 1841prev_cmd_count = cmd_count += sx->cmd_count;
6d5c916c 1842
e027f545 1843/* Reap responses for any previous, but not one we just emitted */
6d5c916c 1844
e027f545
JH		 1845if (chunk_size > 0)
1846 prev_cmd_count--;
e9166683 1847if (sx->pending_BDAT)
e027f545 1848 prev_cmd_count--;
6d5c916c 1849
e027f545 1850if (flags & tc_reap_prev && prev_cmd_count > 0)
6d5c916c 1851 {
58fc5fb2
JH		 1852 DEBUG(D_transport) debug_printf("look for %d responses"
1853 " for previous pipelined cmds\n", prev_cmd_count);
6d5c916c 1854
e9166683 1855 switch(sync_responses(sx, prev_cmd_count, 0))
e027f545
JH		 1856 {
1857 case 1: /* 2xx (only) => OK */
e9166683
JH		 1858 case 3: sx->good_RCPT = TRUE; /* 2xx & 5xx => OK & progress made */
1859 case 2: sx->completed_addr = TRUE; /* 5xx (only) => progress made */
e027f545
JH		 1860 case 0: break; /* No 2xx or 5xx, but no probs */
1861
1862 case -1: /* Timeout on RCPT */
ee8b8090
JH		 1863#ifdef EXPERIMENTAL_PIPE_CONNECT
1864 case -4: /* non-2xx for pipelined banner or EHLO */
1865#endif
e027f545
JH		 1866 default: return ERROR; /* I/O error, or any MAIL/DATA error */
1867 }
1868 cmd_count = 1;
e9166683 1869 if (!sx->pending_BDAT)
e027f545 1870 pipelining_active = FALSE;
6d5c916c 1871 }
e027f545 1872
58fc5fb2 1873/* Reap response for an outstanding BDAT */
e027f545 1874
e9166683 1875if (sx->pending_BDAT)
e027f545 1876 {
58fc5fb2
JH		 1877 DEBUG(D_transport) debug_printf("look for one response for BDAT\n");
1878
251b9eb4 1879 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
e027f545
JH		 1880 ob->command_timeout))
1881 {
e9166683 1882 if (errno == 0 && sx->buffer[0] == '4')
e027f545
JH		 1883 {
1884 errno = ERRNO_DATA4XX; /*XXX does this actually get used? */
36e55f49 1885 sx->addrlist->more_errno |=
e9166683 1886 ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
e027f545
JH		 1887 }
1888 return ERROR;
1889 }
1890 cmd_count--;
e9166683 1891 sx->pending_BDAT = FALSE;
e027f545
JH		 1892 pipelining_active = FALSE;
1893 }
1894else if (chunk_size > 0)
e9166683 1895 sx->pending_BDAT = TRUE;
e027f545
JH		 1896
1897
e9166683 1898sx->cmd_count = cmd_count;
e027f545 1899return OK;
6d5c916c
JH		 1900}
1901
1902
1903
ee8b8090
JH		 1904
1905
0756eb3c 1906/*************************************************
d093f8e5 1907* Make connection for given message *
0756eb3c
PH		 1908*************************************************/
1909
d093f8e5
JH		 1910/*
1911Arguments:
1912 ctx connection context
d093f8e5
JH		 1913 suppress_tls if TRUE, don't attempt a TLS connection - this is set for
1914 a second attempt after TLS initialization fails
d093f8e5
JH		 1915
1916Returns: OK - the connection was made and the delivery attempted;
1917 fd is set in the conn context, tls_out set up.
1918 DEFER - the connection could not be made, or something failed
1919 while setting up the SMTP session, or there was a
1920 non-message-specific error, such as a timeout.
1921 ERROR - helo_data or add_headers or authenticated_sender is
1922 specified for this transport, and the string failed
1923 to expand
1924*/
1925int
e9166683 1926smtp_setup_conn(smtp_context * sx, BOOL suppress_tls)
d093f8e5 1927{
c0635b6d 1928#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
d093f8e5
JH		 1929dns_answer tlsa_dnsa;
1930#endif
ee8b8090 1931smtp_transport_options_block * ob = sx->conn_args.tblock->options_block;
d093f8e5 1932BOOL pass_message = FALSE;
d093f8e5 1933uschar * message = NULL;
d093f8e5
JH		 1934int yield = OK;
1935int rc;
1936
ee8b8090 1937sx->conn_args.ob = ob;
d093f8e5 1938
ee8b8090
JH		 1939sx->lmtp = strcmpic(ob->protocol, US"lmtp") == 0;
1940sx->smtps = strcmpic(ob->protocol, US"smtps") == 0;
d093f8e5
JH		 1941sx->ok = FALSE;
1942sx->send_rset = TRUE;
1943sx->send_quit = TRUE;
1944sx->setting_up = TRUE;
1945sx->esmtp = TRUE;
1946sx->esmtp_sent = FALSE;
59a286ef 1947#ifdef SUPPORT_I18N
d093f8e5 1948sx->utf8_needed = FALSE;
59a286ef 1949#endif
d093f8e5 1950sx->dsn_all_lasthop = TRUE;
c0635b6d 1951#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
d093f8e5 1952sx->dane = FALSE;
8ac90765 1953sx->dane_required =
ee8b8090
JH		 1954 verify_check_given_host(CUSS &ob->hosts_require_dane, sx->conn_args.host) == OK;
1955#endif
1956#ifdef EXPERIMENTAL_PIPE_CONNECT
1957sx->early_pipe_active = sx->early_pipe_ok = FALSE;
1958sx->ehlo_resp.cleartext_features = sx->ehlo_resp.crypted_features = 0;
1959sx->pending_BANNER = sx->pending_EHLO = FALSE;
d093f8e5
JH		 1960#endif
1961
ee8b8090 1962if ((sx->max_rcpt = sx->conn_args.tblock->max_addresses) == 0) sx->max_rcpt = 999999;
d093f8e5 1963sx->peer_offered = 0;
14de8063 1964sx->avoid_option = 0;
d093f8e5 1965sx->igquotstr = US"";
ee8b8090 1966if (!sx->helo_data) sx->helo_data = ob->helo_data;
d093f8e5
JH		 1967#ifdef EXPERIMENTAL_DSN_INFO
1968sx->smtp_greeting = NULL;
1969sx->helo_response = NULL;
59a286ef
JH		 1970#endif
1971
0756eb3c 1972smtp_command = US"initial connection";
d093f8e5 1973sx->buffer[0] = '\0';
0756eb3c
PH		 1974
1975/* Set up the buffer for reading SMTP response packets. */
1976
d093f8e5
JH		 1977sx->inblock.buffer = sx->inbuffer;
1978sx->inblock.buffersize = sizeof(sx->inbuffer);
1979sx->inblock.ptr = sx->inbuffer;
1980sx->inblock.ptrend = sx->inbuffer;
0756eb3c
PH		 1981
1982/* Set up the buffer for holding SMTP commands while pipelining */
1983
d093f8e5
JH		 1984sx->outblock.buffer = sx->outbuffer;
1985sx->outblock.buffersize = sizeof(sx->outbuffer);
1986sx->outblock.ptr = sx->outbuffer;
1987sx->outblock.cmd_count = 0;
1988sx->outblock.authenticating = FALSE;
ee8b8090 1989sx->outblock.conn_args = NULL;
0756eb3c 1990
6c512171
PH		 1991/* Reset the parameters of a TLS session. */
1992
817d9f57
JH		 1993tls_out.bits = 0;
1994tls_out.cipher = NULL; /* the one we may use for this transport */
9d1c15ef
JH		 1995tls_out.ourcert = NULL;
1996tls_out.peercert = NULL;
817d9f57
JH		 1997tls_out.peerdn = NULL;
1998#if defined(SUPPORT_TLS) && !defined(USE_GNUTLS)
1999tls_out.sni = NULL;
5b456975 2000#endif
018058b2 2001tls_out.ocsp = OCSP_NOT_REQ;
6c512171 2002
35aba663
JH		 2003/* Flip the legacy TLS-related variables over to the outbound set in case
2004they're used in the context of the transport. Don't bother resetting
02b41d71
JH		 2005afterward (when being used by a transport) as we're in a subprocess.
2006For verify, unflipped once the callout is dealt with */
35aba663
JH		 2007
2008tls_modify_variables(&tls_out);
2009
061b7ebd 2010#ifndef SUPPORT_TLS
d093f8e5 2011if (sx->smtps)
061b7ebd 2012 {
d093f8e5 2013 set_errno_nohost(sx->addrlist, ERRNO_TLSFAILURE, US"TLS support not available",
895fbaf2 2014 DEFER, FALSE);
018058b2 2015 return ERROR;
061b7ebd
PP		 2016 }
2017#endif
2018
0756eb3c
PH		 2019/* Make a connection to the host if this isn't a continued delivery, and handle
2020the initial interaction and HELO/EHLO/LHLO. Connect timeout errors are handled
2021specially so they can be identified for retries. */
2022
58c30e47 2023if (!continue_hostname)
0756eb3c 2024 {
e9166683 2025 if (sx->verify)
ee8b8090 2026 HDEBUG(D_verify) debug_printf("interface=%s port=%d\n", sx->conn_args.interface, sx->port);
02b41d71 2027
ee8b8090 2028 /* Get the actual port the connection will use, into sx->conn_args.host */
4311097e 2029
ee8b8090 2030 smtp_port_for_connect(sx->conn_args.host, sx->port);
0756eb3c 2031
c0635b6d 2032#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
58c30e47 2033 /* Do TLSA lookup for DANE */
0e66b3b6 2034 {
0e66b3b6
JH		 2035 tls_out.dane_verified = FALSE;
2036 tls_out.tlsa_usage = 0;
2037
ee8b8090 2038 if (sx->conn_args.host->dnssec == DS_YES)
0e66b3b6 2039 {
d093f8e5 2040 if( sx->dane_required
ee8b8090 2041 || verify_check_given_host(CUSS &ob->hosts_try_dane, sx->conn_args.host) == OK
0e66b3b6 2042 )
ee8b8090 2043 switch (rc = tlsa_lookup(sx->conn_args.host, &tlsa_dnsa, sx->dane_required))
4b0fe319 2044 {
58c30e47 2045 case OK: sx->dane = TRUE;
ee8b8090 2046 ob->tls_tempfail_tryclear = FALSE;
58c30e47 2047 break;
2d5fdd53 2048 case FAIL_FORCED: break;
d093f8e5 2049 default: set_errno_nohost(sx->addrlist, ERRNO_DNSDEFER,
2d5fdd53
JH		 2050 string_sprintf("DANE error: tlsa lookup %s",
2051 rc == DEFER ? "DEFER" : "FAIL"),
2052 rc, FALSE);
8d3dc239 2053# ifndef DISABLE_EVENT
ee8b8090 2054 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd
JH		 2055 US"dane:fail", sx->dane_required
2056 ? US"dane-required" : US"dnssec-invalid");
8d3dc239 2057# endif
2d5fdd53 2058 return rc;
4b0fe319 2059 }
0e66b3b6 2060 }
d093f8e5 2061 else if (sx->dane_required)
0e66b3b6 2062 {
d093f8e5 2063 set_errno_nohost(sx->addrlist, ERRNO_DNSDEFER,
ee8b8090 2064 string_sprintf("DANE error: %s lookup not DNSSEC", sx->conn_args.host->name),
895fbaf2 2065 FAIL, FALSE);
8d3dc239 2066# ifndef DISABLE_EVENT
ee8b8090 2067 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd 2068 US"dane:fail", US"dane-required");
8d3dc239 2069# endif
4b0fe319 2070 return FAIL;
0e66b3b6 2071 }
0e66b3b6
JH		 2072 }
2073#endif /*DANE*/
2074
58c30e47
JH		 2075 /* Make the TCP connection */
2076
74f1a423
JH		 2077 sx->cctx.tls_ctx = NULL;
2078 sx->inblock.cctx = sx->outblock.cctx = &sx->cctx;
ee8b8090 2079 sx->avoid_option = sx->peer_offered = smtp_peer_options = 0;
58c30e47 2080
ee8b8090
JH		 2081#ifdef EXPERIMENTAL_PIPE_CONNECT
2082 if (verify_check_given_host(CUSS &ob->hosts_pipe_connect, sx->conn_args.host) == OK)
58c30e47 2083 {
ee8b8090
JH		 2084 sx->early_pipe_ok = TRUE;
2085 if ( read_ehlo_cache_entry(sx)
2086 && sx->ehlo_resp.cleartext_features & OPTION_EARLY_PIPE)
58c30e47 2087 {
ee8b8090
JH		 2088 DEBUG(D_transport) debug_printf("Using cached cleartext PIPE_CONNECT\n");
2089 sx->early_pipe_active = TRUE;
2090 sx->peer_offered = sx->ehlo_resp.cleartext_features;
58c30e47 2091 }
58c30e47
JH		 2092 }
2093
ee8b8090
JH		 2094 if (sx->early_pipe_active)
2095 sx->outblock.conn_args = &sx->conn_args;
2096 else
2097#endif
2098 {
2099 if ((sx->cctx.sock = smtp_connect(&sx->conn_args, NULL)) < 0)
2100 {
2101 uschar * msg = NULL;
2102 if (sx->verify)
2103 {
2104 msg = US strerror(errno);
2105 HDEBUG(D_verify) debug_printf("connect: %s\n", msg);
2106 }
2107 set_errno_nohost(sx->addrlist,
2108 errno == ETIMEDOUT ? ERRNO_CONNECTTIMEOUT : errno,
2109 sx->verify ? string_sprintf("could not connect: %s", msg)
2110 : NULL,
2111 DEFER, FALSE);
2112 sx->send_quit = FALSE;
2113 return DEFER;
2114 }
2115 }
41c7c167
PH		 2116 /* Expand the greeting message while waiting for the initial response. (Makes
2117 sense if helo_data contains ${lookup dnsdb ...} stuff). The expansion is
2118 delayed till here so that $sending_interface and $sending_port are set. */
ee8b8090
JH		 2119/*XXX early-pipe: they still will not be. Is there any way to find out what they
2120will be? Somehow I doubt it. */
41c7c167 2121
02b41d71
JH		 2122 if (sx->helo_data)
2123 if (!(sx->helo_data = expand_string(sx->helo_data)))
e9166683 2124 if (sx->verify)
02b41d71
JH		 2125 log_write(0, LOG_MAIN|LOG_PANIC,
2126 "<%s>: failed to expand transport's helo_data value for callout: %s",
2127 sx->addrlist->address, expand_string_message);
2128
8c5d388a 2129#ifdef SUPPORT_I18N
d093f8e5 2130 if (sx->helo_data)
810d16ad 2131 {
02b41d71
JH		 2132 expand_string_message = NULL;
2133 if ((sx->helo_data = string_domain_utf8_to_alabel(sx->helo_data,
2134 &expand_string_message)),
2135 expand_string_message)
e9166683 2136 if (sx->verify)
02b41d71
JH		 2137 log_write(0, LOG_MAIN|LOG_PANIC,
2138 "<%s>: failed to expand transport's helo_data value for callout: %s",
2139 sx->addrlist->address, expand_string_message);
2140 else
2141 sx->helo_data = NULL;
810d16ad
JH		 2142 }
2143#endif
41c7c167 2144
0756eb3c
PH		 2145 /* The first thing is to wait for an initial OK response. The dreaded "goto"
2146 is nevertheless a reasonably clean way of programming this kind of logic,
2147 where you want to escape on any error. */
2148
d093f8e5 2149 if (!sx->smtps)
061b7ebd 2150 {
ee8b8090
JH		 2151#ifdef EXPERIMENTAL_PIPE_CONNECT
2152 if (sx->early_pipe_active)
2153 {
2154 sx->pending_BANNER = TRUE; /* sync_responses() must eventually handle */
2155 sx->outblock.cmd_count = 1;
2156 }
2157 else
8d330698 2158#endif
ee8b8090
JH		 2159 {
2160#ifdef TCP_QUICKACK
2161 (void) setsockopt(sx->cctx.sock, IPPROTO_TCP, TCP_QUICKACK, US &off,
2162 sizeof(off));
895fbaf2 2163#endif
ee8b8090
JH		 2164 if (!smtp_reap_banner(sx))
2165 goto RESPONSE_FAILED;
2166 }
0756eb3c 2167
0cbf2b82 2168#ifndef DISABLE_EVENT
b30275b8 2169 {
805c9d53 2170 uschar * s;
ee8b8090
JH		 2171 lookup_dnssec_authenticated = sx->conn_args.host->dnssec==DS_YES ? US"yes"
2172 : sx->conn_args.host->dnssec==DS_NO ? US"no" : NULL;
2173 s = event_raise(sx->conn_args.tblock->event_action, US"smtp:connect", sx->buffer);
b30275b8 2174 if (s)
a7538db1 2175 {
d093f8e5 2176 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL,
b30275b8 2177 string_sprintf("deferred by smtp:connect event expansion: %s", s),
895fbaf2 2178 DEFER, FALSE);
a7538db1
JH		 2179 yield = DEFER;
2180 goto SEND_QUIT;
2181 }
b30275b8 2182 }
a7538db1
JH		 2183#endif
2184
061b7ebd
PP		 2185 /* Now check if the helo_data expansion went well, and sign off cleanly if
2186 it didn't. */
41c7c167 2187
d093f8e5 2188 if (!sx->helo_data)
061b7ebd 2189 {
d093f8e5 2190 message = string_sprintf("failed to expand helo_data: %s",
061b7ebd 2191 expand_string_message);
d093f8e5 2192 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
061b7ebd
PP		 2193 yield = DEFER;
2194 goto SEND_QUIT;
2195 }
41c7c167
PH		 2196 }
2197
0756eb3c 2198/** Debugging without sending a message
d093f8e5 2199sx->addrlist->transport_return = DEFER;
0756eb3c
PH		 2200goto SEND_QUIT;
2201**/
2202
2203 /* Errors that occur after this point follow an SMTP command, which is
2204 left in big_buffer by smtp_write_command() for use in error messages. */
2205
2206 smtp_command = big_buffer;
2207
2208 /* Tell the remote who we are...
2209
2210 February 1998: A convention has evolved that ESMTP-speaking MTAs include the
2211 string "ESMTP" in their greeting lines, so make Exim send EHLO if the
2212 greeting is of this form. The assumption was that the far end supports it
2213 properly... but experience shows that there are some that give 5xx responses,
2214 even though the banner includes "ESMTP" (there's a bloody-minded one that
2215 says "ESMTP not spoken here"). Cope with that case.
2216
2217 September 2000: Time has passed, and it seems reasonable now to always send
2218 EHLO at the start. It is also convenient to make the change while installing
2219 the TLS stuff.
2220
2221 July 2003: Joachim Wieland met a broken server that advertises "PIPELINING"
2222 but times out after sending MAIL FROM, RCPT TO and DATA all together. There
2223 would be no way to send out the mails, so there is now a host list
2224 "hosts_avoid_esmtp" that disables ESMTP for special hosts and solves the
2225 PIPELINING problem as well. Maybe it can also be useful to cure other
2226 problems with broken servers.
2227
2228 Exim originally sent "Helo" at this point and ran for nearly a year that way.
2229 Then somebody tried it with a Microsoft mailer... It seems that all other
2230 mailers use upper case for some reason (the RFC is quite clear about case
2231 independence) so, for peace of mind, I gave in. */
2232
ee8b8090 2233 sx->esmtp = verify_check_given_host(CUSS &ob->hosts_avoid_esmtp, sx->conn_args.host) != OK;
0756eb3c 2234
061b7ebd
PP		 2235 /* Alas; be careful, since this goto is not an error-out, so conceivably
2236 we might set data between here and the target which we assume to exist
2237 and be usable. I can see this coming back to bite us. */
a7538db1 2238#ifdef SUPPORT_TLS
d093f8e5 2239 if (sx->smtps)
061b7ebd 2240 {
14de8063 2241 smtp_peer_options |= OPTION_TLS;
061b7ebd 2242 suppress_tls = FALSE;
ee8b8090 2243 ob->tls_tempfail_tryclear = FALSE;
061b7ebd
PP		 2244 smtp_command = US"SSL-on-connect";
2245 goto TLS_NEGOTIATE;
2246 }
a7538db1 2247#endif
061b7ebd 2248
d093f8e5 2249 if (sx->esmtp)
0756eb3c 2250 {
ee8b8090
JH		 2251 if (smtp_write_command(sx,
2252#ifdef EXPERIMENTAL_PIPE_CONNECT
2253 sx->early_pipe_active ? SCMD_BUFFER :
2254#endif
2255 SCMD_FLUSH,
2256 "%s %s\r\n", sx->lmtp ? "LHLO" : "EHLO", sx->helo_data) < 0)
0756eb3c 2257 goto SEND_FAILED;
d093f8e5 2258 sx->esmtp_sent = TRUE;
ee8b8090
JH		 2259
2260#ifdef EXPERIMENTAL_PIPE_CONNECT
2261 if (sx->early_pipe_active)
0756eb3c 2262 {
ee8b8090
JH		 2263 sx->pending_EHLO = TRUE;
2264
2265 /* If we have too many authenticators to handle and might need to AUTH
2266 for this transport, pipeline no further as we will need the
2267 list of auth methods offered. Reap the banner and EHLO. */
2268
2269 if ( (ob->hosts_require_auth || ob->hosts_try_auth)
2270 && f.smtp_in_early_pipe_no_auth)
895fbaf2 2271 {
ee8b8090
JH		 2272 DEBUG(D_transport) debug_printf("may need to auth, so pipeline no further\n");
2273 if (smtp_write_command(sx, SCMD_FLUSH, NULL) < 0)
2274 goto SEND_FAILED;
2275 if (sync_responses(sx, 2, 0) != 0)
2276 {
2277 HDEBUG(D_transport)
2278 debug_printf("failed reaping pipelined cmd responses\n");
2279 goto RESPONSE_FAILED;
2280 }
2281 sx->early_pipe_active = FALSE;
895fbaf2 2282 }
0756eb3c 2283 }
ee8b8090 2284 else
895fbaf2 2285#endif
ee8b8090
JH		 2286 if (!smtp_reap_ehlo(sx))
2287 goto RESPONSE_FAILED;
0756eb3c
PH		 2288 }
2289 else
0756eb3c
PH		 2290 DEBUG(D_transport)
2291 debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
0756eb3c 2292
ee8b8090
JH		 2293#ifdef EXPERIMENTAL_PIPE_CONNECT
2294 if (!sx->early_pipe_active)
2295#endif
2296 if (!sx->esmtp)
2297 {
2298 BOOL good_response;
2299 int n = sizeof(sx->buffer);
2300 uschar * rsp = sx->buffer;
a57ce043 2301
ee8b8090
JH		 2302 if (sx->esmtp_sent && (n = Ustrlen(sx->buffer)) < sizeof(sx->buffer)/2)
2303 { rsp = sx->buffer + n + 1; n = sizeof(sx->buffer) - n; }
895fbaf2 2304
ee8b8090
JH		 2305 if (smtp_write_command(sx, SCMD_FLUSH, "HELO %s\r\n", sx->helo_data) < 0)
2306 goto SEND_FAILED;
2307 good_response = smtp_read_response(sx, rsp, n, '2', ob->command_timeout);
895fbaf2 2308#ifdef EXPERIMENTAL_DSN_INFO
ee8b8090 2309 sx->helo_response = string_copy(rsp);
895fbaf2 2310#endif
ee8b8090 2311 if (!good_response)
a57ce043 2312 {
ee8b8090
JH		 2313 /* Handle special logging for a closed connection after HELO
2314 when had previously sent EHLO */
2315
2316 if (rsp != sx->buffer && rsp[0] == 0 && (errno == 0 || errno == ECONNRESET))
2317 {
2318 errno = ERRNO_SMTPCLOSED;
2319 goto EHLOHELO_FAILED;
2320 }
2321 memmove(sx->buffer, rsp, Ustrlen(rsp));
2322 goto RESPONSE_FAILED;
a57ce043 2323 }
a57ce043 2324 }
2d14f397 2325
d093f8e5 2326 if (sx->esmtp || sx->lmtp)
2d14f397 2327 {
ee8b8090
JH		 2328#ifdef EXPERIMENTAL_PIPE_CONNECT
2329 if (!sx->early_pipe_active)
2330#endif
2331 {
2332 sx->peer_offered = ehlo_response(sx->buffer,
2333 OPTION_TLS /* others checked later */
2334#ifdef EXPERIMENTAL_PIPE_CONNECT
2335 | (sx->early_pipe_ok
2336 ? OPTION_IGNQ
2337 | OPTION_CHUNKING | OPTION_PRDR | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
2338#ifdef SUPPORT_I18N
2339 | OPTION_UTF8
2340#endif
2341 | OPTION_EARLY_PIPE
2342 : 0
2343 )
2344#endif
2345 );
2346#ifdef EXPERIMENTAL_PIPE_CONNECT
2347 if (sx->early_pipe_ok)
2348 {
2349 sx->ehlo_resp.cleartext_features = sx->peer_offered;
2350
2351 if ( (sx->peer_offered & (OPTION_PIPE | OPTION_EARLY_PIPE))
2352 == (OPTION_PIPE | OPTION_EARLY_PIPE))
2353 {
2354 DEBUG(D_transport) debug_printf("PIPE_CONNECT usable in future for this IP\n");
2355 sx->ehlo_resp.cleartext_auths = study_ehlo_auths(sx);
2356 write_ehlo_cache_entry(sx);
2357 }
2358 }
2359#endif
2360 }
f1513293 2361
0756eb3c
PH		 2362 /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */
2363
a7538db1 2364#ifdef SUPPORT_TLS
14de8063 2365 smtp_peer_options |= sx->peer_offered & OPTION_TLS;
7ade712c 2366#endif
2d14f397 2367 }
0756eb3c
PH		 2368 }
2369
57cc2785
JH		 2370/* For continuing deliveries down the same channel, having re-exec'd the socket
2371is the standard input; for a socket held open from verify it is recorded
2372in the cutthrough context block. Either way we don't need to redo EHLO here
2373(but may need to do so for TLS - see below).
2374Set up the pointer to where subsequent commands will be left, for
2d14f397 2375error messages. Note that smtp_peer_options will have been
0756eb3c
PH		 2376set from the command line if they were set in the process that passed the
2377connection on. */
2378
895fbaf2 2379/*XXX continue case needs to propagate DSN_INFO, prob. in deliver.c
4c04137d 2380as the continue goes via transport_pass_socket() and doublefork and exec.
895fbaf2
JH		 2381It does not wait. Unclear how we keep separate host's responses
2382separate - we could match up by host ip+port as a bodge. */
2383
0756eb3c
PH		 2384else
2385 {
74f1a423 2386 if (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only)
57cc2785 2387 {
74f1a423 2388 sx->cctx = cutthrough.cctx;
ee8b8090 2389 sx->conn_args.host->port = sx->port = cutthrough.host.port;
57cc2785
JH		 2390 }
2391 else
2392 {
74f1a423
JH		 2393 sx->cctx.sock = 0; /* stdin */
2394 sx->cctx.tls_ctx = NULL;
ee8b8090 2395 smtp_port_for_connect(sx->conn_args.host, sx->port); /* Record the port that was used */
57cc2785 2396 }
74f1a423 2397 sx->inblock.cctx = sx->outblock.cctx = &sx->cctx;
0756eb3c 2398 smtp_command = big_buffer;
02b41d71 2399 sx->helo_data = NULL; /* ensure we re-expand ob->helo_data */
875512a3 2400
57cc2785
JH		 2401 /* For a continued connection with TLS being proxied for us, or a
2402 held-open verify connection with TLS, nothing more to do. */
875512a3 2403
57cc2785 2404 if ( continue_proxy_cipher
74f1a423
JH		 2405 || (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only
2406 && cutthrough.is_tls)
57cc2785 2407 )
875512a3
JH		 2408 {
2409 sx->peer_offered = smtp_peer_options;
7c576fca 2410 sx->pipelining_used = pipelining_active = !!(smtp_peer_options & OPTION_PIPE);
57cc2785
JH		 2411 HDEBUG(D_transport) debug_printf("continued connection, %s TLS\n",
2412 continue_proxy_cipher ? "proxied" : "verify conn with");
875512a3
JH		 2413 return OK;
2414 }
2415 HDEBUG(D_transport) debug_printf("continued connection, no TLS\n");
0756eb3c
PH		 2416 }
2417
2418/* If TLS is available on this connection, whether continued or not, attempt to
2419start up a TLS session, unless the host is in hosts_avoid_tls. If successful,
2420send another EHLO - the server may give a different answer in secure mode. We
2421use a separate buffer for reading the response to STARTTLS so that if it is
2422negative, the original EHLO data is available for subsequent analysis, should
2423the client not be required to use TLS. If the response is bad, copy the buffer
2424for error analysis. */
2425
2426#ifdef SUPPORT_TLS
14de8063 2427if ( smtp_peer_options & OPTION_TLS
5130845b 2428 && !suppress_tls
ee8b8090 2429 && verify_check_given_host(CUSS &ob->hosts_avoid_tls, sx->conn_args.host) != OK
e9166683 2430 && ( !sx->verify
ee8b8090 2431 || verify_check_given_host(CUSS &ob->hosts_verify_avoid_tls, sx->conn_args.host) != OK
02b41d71 2432 ) )
0756eb3c
PH		 2433 {
2434 uschar buffer2[4096];
ee8b8090 2435
251b9eb4 2436 if (smtp_write_command(sx, SCMD_FLUSH, "STARTTLS\r\n") < 0)
0756eb3c
PH		 2437 goto SEND_FAILED;
2438
ee8b8090
JH		 2439#ifdef EXPERIMENTAL_PIPE_CONNECT
2440 /* If doing early-pipelining reap the banner and EHLO-response but leave
2441 the response for the STARTTLS we just sent alone. */
2442
2443 if (sx->early_pipe_active && sync_responses(sx, 2, 0) != 0)
2444 {
2445 HDEBUG(D_transport)
2446 debug_printf("failed reaping pipelined cmd responses\n");
2447 goto RESPONSE_FAILED;
2448 }
2449#endif
2450
0756eb3c
PH		 2451 /* If there is an I/O error, transmission of this message is deferred. If
2452 there is a temporary rejection of STARRTLS and tls_tempfail_tryclear is
2453 false, we also defer. However, if there is a temporary rejection of STARTTLS
2454 and tls_tempfail_tryclear is true, or if there is an outright rejection of
2455 STARTTLS, we carry on. This means we will try to send the message in clear,
2456 unless the host is in hosts_require_tls (tested below). */
2457
ee8b8090 2458 if (!smtp_read_response(sx, buffer2, sizeof(buffer2), '2', ob->command_timeout))
0756eb3c 2459 {
4b0fe319
JH		 2460 if ( errno != 0
2461 || buffer2[0] == 0
ee8b8090 2462 || (buffer2[0] == '4' && !ob->tls_tempfail_tryclear)
4b0fe319 2463 )
0dda4340 2464 {
d093f8e5 2465 Ustrncpy(sx->buffer, buffer2, sizeof(sx->buffer));
9e7e0f6a 2466 sx->buffer[sizeof(sx->buffer)-1] = '\0';
0756eb3c 2467 goto RESPONSE_FAILED;
0dda4340 2468 }
0756eb3c
PH		 2469 }
2470
2471 /* STARTTLS accepted: try to negotiate a TLS session. */
2472
2473 else
061b7ebd 2474 TLS_NEGOTIATE:
0756eb3c 2475 {
d093f8e5 2476 address_item * addr;
cf0c6164 2477 uschar * errstr;
ee8b8090
JH		 2478 sx->cctx.tls_ctx = tls_client_start(sx->cctx.sock, sx->conn_args.host,
2479 sx->addrlist, sx->conn_args.tblock,
c0635b6d 2480# ifdef SUPPORT_DANE
cf0c6164 2481 sx->dane ? &tlsa_dnsa : NULL,
0e66b3b6 2482# endif
74f1a423 2483 &tls_out, &errstr);
0756eb3c 2484
74f1a423 2485 if (!sx->cctx.tls_ctx)
0756eb3c 2486 {
74f1a423
JH		 2487 /* TLS negotiation failed; give an error. From outside, this function may
2488 be called again to try in clear on a new connection, if the options permit
2489 it for this host. */
8008accd 2490 DEBUG(D_tls) debug_printf("TLS session fail: %s\n", errstr);
74f1a423 2491
c0635b6d 2492# ifdef SUPPORT_DANE
c4b57fdd
JH		 2493 if (sx->dane)
2494 {
2495 log_write(0, LOG_MAIN,
cf0c6164 2496 "DANE attempt failed; TLS connection to %s [%s]: %s",
ee8b8090 2497 sx->conn_args.host->name, sx->conn_args.host->address, errstr);
8d3dc239 2498# ifndef DISABLE_EVENT
ee8b8090 2499 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd 2500 US"dane:fail", US"validation-failure"); /* could do with better detail */
8d3dc239 2501# endif
c4b57fdd 2502 }
6ebd79ec
JH		 2503# endif
2504
de6273b4 2505 errno = ERRNO_TLSFAILURE;
cf0c6164 2506 message = string_sprintf("TLS session: %s", errstr);
d093f8e5 2507 sx->send_quit = FALSE;
0756eb3c
PH		 2508 goto TLS_FAILED;
2509 }
2510
2511 /* TLS session is set up */
2512
2d14f397 2513 smtp_peer_options_wrap = smtp_peer_options;
d093f8e5 2514 for (addr = sx->addrlist; addr; addr = addr->next)
5ca2a9a1
PH		 2515 if (addr->transport_return == PENDING_DEFER)
2516 {
817d9f57 2517 addr->cipher = tls_out.cipher;
9d1c15ef
JH		 2518 addr->ourcert = tls_out.ourcert;
2519 addr->peercert = tls_out.peercert;
817d9f57 2520 addr->peerdn = tls_out.peerdn;
018058b2 2521 addr->ocsp = tls_out.ocsp;
5ca2a9a1 2522 }
0756eb3c
PH		 2523 }
2524 }
2525
061b7ebd
PP		 2526/* if smtps, we'll have smtp_command set to something else; always safe to
2527reset it here. */
2528smtp_command = big_buffer;
2529
41c7c167
PH		 2530/* If we started TLS, redo the EHLO/LHLO exchange over the secure channel. If
2531helo_data is null, we are dealing with a connection that was passed from
2532another process, and so we won't have expanded helo_data above. We have to
2533expand it here. $sending_ip_address and $sending_port are set up right at the
2534start of the Exim process (in exim.c). */
0756eb3c 2535
74f1a423 2536if (tls_out.active.sock >= 0)
0756eb3c 2537 {
ee8b8090 2538 uschar * greeting_cmd;
895fbaf2 2539
ee8b8090 2540 if (!sx->helo_data && !(sx->helo_data = expand_string(ob->helo_data)))
41c7c167 2541 {
d093f8e5
JH		 2542 uschar *message = string_sprintf("failed to expand helo_data: %s",
2543 expand_string_message);
2544 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
2545 yield = DEFER;
2546 goto SEND_QUIT;
41c7c167
PH		 2547 }
2548
ee8b8090
JH		 2549#ifdef EXPERIMENTAL_PIPE_CONNECT
2550 /* For SMTPS there is no cleartext early-pipe; use the crypted permission bit.
2551 We're unlikely to get the group sent and delivered before the server sends its
2552 banner, but it's still worth sending as a group.
2553 For STARTTLS allow for cleartext early-pipe but no crypted early-pipe, but not
2554 the reverse. */
2555
2556 if (sx->smtps ? sx->early_pipe_ok : sx->early_pipe_active)
2557 {
2558 sx->peer_offered = sx->ehlo_resp.crypted_features;
2559 if ((sx->early_pipe_active =
2560 !!(sx->ehlo_resp.crypted_features & OPTION_EARLY_PIPE)))
2561 DEBUG(D_transport) debug_printf("Using cached crypted PIPE_CONNECT\n");
2562 }
2563#endif
2564
0d0e4455 2565 /* For SMTPS we need to wait for the initial OK response. */
d093f8e5 2566 if (sx->smtps)
ee8b8090
JH		 2567#ifdef EXPERIMENTAL_PIPE_CONNECT
2568 if (sx->early_pipe_active)
2569 {
2570 sx->pending_BANNER = TRUE;
2571 sx->outblock.cmd_count = 1;
2572 }
2573 else
895fbaf2 2574#endif
ee8b8090
JH		 2575 if (!smtp_reap_banner(sx))
2576 goto RESPONSE_FAILED;
0d0e4455 2577
ee8b8090
JH		 2578 if (sx->lmtp)
2579 greeting_cmd = US"LHLO";
2580 else if (sx->esmtp)
2581 greeting_cmd = US"EHLO";
0d0e4455
PP		 2582 else
2583 {
ee8b8090 2584 greeting_cmd = US"HELO";
0d0e4455
PP		 2585 DEBUG(D_transport)
2586 debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
061b7ebd
PP		 2587 }
2588
ee8b8090
JH		 2589 if (smtp_write_command(sx,
2590#ifdef EXPERIMENTAL_PIPE_CONNECT
2591 sx->early_pipe_active ? SCMD_BUFFER :
2592#endif
2593 SCMD_FLUSH,
2594 "%s %s\r\n", greeting_cmd, sx->helo_data) < 0)
0756eb3c 2595 goto SEND_FAILED;
ee8b8090
JH		 2596
2597#ifdef EXPERIMENTAL_PIPE_CONNECT
2598 if (sx->early_pipe_active)
2599 sx->pending_EHLO = TRUE;
2600 else
895fbaf2 2601#endif
ee8b8090
JH		 2602 {
2603 if (!smtp_reap_ehlo(sx))
2604 goto RESPONSE_FAILED;
2605 smtp_peer_options = 0;
2606 }
0756eb3c
PH		 2607 }
2608
2609/* If the host is required to use a secure channel, ensure that we
2610have one. */
2611
d093f8e5 2612else if ( sx->smtps
c0635b6d 2613# ifdef SUPPORT_DANE
d093f8e5 2614 || sx->dane
0e66b3b6 2615# endif
8ac90765
JH		 2616# ifdef EXPERIMENTAL_REQUIRETLS
2617 || tls_requiretls & REQUIRETLS_MSG
2618# endif
ee8b8090 2619 || verify_check_given_host(CUSS &ob->hosts_require_tls, sx->conn_args.host) == OK
7a31d643 2620 )
0756eb3c 2621 {
8ac90765
JH		 2622 errno =
2623# ifdef EXPERIMENTAL_REQUIRETLS
2624 tls_requiretls & REQUIRETLS_MSG ? ERRNO_REQUIRETLS :
2625# endif
2626 ERRNO_TLSREQUIRED;
c562fd30 2627 message = string_sprintf("a TLS session is required, but %s",
14de8063 2628 smtp_peer_options & OPTION_TLS
2d14f397 2629 ? "an attempt to start TLS failed" : "the server did not offer TLS support");
8d3dc239 2630# if defined(SUPPORT_DANE) && !defined(DISABLE_EVENT)
c4b57fdd 2631 if (sx->dane)
ee8b8090 2632 (void) event_raise(sx->conn_args.tblock->event_action, US"dane:fail",
c4b57fdd
JH		 2633 smtp_peer_options & OPTION_TLS
2634 ? US"validation-failure" /* could do with better detail */
2635 : US"starttls-not-supported");
2636# endif
0756eb3c
PH		 2637 goto TLS_FAILED;
2638 }
0e66b3b6 2639#endif /*SUPPORT_TLS*/
0756eb3c
PH		 2640
2641/* If TLS is active, we have just started it up and re-done the EHLO command,
2642so its response needs to be analyzed. If TLS is not active and this is a
2643continued session down a previously-used socket, we haven't just done EHLO, so
2644we skip this. */
2645
2646if (continue_hostname == NULL
a7538db1 2647#ifdef SUPPORT_TLS
74f1a423 2648 || tls_out.active.sock >= 0
a7538db1 2649#endif
0756eb3c
PH		 2650 )
2651 {
d093f8e5 2652 if (sx->esmtp || sx->lmtp)
2d14f397 2653 {
ee8b8090
JH		 2654#ifdef EXPERIMENTAL_PIPE_CONNECT
2655 if (!sx->early_pipe_active)
2656#endif
2657 {
e9166683 2658 sx->peer_offered = ehlo_response(sx->buffer,
d093f8e5 2659 0 /* no TLS */
ee8b8090
JH		 2660#ifdef EXPERIMENTAL_PIPE_CONNECT
2661 | (sx->lmtp && ob->lmtp_ignore_quota ? OPTION_IGNQ : 0)
2662 | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
2663 | OPTION_CHUNKING | OPTION_PRDR | OPTION_UTF8 | OPTION_REQUIRETLS
2664 | (tls_out.active.sock >= 0 ? OPTION_EARLY_PIPE : 0) /* not for lmtp */
2665
2666#else
2667
2668 | (sx->lmtp && ob->lmtp_ignore_quota ? OPTION_IGNQ : 0)
14de8063
JH		 2669 | OPTION_CHUNKING
2670 | OPTION_PRDR
ee8b8090 2671# ifdef SUPPORT_I18N
14de8063 2672 | (sx->addrlist->prop.utf8_msg ? OPTION_UTF8 : 0)
d093f8e5
JH		 2673 /*XXX if we hand peercaps on to continued-conn processes,
2674 must not depend on this addr */
ee8b8090 2675# endif
14de8063
JH		 2676 | OPTION_DSN
2677 | OPTION_PIPE
ee8b8090
JH		 2678 | (ob->size_addition >= 0 ? OPTION_SIZE : 0)
2679# if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
8ac90765 2680 | (tls_requiretls & REQUIRETLS_MSG ? OPTION_REQUIRETLS : 0)
ee8b8090 2681# endif
8ac90765 2682#endif
9094b84b 2683 );
ee8b8090
JH		 2684#ifdef EXPERIMENTAL_PIPE_CONNECT
2685 if (tls_out.active.sock >= 0)
2686 sx->ehlo_resp.crypted_features = sx->peer_offered;
2687#endif
2688 }
9094b84b 2689
2d14f397
JH		 2690 /* Set for IGNOREQUOTA if the response to LHLO specifies support and the
2691 lmtp_ignore_quota option was set. */
f1513293 2692
14de8063 2693 sx->igquotstr = sx->peer_offered & OPTION_IGNQ ? US" IGNOREQUOTA" : US"";
f1513293 2694
2d14f397
JH		 2695 /* If the response to EHLO specified support for the SIZE parameter, note
2696 this, provided size_addition is non-negative. */
f1513293 2697
14de8063 2698 smtp_peer_options |= sx->peer_offered & OPTION_SIZE;
0756eb3c 2699
2d14f397
JH		 2700 /* Note whether the server supports PIPELINING. If hosts_avoid_esmtp matched
2701 the current host, esmtp will be false, so PIPELINING can never be used. If
2702 the current host matches hosts_avoid_pipelining, don't do it. */
0756eb3c 2703
14de8063 2704 if ( sx->peer_offered & OPTION_PIPE
ee8b8090 2705 && verify_check_given_host(CUSS &ob->hosts_avoid_pipelining, sx->conn_args.host) != OK)
14de8063 2706 smtp_peer_options |= OPTION_PIPE;
0756eb3c 2707
2d14f397 2708 DEBUG(D_transport) debug_printf("%susing PIPELINING\n",
14de8063 2709 smtp_peer_options & OPTION_PIPE ? "" : "not ");
0756eb3c 2710
14de8063 2711 if ( sx->peer_offered & OPTION_CHUNKING
ee8b8090 2712 && verify_check_given_host(CUSS &ob->hosts_try_chunking, sx->conn_args.host) != OK)
14de8063 2713 sx->peer_offered &= ~OPTION_CHUNKING;
f98442df 2714
14de8063 2715 if (sx->peer_offered & OPTION_CHUNKING)
ee8b8090 2716 DEBUG(D_transport) debug_printf("CHUNKING usable\n");
0756eb3c 2717
8ccd00b1 2718#ifndef DISABLE_PRDR
14de8063 2719 if ( sx->peer_offered & OPTION_PRDR
ee8b8090 2720 && verify_check_given_host(CUSS &ob->hosts_try_prdr, sx->conn_args.host) != OK)
14de8063 2721 sx->peer_offered &= ~OPTION_PRDR;
fd98a5c6 2722
14de8063 2723 if (sx->peer_offered & OPTION_PRDR)
ee8b8090 2724 DEBUG(D_transport) debug_printf("PRDR usable\n");
fd98a5c6
JH		 2725#endif
2726
2d14f397 2727 /* Note if the server supports DSN */
14de8063 2728 smtp_peer_options |= sx->peer_offered & OPTION_DSN;
2d14f397 2729 DEBUG(D_transport) debug_printf("%susing DSN\n",
14de8063 2730 sx->peer_offered & OPTION_DSN ? "" : "not ");
6c1c3d1d 2731
8ac90765
JH		 2732#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
2733 if (sx->peer_offered & OPTION_REQUIRETLS)
2734 {
2735 smtp_peer_options |= OPTION_REQUIRETLS;
2736 DEBUG(D_transport) debug_printf(
2737 tls_requiretls & REQUIRETLS_MSG
2738 ? "using REQUIRETLS\n" : "REQUIRETLS offered\n");
2739 }
2740#endif
2741
ee8b8090
JH		 2742#ifdef EXPERIMENTAL_PIPE_CONNECT
2743 if ( sx->early_pipe_ok
2744 && !sx->early_pipe_active
2745 && tls_out.active.sock >= 0
2746 && smtp_peer_options & OPTION_PIPE
2747 && ( sx->ehlo_resp.cleartext_features | sx->ehlo_resp.crypted_features)
2748 & OPTION_EARLY_PIPE)
2749 {
2750 DEBUG(D_transport) debug_printf("PIPE_CONNECT usable in future for this IP\n");
2751 sx->ehlo_resp.crypted_auths = study_ehlo_auths(sx);
2752 write_ehlo_cache_entry(sx);
2753 }
2754#endif
2755
2d14f397
JH		 2756 /* Note if the response to EHLO specifies support for the AUTH extension.
2757 If it has, check that this host is one we want to authenticate to, and do
2758 the business. The host name and address must be available when the
2759 authenticator's client driver is running. */
0756eb3c 2760
ee8b8090 2761 switch (yield = smtp_auth(sx))
2d14f397
JH		 2762 {
2763 default: goto SEND_QUIT;
2764 case OK: break;
2765 case FAIL_SEND: goto SEND_FAILED;
2766 case FAIL: goto RESPONSE_FAILED;
2767 }
0756eb3c
PH		 2768 }
2769 }
7c576fca 2770sx->pipelining_used = pipelining_active = !!(smtp_peer_options & OPTION_PIPE);
0756eb3c
PH		 2771
2772/* The setting up of the SMTP call is now complete. Any subsequent errors are
2773message-specific. */
2774
d093f8e5 2775sx->setting_up = FALSE;
0756eb3c 2776
8c5d388a 2777#ifdef SUPPORT_I18N
d093f8e5 2778if (sx->addrlist->prop.utf8_msg)
9094b84b 2779 {
71c15846
JH		 2780 uschar * s;
2781
2782 /* If the transport sets a downconversion mode it overrides any set by ACL
2783 for the message. */
2784
ee8b8090 2785 if ((s = ob->utf8_downconvert))
71c15846
JH		 2786 {
2787 if (!(s = expand_string(s)))
2788 {
2789 message = string_sprintf("failed to expand utf8_downconvert: %s",
2790 expand_string_message);
2791 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
2792 yield = DEFER;
2793 goto SEND_QUIT;
2794 }
2795 switch (*s)
2796 {
2797 case '1': sx->addrlist->prop.utf8_downcvt = TRUE;
2798 sx->addrlist->prop.utf8_downcvt_maybe = FALSE;
2799 break;
2800 case '0': sx->addrlist->prop.utf8_downcvt = FALSE;
2801 sx->addrlist->prop.utf8_downcvt_maybe = FALSE;
2802 break;
2803 case '-': if (s[1] == '1')
2804 {
2805 sx->addrlist->prop.utf8_downcvt = FALSE;
2806 sx->addrlist->prop.utf8_downcvt_maybe = TRUE;
2807 }
2808 break;
2809 }
2810 }
2811
d093f8e5
JH		 2812 sx->utf8_needed = !sx->addrlist->prop.utf8_downcvt
2813 && !sx->addrlist->prop.utf8_downcvt_maybe;
2814 DEBUG(D_transport) if (!sx->utf8_needed)
59a286ef 2815 debug_printf("utf8: %s downconvert\n",
d093f8e5 2816 sx->addrlist->prop.utf8_downcvt ? "mandatory" : "optional");
9094b84b
JH		 2817 }
2818
7ade712c 2819/* If this is an international message we need the host to speak SMTPUTF8 */
14de8063 2820if (sx->utf8_needed && !(sx->peer_offered & OPTION_UTF8))
7ade712c
JH		 2821 {
2822 errno = ERRNO_UTF8_FWD;
2823 goto RESPONSE_FAILED;
2824 }
71c15846 2825#endif /*SUPPORT_I18N*/
7ade712c 2826
8ac90765
JH		 2827#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
2828 /*XXX should tls_requiretls actually be per-addr? */
2829
2830if ( tls_requiretls & REQUIRETLS_MSG
2831 && !(sx->peer_offered & OPTION_REQUIRETLS)
2832 )
2833 {
2834 sx->setting_up = TRUE;
2835 errno = ERRNO_REQUIRETLS;
2836 message = US"REQUIRETLS support is required from the server"
2837 " but it was not offered";
2838 DEBUG(D_transport) debug_printf("%s\n", message);
2839 goto TLS_FAILED;
2840 }
2841#endif
2842
d093f8e5
JH		 2843return OK;
2844
2845
2846 {
2847 int code;
d093f8e5
JH		 2848
2849 RESPONSE_FAILED:
d093f8e5 2850 message = NULL;
ee8b8090 2851 sx->send_quit = check_response(sx->conn_args.host, &errno, sx->addrlist->more_errno,
d093f8e5 2852 sx->buffer, &code, &message, &pass_message);
8ac90765 2853 yield = DEFER;
d093f8e5 2854 goto FAILED;
d093f8e5
JH		 2855
2856 SEND_FAILED:
d093f8e5
JH		 2857 code = '4';
2858 message = US string_sprintf("send() to %s [%s] failed: %s",
ee8b8090 2859 sx->conn_args.host->name, sx->conn_args.host->address, strerror(errno));
d093f8e5 2860 sx->send_quit = FALSE;
8ac90765 2861 yield = DEFER;
d093f8e5 2862 goto FAILED;
d093f8e5 2863
de6273b4
JH		 2864 EHLOHELO_FAILED:
2865 code = '4';
2866 message = string_sprintf("Remote host closed connection in response to %s"
2867 " (EHLO response was: %s)", smtp_command, sx->buffer);
2868 sx->send_quit = FALSE;
8ac90765 2869 yield = DEFER;
de6273b4
JH		 2870 goto FAILED;
2871
e5ab0ba9
JH		 2872 /* This label is jumped to directly when a TLS negotiation has failed,
2873 or was not done for a host for which it is required. Values will be set
2874 in message and errno, and setting_up will always be true. Treat as
2875 a temporary error. */
2876
d093f8e5
JH		 2877#ifdef SUPPORT_TLS
2878 TLS_FAILED:
8ac90765
JH		 2879# ifdef EXPERIMENTAL_REQUIRETLS
2880 if (errno == ERRNO_REQUIRETLS)
2881 code = '5', yield = FAIL;
2882 /*XXX DSN will be labelled 500; prefer 530 5.7.4 */
2883 else
2884# endif
2885 code = '4', yield = DEFER;
de6273b4 2886 goto FAILED;
d093f8e5
JH		 2887#endif
2888
2889 /* The failure happened while setting up the call; see if the failure was
2890 a 5xx response (this will either be on connection, or following HELO - a 5xx
e69636bc
JH		 2891 after EHLO causes it to try HELO). If so, and there are no more hosts to try,
2892 fail all addresses, as this host is never going to accept them. For other
2893 errors during setting up (timeouts or whatever), defer all addresses, and
2894 yield DEFER, so that the host is not tried again for a while.
2895
2896 XXX This peeking for another host feels like a layering violation. We want
2897 to note the host as unusable, but down here we shouldn't know if this was
2898 the last host to try for the addr(list). Perhaps the upper layer should be
2899 the one to do set_errno() ? The problem is that currently the addr is where
2900 errno etc. are stashed, but until we run out of hosts to try the errors are
2901 host-specific. Maybe we should enhance the host_item definition? */
d093f8e5 2902
de6273b4 2903FAILED:
d093f8e5 2904 sx->ok = FALSE; /* For when reached by GOTO */
e69636bc 2905 set_errno(sx->addrlist, errno, message,
ee8b8090 2906 sx->conn_args.host->next
e69636bc
JH		 2907 ? DEFER
2908 : code == '5'
d093f8e5 2909#ifdef SUPPORT_I18N
e69636bc 2910 || errno == ERRNO_UTF8_FWD
d093f8e5 2911#endif
e69636bc 2912 ? FAIL : DEFER,
ee8b8090 2913 pass_message, sx->conn_args.host
d093f8e5
JH		 2914#ifdef EXPERIMENTAL_DSN_INFO
2915 , sx->smtp_greeting, sx->helo_response
2916#endif
2917 );
2918 }
2919
2920
2921SEND_QUIT:
2922
2923if (sx->send_quit)
251b9eb4 2924 (void)smtp_write_command(sx, SCMD_FLUSH, "QUIT\r\n");
d093f8e5 2925
d093f8e5 2926#ifdef SUPPORT_TLS
74f1a423
JH		 2927if (sx->cctx.tls_ctx)
2928 {
2929 tls_close(sx->cctx.tls_ctx, TLS_SHUTDOWN_NOWAIT);
2930 sx->cctx.tls_ctx = NULL;
2931 }
d093f8e5
JH		 2932#endif
2933
2934/* Close the socket, and return the appropriate value, first setting
2935works because the NULL setting is passed back to the calling process, and
2936remote_max_parallel is forced to 1 when delivering over an existing connection,
b7d3afcf 2937*/
d093f8e5 2938
e1d04f48 2939HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP(close)>>\n");
d093f8e5
JH		 2940if (sx->send_quit)
2941 {
74f1a423
JH		 2942 shutdown(sx->cctx.sock, SHUT_WR);
2943 if (fcntl(sx->cctx.sock, F_SETFL, O_NONBLOCK) == 0)
2944 for (rc = 16; read(sx->cctx.sock, sx->inbuffer, sizeof(sx->inbuffer)) > 0 && rc > 0;)
d093f8e5 2945 rc--; /* drain socket */
02b41d71 2946 sx->send_quit = FALSE;
d093f8e5 2947 }
74f1a423
JH		 2948(void)close(sx->cctx.sock);
2949sx->cctx.sock = -1;
d093f8e5
JH		 2950
2951#ifndef DISABLE_EVENT
ee8b8090 2952(void) event_raise(sx->conn_args.tblock->event_action, US"tcp:close", NULL);
d093f8e5
JH		 2953#endif
2954
2955continue_transport = NULL;
2956continue_hostname = NULL;
2957return yield;
2958}
2959
2960
9be4572b
JH		 2961
2962
2963/* Create the string of options that will be appended to the MAIL FROM:
2964in the connection context buffer */
2965
2966static int
2967build_mailcmd_options(smtp_context * sx, address_item * addrlist)
2968{
2969uschar * p = sx->buffer;
2970address_item * addr;
2971int address_count;
2972
2973*p = 0;
2974
14de8063 2975/* If we know the receiving MTA supports the SIZE qualification, and we know it,
9be4572b
JH		 2976send it, adding something to the message size to allow for imprecision
2977and things that get added en route. Exim keeps the number of lines
2978in a message, so we can give an accurate value for the original message, but we
2979need some additional to handle added headers. (Double "." characters don't get
2980included in the count.) */
2981
14de8063
JH		 2982if ( message_size > 0
2983 && sx->peer_offered & OPTION_SIZE && !(sx->avoid_option & OPTION_SIZE))
9be4572b 2984 {
328c5688
JH		 2985/*XXX problem here under spool_files_wireformat?
2986Or just forget about lines? Or inflate by a fixed proportion? */
2987
ee8b8090 2988 sprintf(CS p, " SIZE=%d", message_size+message_linecount+(SOB sx->conn_args.ob)->size_addition);
9be4572b
JH		 2989 while (*p) p++;
2990 }
2991
2992#ifndef DISABLE_PRDR
aded2255 2993/* If it supports Per-Recipient Data Responses, and we have more than one recipient,
9be4572b
JH		 2994request that */
2995
2996sx->prdr_active = FALSE;
14de8063 2997if (sx->peer_offered & OPTION_PRDR)
9be4572b
JH		 2998 for (addr = addrlist; addr; addr = addr->next)
2999 if (addr->transport_return == PENDING_DEFER)
3000 {
3001 for (addr = addr->next; addr; addr = addr->next)
3002 if (addr->transport_return == PENDING_DEFER)
3003 { /* at least two recipients to send */
3004 sx->prdr_active = TRUE;
3005 sprintf(CS p, " PRDR"); p += 5;
3006 break;
3007 }
3008 break;
3009 }
3010#endif
3011
3012#ifdef SUPPORT_I18N
3013/* If it supports internationalised messages, and this meesage need that,
3014request it */
3015
14de8063 3016if ( sx->peer_offered & OPTION_UTF8
9be4572b
JH		 3017 && addrlist->prop.utf8_msg
3018 && !addrlist->prop.utf8_downcvt
3019 )
3020 Ustrcpy(p, " SMTPUTF8"), p += 9;
3021#endif
3022
8ac90765
JH		 3023#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
3024if (tls_requiretls & REQUIRETLS_MSG)
3025 Ustrcpy(p, " REQUIRETLS") , p += 11;
3026#endif
3027
9be4572b
JH		 3028/* check if all addresses have DSN-lasthop flag; do not send RET and ENVID if so */
3029for (sx->dsn_all_lasthop = TRUE, addr = addrlist, address_count = 0;
3030 addr && address_count < sx->max_rcpt;
3031 addr = addr->next) if (addr->transport_return == PENDING_DEFER)
3032 {
3033 address_count++;
3034 if (!(addr->dsn_flags & rf_dsnlasthop))
3035 {
3036 sx->dsn_all_lasthop = FALSE;
3037 break;
3038 }
3039 }
3040
3041/* Add any DSN flags to the mail command */
3042
14de8063 3043if (sx->peer_offered & OPTION_DSN && !sx->dsn_all_lasthop)
9be4572b
JH		 3044 {
3045 if (dsn_ret == dsn_ret_hdrs)
3046 { Ustrcpy(p, " RET=HDRS"); p += 9; }
3047 else if (dsn_ret == dsn_ret_full)
3048 { Ustrcpy(p, " RET=FULL"); p += 9; }
3049
3050 if (dsn_envid)
3051 {
3052 string_format(p, sizeof(sx->buffer) - (p-sx->buffer), " ENVID=%s", dsn_envid);
3053 while (*p) p++;
3054 }
3055 }
3056
3057/* If an authenticated_sender override has been specified for this transport
3058instance, expand it. If the expansion is forced to fail, and there was already
3059an authenticated_sender for this message, the original value will be used.
3060Other expansion failures are serious. An empty result is ignored, but there is
3061otherwise no check - this feature is expected to be used with LMTP and other
3062cases where non-standard addresses (e.g. without domains) might be required. */
3063
ee8b8090 3064if (smtp_mail_auth_str(p, sizeof(sx->buffer) - (p-sx->buffer), addrlist, sx->conn_args.ob))
9be4572b
JH		 3065 return ERROR;
3066
3067return OK;
3068}
3069
3070
3071static void
3072build_rcptcmd_options(smtp_context * sx, const address_item * addr)
3073{
3074uschar * p = sx->buffer;
3075*p = 0;
3076
3077/* Add any DSN flags to the rcpt command */
3078
14de8063 3079if (sx->peer_offered & OPTION_DSN && !(addr->dsn_flags & rf_dsnlasthop))
9be4572b
JH		 3080 {
3081 if (addr->dsn_flags & rf_dsnflags)
3082 {
3083 int i;
3084 BOOL first = TRUE;
3085
3086 Ustrcpy(p, " NOTIFY=");
3087 while (*p) p++;
3088 for (i = 0; i < nelem(rf_list); i++) if (addr->dsn_flags & rf_list[i])
3089 {
3090 if (!first) *p++ = ',';
3091 first = FALSE;
3092 Ustrcpy(p, rf_names[i]);
3093 while (*p) p++;
3094 }
3095 }
3096
3097 if (addr->dsn_orcpt)
3098 {
3099 string_format(p, sizeof(sx->buffer) - (p-sx->buffer), " ORCPT=%s",
3100 addr->dsn_orcpt);
3101 while (*p) p++;
3102 }
3103 }
3104}
3105
3106
d9c3c8ed
JH		 3107
3108/*
3109Return:
e9166683
JH		 3110 0 good, rcpt results in addr->transport_return (PENDING_OK, DEFER, FAIL)
3111 -1 MAIL response error
3112 -2 any non-MAIL read i/o error
3113 -3 non-MAIL response timeout
3114 -4 internal error; channel still usable
3115 -5 transmit failed
d9c3c8ed
JH		 3116 */
3117
3118int
3119smtp_write_mail_and_rcpt_cmds(smtp_context * sx, int * yield)
3120{
3121address_item * addr;
3122int address_count;
3123int rc;
3124
3125if (build_mailcmd_options(sx, sx->first_addr) != OK)
3126 {
3127 *yield = ERROR;
e9166683 3128 return -4;
d9c3c8ed
JH		 3129 }
3130
3131/* From here until we send the DATA command, we can make use of PIPELINING
3132if the server host supports it. The code has to be able to check the responses
3133at any point, for when the buffer fills up, so we write it totally generally.
3134When PIPELINING is off, each command written reports that it has flushed the
3135buffer. */
3136
3137sx->pending_MAIL = TRUE; /* The block starts with MAIL */
3138
3139 {
3140 uschar * s = sx->from_addr;
3141#ifdef SUPPORT_I18N
3142 uschar * errstr = NULL;
3143
3144 /* If we must downconvert, do the from-address here. Remember we had to
3145 for the to-addresses (done below), and also (ugly) for re-doing when building
3146 the delivery log line. */
3147
3148 if ( sx->addrlist->prop.utf8_msg
14de8063 3149 && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & OPTION_UTF8))
d9c3c8ed
JH		 3150 )
3151 {
3152 if (s = string_address_utf8_to_alabel(s, &errstr), errstr)
3153 {
3154 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, errstr, DEFER, FALSE);
3155 *yield = ERROR;
e9166683 3156 return -4;
d9c3c8ed
JH		 3157 }
3158 setflag(sx->addrlist, af_utf8_downcvt);
3159 }
3160#endif
3161
251b9eb4 3162 rc = smtp_write_command(sx, pipelining_active ? SCMD_BUFFER : SCMD_FLUSH,
d9c3c8ed
JH		 3163 "MAIL FROM:<%s>%s\r\n", s, sx->buffer);
3164 }
3165
3166mail_command = string_copy(big_buffer); /* Save for later error message */
3167
3168switch(rc)
3169 {
3170 case -1: /* Transmission error */
e9166683 3171 return -5;
d9c3c8ed 3172
df5b41e3 3173 case +1: /* Cmd was sent */
251b9eb4 3174 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
ee8b8090 3175 (SOB sx->conn_args.ob)->command_timeout))
d9c3c8ed
JH		 3176 {
3177 if (errno == 0 && sx->buffer[0] == '4')
3178 {
3179 errno = ERRNO_MAIL4XX;
3180 sx->addrlist->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
3181 }
3182 return -1;
3183 }
3184 sx->pending_MAIL = FALSE;
3185 break;
e9166683
JH		 3186
3187 /* otherwise zero: command queued for pipeline */
d9c3c8ed
JH		 3188 }
3189
3190/* Pass over all the relevant recipient addresses for this host, which are the
3191ones that have status PENDING_DEFER. If we are using PIPELINING, we can send
3192several before we have to read the responses for those seen so far. This
3193checking is done by a subroutine because it also needs to be done at the end.
3194Send only up to max_rcpt addresses at a time, leaving next_addr pointing to
3195the next one if not all are sent.
3196
3197In the MUA wrapper situation, we want to flush the PIPELINING buffer for the
3198last address because we want to abort if any recipients have any kind of
3199problem, temporary or permanent. We know that all recipient addresses will have
3200the PENDING_DEFER status, because only one attempt is ever made, and we know
e9166683
JH		 3201that max_rcpt will be large, so all addresses will be done at once.
3202
3203For verify we flush the pipeline after any (the only) rcpt address. */
d9c3c8ed
JH		 3204
3205for (addr = sx->first_addr, address_count = 0;
3206 addr && address_count < sx->max_rcpt;
3207 addr = addr->next) if (addr->transport_return == PENDING_DEFER)
3208 {
3209 int count;
3210 BOOL no_flush;
3211 uschar * rcpt_addr;
3212
14de8063 3213 addr->dsn_aware = sx->peer_offered & OPTION_DSN
d9c3c8ed
JH		 3214 ? dsn_support_yes : dsn_support_no;
3215
3216 address_count++;
4c2471ca
JH		 3217 no_flush = pipelining_active && !sx->verify
3218 && (!mua_wrapper || addr->next && address_count < sx->max_rcpt);
d9c3c8ed
JH		 3219
3220 build_rcptcmd_options(sx, addr);
3221
3222 /* Now send the RCPT command, and process outstanding responses when
3223 necessary. After a timeout on RCPT, we just end the function, leaving the
3224 yield as OK, because this error can often mean that there is a problem with
3225 just one address, so we don't want to delay the host. */
3226
ee8b8090 3227 rcpt_addr = transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes);
d9c3c8ed
JH		 3228
3229#ifdef SUPPORT_I18N
3230 if ( testflag(sx->addrlist, af_utf8_downcvt)
3231 && !(rcpt_addr = string_address_utf8_to_alabel(rcpt_addr, NULL))
3232 )
3233 {
3234 /*XXX could we use a per-address errstr here? Not fail the whole send? */
3235 errno = ERRNO_EXPANDFAIL;
e9166683 3236 return -5; /*XXX too harsh? */
d9c3c8ed
JH		 3237 }
3238#endif
3239
251b9eb4 3240 count = smtp_write_command(sx, no_flush ? SCMD_BUFFER : SCMD_FLUSH,
4e910c01 3241 "RCPT TO:<%s>%s%s\r\n", rcpt_addr, sx->igquotstr, sx->buffer);
d9c3c8ed 3242
e9166683 3243 if (count < 0) return -5;
d9c3c8ed
JH		 3244 if (count > 0)
3245 {
df5b41e3 3246 switch(sync_responses(sx, count, 0))
d9c3c8ed
JH		 3247 {
3248 case 3: sx->ok = TRUE; /* 2xx & 5xx => OK & progress made */
3249 case 2: sx->completed_addr = TRUE; /* 5xx (only) => progress made */
e9166683 3250 break;
d9c3c8ed
JH		 3251
3252 case 1: sx->ok = TRUE; /* 2xx (only) => OK, but if LMTP, */
3253 if (!sx->lmtp) /* can't tell about progress yet */
3254 sx->completed_addr = TRUE;
3255 case 0: /* No 2xx or 5xx, but no probs */
3256 break;
3257
e9166683
JH		 3258 case -1: return -3; /* Timeout on RCPT */
3259 case -2: return -2; /* non-MAIL read i/o error */
3260 default: return -1; /* any MAIL error */
ee8b8090
JH		 3261
3262#ifdef EXPERIMENTAL_PIPE_CONNECT
3263 case -4: return -1; /* non-2xx for pipelined banner or EHLO */
3264#endif
d9c3c8ed
JH		 3265 }
3266 sx->pending_MAIL = FALSE; /* Dealt with MAIL */
3267 }
3268 } /* Loop for next address */
3269
3270sx->next_addr = addr;
3271return 0;
3272}
3273
3274
875512a3
JH		 3275#ifdef SUPPORT_TLS
3276/*****************************************************
3277* Proxy TLS connection for another transport process *
3278******************************************************/
3279/*
d097cc73
JH		 3280Close the unused end of the pipe, fork once more, then use the given buffer
3281as a staging area, and select on both the given fd and the TLS'd client-fd for
3282data to read (per the coding in ip_recv() and fd_ready() this is legitimate).
3283Do blocking full-size writes, and reads under a timeout. Once both input
3284channels are closed, exit the process.
875512a3
JH		 3285
3286Arguments:
74f1a423 3287 ct_ctx tls context
57cc2785
JH		 3288 buf space to use for buffering
3289 bufsiz size of buffer
d097cc73 3290 pfd pipe filedescriptor array; [0] is comms to proxied process
875512a3
JH		 3291 timeout per-read timeout, seconds
3292*/
3293
57cc2785 3294void
74f1a423
JH		 3295smtp_proxy_tls(void * ct_ctx, uschar * buf, size_t bsize, int * pfd,
3296 int timeout)
875512a3 3297{
e47252f5 3298fd_set rfds, efds;
74f1a423 3299int max_fd = MAX(pfd[0], tls_out.active.sock) + 1;
875512a3
JH		 3300int rc, i, fd_bits, nbytes;
3301
d097cc73
JH		 3302close(pfd[1]);
3303if ((rc = fork()))
3304 {
3305 DEBUG(D_transport) debug_printf("proxy-proc final-pid %d\n", rc);
3306 _exit(rc < 0 ? EXIT_FAILURE : EXIT_SUCCESS);
3307 }