projects / exim.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tidying
[exim.git] / src / src / smtp_out.c
1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
4
5 /* Copyright (c) University of Cambridge 1995 - 2018 */
6 /* See the file NOTICE for conditions of use and distribution. */
7
8 /* A number of functions for driving outgoing SMTP calls. */
9
10
11 #include "exim.h"
12 #include "transports/smtp.h"
13
14
15
16 /*************************************************
17 * Find an outgoing interface *
18 *************************************************/
19
20 /* This function is called from the smtp transport and also from the callout
21 code in verify.c. Its job is to expand a string to get a list of interfaces,
22 and choose a suitable one (IPv4 or IPv6) for the outgoing address.
23
24 Arguments:
25 istring string interface setting, may be NULL, meaning "any", in
26 which case the function does nothing
27 host_af AF_INET or AF_INET6 for the outgoing IP address
28 addr the mail address being handled (for setting errors)
29 interface point this to the interface
30 msg to add to any error message
31
32 Returns: TRUE on success, FALSE on failure, with error message
33 set in addr and transport_return set to PANIC
34 */
35
36 BOOL
37 smtp_get_interface(uschar *istring, int host_af, address_item *addr,
38 uschar **interface, uschar *msg)
39 {
40 const uschar * expint;
41 uschar *iface;
42 int sep = 0;
43
44 if (!istring) return TRUE;
45
46 if (!(expint = expand_string(istring)))
47 {
48 if (f.expand_string_forcedfail) return TRUE;
49 addr->transport_return = PANIC;
50 addr->message = string_sprintf("failed to expand \"interface\" "
51 "option for %s: %s", msg, expand_string_message);
52 return FALSE;
53 }
54
55 while (isspace(*expint)) expint++;
56 if (*expint == 0) return TRUE;
57
58 while ((iface = string_nextinlist(&expint, &sep, big_buffer,
59 big_buffer_size)))
60 {
61 if (string_is_ip_address(iface, NULL) == 0)
62 {
63 addr->transport_return = PANIC;
64 addr->message = string_sprintf("\"%s\" is not a valid IP "
65 "address for the \"interface\" option for %s",
66 iface, msg);
67 return FALSE;
68 }
69
70 if (((Ustrchr(iface, ':') == NULL)? AF_INET:AF_INET6) == host_af)
71 break;
72 }
73
74 if (iface) *interface = string_copy(iface);
75 return TRUE;
76 }
77
78
79
80 /*************************************************
81 * Find an outgoing port *
82 *************************************************/
83
84 /* This function is called from the smtp transport and also from the callout
85 code in verify.c. Its job is to find a port number. Note that getservbyname()
86 produces the number in network byte order.
87
88 Arguments:
89 rstring raw (unexpanded) string representation of the port
90 addr the mail address being handled (for setting errors)
91 port stick the port in here
92 msg for adding to error message
93
94 Returns: TRUE on success, FALSE on failure, with error message set
95 in addr, and transport_return set to PANIC
96 */
97
98 BOOL
99 smtp_get_port(uschar *rstring, address_item *addr, int *port, uschar *msg)
100 {
101 uschar *pstring = expand_string(rstring);
102
103 if (!pstring)
104 {
105 addr->transport_return = PANIC;
106 addr->message = string_sprintf("failed to expand \"%s\" (\"port\" option) "
107 "for %s: %s", rstring, msg, expand_string_message);
108 return FALSE;
109 }
110
111 if (isdigit(*pstring))
112 {
113 uschar *end;
114 *port = Ustrtol(pstring, &end, 0);
115 if (end != pstring + Ustrlen(pstring))
116 {
117 addr->transport_return = PANIC;
118 addr->message = string_sprintf("invalid port number for %s: %s", msg,
119 pstring);
120 return FALSE;
121 }
122 }
123
124 else
125 {
126 struct servent *smtp_service = getservbyname(CS pstring, "tcp");
127 if (!smtp_service)
128 {
129 addr->transport_return = PANIC;
130 addr->message = string_sprintf("TCP port \"%s\" is not defined for %s",
131 pstring, msg);
132 return FALSE;
133 }
134 *port = ntohs(smtp_service->s_port);
135 }
136
137 return TRUE;
138 }
139
140
141
142
143 #ifdef TCP_FASTOPEN
144 static void
145 tfo_out_check(int sock)
146 {
147 # if defined(TCP_INFO) && defined(EXIM_HAVE_TCPI_UNACKED)
148 struct tcp_info tinfo;
149 socklen_t len = sizeof(tinfo);
150
151 if (getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0)
152 switch (tcp_out_fastopen)
153 {
154 /* This is a somewhat dubious detection method; totally undocumented so likely
155 to fail in future kernels. There seems to be no documented way. What we really
156 want to know is if the server sent smtp-banner data before our ACK of his SYN,ACK
157 hit him. What this (possibly?) detects is whether we sent a TFO cookie with our
158 SYN, as distinct from a TFO request. This gets a false-positive when the server
159 key is rotated; we send the old one (which this test sees) but the server returns
160 the new one and does not send its SMTP banner before we ACK his SYN,ACK.
161 To force that rotation case:
162 '# echo -n "00000000-00000000-00000000-0000000" >/proc/sys/net/ipv4/tcp_fastopen_key'
163 The kernel seems to be counting unack'd packets. */
164
165 case TFO_ATTEMPTED:
166 if (tinfo.tcpi_unacked > 1)
167 {
168 DEBUG(D_transport|D_v)
169 debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.tcpi_unacked);
170 tcp_out_fastopen = TFO_USED;
171 }
172 break;
173
174 # ifdef notdef /* This seems to always fire, meaning that we cannot tell
175 whether the server accepted data we sent. For now assume
176 that it did. */
177
178 /* If there was data-on-SYN but we had to retrasnmit it, declare no TFO */
179
180 case TFO_USED:
181 if (!(tinfo.tcpi_options & TCPI_OPT_SYN_DATA))
182 {
183 DEBUG(D_transport|D_v) debug_printf("TFO: had to retransmit\n");
184 tcp_out_fastopen = TFO_NOT_USED;
185 }
186 break;
187
188 default: break; /* compiler quietening */
189 # endif
190 }
191 # endif
192 }
193 #endif
194
195
196 /* Arguments as for smtp_connect(), plus
197 early_data if non-NULL, data to be sent - preferably in the TCP SYN segment
198
199 Returns: connected socket number, or -1 with errno set
200 */
201
202 int
203 smtp_sock_connect(host_item * host, int host_af, int port, uschar * interface,
204 transport_instance * tb, int timeout, const blob * early_data)
205 {
206 smtp_transport_options_block * ob =
207 (smtp_transport_options_block *)tb->options_block;
208 const uschar * dscp = ob->dscp;
209 int dscp_value;
210 int dscp_level;
211 int dscp_option;
212 int sock;
213 int save_errno = 0;
214 const blob * fastopen_blob = NULL;
215
216
217 #ifndef DISABLE_EVENT
218 deliver_host_address = host->address;
219 deliver_host_port = port;
220 if (event_raise(tb->event_action, US"tcp:connect", NULL)) return -1;
221 #endif
222
223 if ((sock = ip_socket(SOCK_STREAM, host_af)) < 0) return -1;
224
225 /* Set TCP_NODELAY; Exim does its own buffering. */
226
227 if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on)))
228 HDEBUG(D_transport|D_acl|D_v)
229 debug_printf_indent("failed to set NODELAY: %s ", strerror(errno));
230
231 /* Set DSCP value, if we can. For now, if we fail to set the value, we don't
232 bomb out, just log it and continue in default traffic class. */
233
234 if (dscp && dscp_lookup(dscp, host_af, &dscp_level, &dscp_option, &dscp_value))
235 {
236 HDEBUG(D_transport|D_acl|D_v)
237 debug_printf_indent("DSCP \"%s\"=%x ", dscp, dscp_value);
238 if (setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value)) < 0)
239 HDEBUG(D_transport|D_acl|D_v)
240 debug_printf_indent("failed to set DSCP: %s ", strerror(errno));
241 /* If the kernel supports IPv4 and IPv6 on an IPv6 socket, we need to set the
242 option for both; ignore failures here */
243 if (host_af == AF_INET6 &&
244 dscp_lookup(dscp, AF_INET, &dscp_level, &dscp_option, &dscp_value))
245 (void) setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value));
246 }
247
248 /* Bind to a specific interface if requested. Caller must ensure the interface
249 is the same type (IPv4 or IPv6) as the outgoing address. */
250
251 if (interface && ip_bind(sock, host_af, interface, 0) < 0)
252 {
253 save_errno = errno;
254 HDEBUG(D_transport|D_acl|D_v)
255 debug_printf_indent("unable to bind outgoing SMTP call to %s: %s", interface,
256 strerror(errno));
257 }
258
259 /* Connect to the remote host, and add keepalive to the socket before returning
260 it, if requested. If the build supports TFO, request it - and if the caller
261 requested some early-data then include that in the TFO request. */
262
263 else
264 {
265 #ifdef TCP_FASTOPEN
266 if (verify_check_given_host(CUSS &ob->hosts_try_fastopen, host) == OK)
267 fastopen_blob = early_data ? early_data : &tcp_fastopen_nodata;
268 #endif
269
270 if (ip_connect(sock, host_af, host->address, port, timeout, fastopen_blob) < 0)
271 save_errno = errno;
272 else if (early_data && !fastopen_blob && early_data->data && early_data->len)
273 if (send(sock, early_data->data, early_data->len, 0) < 0)
274 save_errno = errno;
275 }
276
277 /* Either bind() or connect() failed */
278
279 if (save_errno != 0)
280 {
281 HDEBUG(D_transport|D_acl|D_v)
282 {
283 debug_printf_indent("failed: %s", CUstrerror(save_errno));
284 if (save_errno == ETIMEDOUT)
285 debug_printf(" (timeout=%s)", readconf_printtime(timeout));
286 debug_printf("\n");
287 }
288 (void)close(sock);
289 errno = save_errno;
290 return -1;
291 }
292
293 /* Both bind() and connect() succeeded */
294
295 else
296 {
297 union sockaddr_46 interface_sock;
298 EXIM_SOCKLEN_T size = sizeof(interface_sock);
299 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent("connected\n");
300 if (getsockname(sock, (struct sockaddr *)(&interface_sock), &size) == 0)
301 sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
302 else
303 {
304 log_write(0, LOG_MAIN | ((errno == ECONNRESET)? 0 : LOG_PANIC),
305 "getsockname() failed: %s", strerror(errno));
306 close(sock);
307 return -1;
308 }
309 if (ob->keepalive) ip_keepalive(sock, host->address, TRUE);
310 #ifdef TCP_FASTOPEN
311 if (fastopen_blob) tfo_out_check(sock);
312 #endif
313 return sock;
314 }
315 }
316
317
318
319
320
321 void
322 smtp_port_for_connect(host_item * host, int port)
323 {
324 if (host->port != PORT_NONE)
325 {
326 HDEBUG(D_transport|D_acl|D_v)
327 debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
328 host->port);
329 port = host->port;
330 }
331 else host->port = port; /* Set the port actually used */
332 }
333
334
335 /*************************************************
336 * Connect to remote host *
337 *************************************************/
338
339 /* Create a socket, and connect it to a remote host. IPv6 addresses are
340 detected by checking for a colon in the address. AF_INET6 is defined even on
341 non-IPv6 systems, to enable the code to be less messy. However, on such systems
342 host->address will always be an IPv4 address.
343
344 Arguments:
345 host host item containing name and address and port
346 host_af AF_INET or AF_INET6
347 interface outgoing interface address or NULL
348 timeout timeout value or 0
349 tb transport
350
351 Returns: connected socket number, or -1 with errno set
352 */
353
354 int
355 smtp_connect(host_item *host, int host_af, uschar *interface,
356 int timeout, transport_instance * tb)
357 {
358 int port = host->port;
359 #ifdef SUPPORT_SOCKS
360 smtp_transport_options_block * ob =
361 (smtp_transport_options_block *)tb->options_block;
362 #endif
363
364 callout_address = string_sprintf("[%s]:%d", host->address, port);
365
366 HDEBUG(D_transport|D_acl|D_v)
367 {
368 uschar * s = US" ";
369 if (interface) s = string_sprintf(" from %s ", interface);
370 #ifdef SUPPORT_SOCKS
371 if (ob->socks_proxy) s = string_sprintf("%svia proxy ", s);
372 #endif
373 debug_printf_indent("Connecting to %s %s%s... ", host->name, callout_address, s);
374 }
375
376 /* Create and connect the socket */
377
378 #ifdef SUPPORT_SOCKS
379 if (ob->socks_proxy)
380 return socks_sock_connect(host, host_af, port, interface, tb, timeout);
381 #endif
382
383 return smtp_sock_connect(host, host_af, port, interface, tb, timeout, NULL);
384 }
385
386
387 /*************************************************
388 * Flush outgoing command buffer *
389 *************************************************/
390
391 /* This function is called only from smtp_write_command() below. It flushes
392 the buffer of outgoing commands. There is more than one in the buffer only when
393 pipelining.
394
395 Argument:
396 outblock the SMTP output block
397 mode further data expected, or plain
398
399 Returns: TRUE if OK, FALSE on error, with errno set
400 */
401
402 static BOOL
403 flush_buffer(smtp_outblock * outblock, int mode)
404 {
405 int rc;
406 int n = outblock->ptr - outblock->buffer;
407 BOOL more = mode == SCMD_MORE;
408
409 HDEBUG(D_transport|D_acl) debug_printf_indent("cmd buf flush %d bytes%s\n", n,
410 more ? " (more expected)" : "");
411
412 #ifdef SUPPORT_TLS
413 if (outblock->cctx->tls_ctx)
414 rc = tls_write(outblock->cctx->tls_ctx, outblock->buffer, n, more);
415 else
416 #endif
417 rc = send(outblock->cctx->sock, outblock->buffer, n,
418 #ifdef MSG_MORE
419 more ? MSG_MORE : 0
420 #else
421 0
422 #endif
423 );
424
425 if (rc <= 0)
426 {
427 HDEBUG(D_transport|D_acl) debug_printf_indent("send failed: %s\n", strerror(errno));
428 return FALSE;
429 }
430
431 outblock->ptr = outblock->buffer;
432 outblock->cmd_count = 0;
433 return TRUE;
434 }
435
436
437
438 /*************************************************
439 * Write SMTP command *
440 *************************************************/
441
442 /* The formatted command is left in big_buffer so that it can be reflected in
443 any error message.
444
445 Arguments:
446 sx SMTP connection, contains buffer for pipelining, and socket
447 mode buffer, write-with-more-likely, write
448 format a format, starting with one of
449 of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT.
450 If NULL, flush pipeline buffer only.
451 ... data for the format
452
453 Returns: 0 if command added to pipelining buffer, with nothing transmitted
454 +n if n commands transmitted (may still have buffered the new one)
455 -1 on error, with errno set
456 */
457
458 int
459 smtp_write_command(void * sx, int mode, const char *format, ...)
460 {
461 smtp_outblock * outblock = &((smtp_context *)sx)->outblock;
462 int count;
463 int rc = 0;
464 va_list ap;
465
466 if (format)
467 {
468 va_start(ap, format);
469 if (!string_vformat(big_buffer, big_buffer_size, CS format, ap))
470 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
471 "SMTP");
472 va_end(ap);
473 count = Ustrlen(big_buffer);
474
475 if (count > outblock->buffersize)
476 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
477 "SMTP");
478
479 if (count > outblock->buffersize - (outblock->ptr - outblock->buffer))
480 {
481 rc = outblock->cmd_count; /* flush resets */
482 if (!flush_buffer(outblock, SCMD_FLUSH)) return -1;
483 }
484
485 Ustrncpy(CS outblock->ptr, big_buffer, count);
486 outblock->ptr += count;
487 outblock->cmd_count++;
488 count -= 2;
489 big_buffer[count] = 0; /* remove \r\n for error message */
490
491 /* We want to hide the actual data sent in AUTH transactions from reflections
492 and logs. While authenticating, a flag is set in the outblock to enable this.
493 The AUTH command itself gets any data flattened. Other lines are flattened
494 completely. */
495
496 if (outblock->authenticating)
497 {
498 uschar *p = big_buffer;
499 if (Ustrncmp(big_buffer, "AUTH ", 5) == 0)
500 {
501 p += 5;
502 while (isspace(*p)) p++;
503 while (!isspace(*p)) p++;
504 while (isspace(*p)) p++;
505 }
506 while (*p != 0) *p++ = '*';
507 }
508
509 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> %s\n", big_buffer);
510 }
511
512 if (mode != SCMD_BUFFER)
513 {
514 rc += outblock->cmd_count; /* flush resets */
515 if (!flush_buffer(outblock, mode)) return -1;
516 }
517
518 return rc;
519 }
520
521
522
523 /*************************************************
524 * Read one line of SMTP response *
525 *************************************************/
526
527 /* This function reads one line of SMTP response from the server host. This may
528 not be a complete response - it could be just part of a multiline response. We
529 have to use a buffer for incoming packets, because when pipelining or using
530 LMTP, there may well be more than one response in a single packet. This
531 function is called only from the one that follows.
532
533 Arguments:
534 inblock the SMTP input block (contains holding buffer, socket, etc.)
535 buffer where to put the line
536 size space available for the line
537 timeout the timeout to use when reading a packet
538
539 Returns: length of a line that has been put in the buffer
540 -1 otherwise, with errno set
541 */
542
543 static int
544 read_response_line(smtp_inblock *inblock, uschar *buffer, int size, int timeout)
545 {
546 uschar *p = buffer;
547 uschar *ptr = inblock->ptr;
548 uschar *ptrend = inblock->ptrend;
549 client_conn_ctx * cctx = inblock->cctx;
550
551 /* Loop for reading multiple packets or reading another packet after emptying
552 a previously-read one. */
553
554 for (;;)
555 {
556 int rc;
557
558 /* If there is data in the input buffer left over from last time, copy
559 characters from it until the end of a line, at which point we can return,
560 having removed any whitespace (which will include CR) at the end of the line.
561 The rules for SMTP say that lines end in CRLF, but there are have been cases
562 of hosts using just LF, and other MTAs are reported to handle this, so we
563 just look for LF. If we run out of characters before the end of a line,
564 carry on to read the next incoming packet. */
565
566 while (ptr < ptrend)
567 {
568 int c = *ptr++;
569 if (c == '\n')
570 {
571 while (p > buffer && isspace(p[-1])) p--;
572 *p = 0;
573 inblock->ptr = ptr;
574 return p - buffer;
575 }
576 *p++ = c;
577 if (--size < 4)
578 {
579 *p = 0; /* Leave malformed line for error message */
580 errno = ERRNO_SMTPFORMAT;
581 return -1;
582 }
583 }
584
585 /* Need to read a new input packet. */
586
587 if((rc = ip_recv(cctx, inblock->buffer, inblock->buffersize, timeout)) <= 0)
588 {
589 DEBUG(D_deliver|D_transport|D_acl)
590 debug_printf_indent(errno ? " SMTP(%s)<<\n" : " SMTP(closed)<<\n",
591 strerror(errno));
592 break;
593 }
594
595 /* Another block of data has been successfully read. Set up the pointers
596 and let the loop continue. */
597
598 ptrend = inblock->ptrend = inblock->buffer + rc;
599 ptr = inblock->buffer;
600 DEBUG(D_transport|D_acl) debug_printf_indent("read response data: size=%d\n", rc);
601 }
602
603 /* Get here if there has been some kind of recv() error; errno is set, but we
604 ensure that the result buffer is empty before returning. */
605
606 *buffer = 0;
607 return -1;
608 }
609
610
611
612
613
614 /*************************************************
615 * Read SMTP response *
616 *************************************************/
617
618 /* This function reads an SMTP response with a timeout, and returns the
619 response in the given buffer, as a string. A multiline response will contain
620 newline characters between the lines. The function also analyzes the first
621 digit of the reply code and returns FALSE if it is not acceptable. FALSE is
622 also returned after a reading error. In this case buffer[0] will be zero, and
623 the error code will be in errno.
624
625 Arguments:
626 sx the SMTP connection (contains input block with holding buffer,
627 socket, etc.)
628 buffer where to put the response
629 size the size of the buffer
630 okdigit the expected first digit of the response
631 timeout the timeout to use, in seconds
632
633 Returns: TRUE if a valid, non-error response was received; else FALSE
634 */
635
636 BOOL
637 smtp_read_response(void * sx, uschar *buffer, int size, int okdigit,
638 int timeout)
639 {
640 smtp_inblock * inblock = &((smtp_context *)sx)->inblock;
641 uschar *ptr = buffer;
642 int count;
643
644 errno = 0; /* Ensure errno starts out zero */
645
646 /* This is a loop to read and concatenate the lines that make up a multi-line
647 response. */
648
649 for (;;)
650 {
651 if ((count = read_response_line(inblock, ptr, size, timeout)) < 0)
652 return FALSE;
653
654 HDEBUG(D_transport|D_acl|D_v)
655 debug_printf_indent(" %s %s\n", (ptr == buffer)? "SMTP<<" : " ", ptr);
656
657 /* Check the format of the response: it must start with three digits; if
658 these are followed by a space or end of line, the response is complete. If
659 they are followed by '-' this is a multi-line response and we must look for
660 another line until the final line is reached. The only use made of multi-line
661 responses is to pass them back as error messages. We therefore just
662 concatenate them all within the buffer, which should be large enough to
663 accept any reasonable number of lines. */
664
665 if (count < 3 ||
666 !isdigit(ptr[0]) ||
667 !isdigit(ptr[1]) ||
668 !isdigit(ptr[2]) ||
669 (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0))
670 {
671 errno = ERRNO_SMTPFORMAT; /* format error */
672 return FALSE;
673 }
674
675 /* If the line we have just read is a terminal line, line, we are done.
676 Otherwise more data has to be read. */
677
678 if (ptr[3] != '-') break;
679
680 /* Move the reading pointer upwards in the buffer and insert \n between the
681 components of a multiline response. Space is left for this by read_response_
682 line(). */
683
684 ptr += count;
685 *ptr++ = '\n';
686 size -= count + 1;
687 }
688
689 /* Return a value that depends on the SMTP return code. On some systems a
690 non-zero value of errno has been seen at this point, so ensure it is zero,
691 because the caller of this function looks at errno when FALSE is returned, to
692 distinguish between an unexpected return code and other errors such as
693 timeouts, lost connections, etc. */
694
695 errno = 0;
696 return buffer[0] == okdigit;
697 }
698
699 /* End of smtp_out.c */
700 /* vi: aw ai sw=2
701 */
Unnamed repository; edit this file 'description' to name the repository.