-/* $Cambridge: exim/src/src/smtp_in.c,v 1.8 2005/01/04 10:00:42 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.32 2006/02/13 16:23:57 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2006 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions for handling an incoming SMTP call. */
#endif
-/* Size of buffer for reading SMTP commands */
+/* Size of buffer for reading SMTP commands. We used to use 512, as defined
+by RFC 821. However, RFC 1869 specifies that this must be increased for SMTP
+commands that accept arguments, and this in particular applies to AUTH, where
+the data can be quite long. */
-#define cmd_buffer_size 512 /* Ref. RFC 821 */
+#define smtp_cmd_buffer_size 2048
/* Size of buffer for reading SMTP incoming packets */
static int sync_cmd_limit;
static int smtp_write_error = 0;
-static uschar *smtp_data;
-
-static uschar *cmd_buffer;
-
/* We need to know the position of RSET, HELO, EHLO, AUTH, and STARTTLS. Their
final fields of all except AUTH are forced TRUE at the start of a new message
setup, to allow one of each between messages that is not counted as a nonmail
There are sites that don't do this, and in any case internal SMTP probably
should check only for LF. Consequently, we check here for LF only. The line
ends up with [CR]LF removed from its end. If we get an overlong line, treat as
-an unknown command. The command is read into the static cmd_buffer.
+an unknown command. The command is read into the global smtp_cmd_buffer so that
+it is available via $smtp_command.
The character reading routine sets up a timeout for each block actually read
from the input (which may contain more than one command). We set up a special
while ((c = (receive_getc)()) != '\n' && c != EOF)
{
- if (ptr >= cmd_buffer_size)
+ if (ptr >= smtp_cmd_buffer_size)
{
os_non_restarting_signal(SIGALRM, sigalrm_handler);
return OTHER_CMD;
hadnull = TRUE;
c = '?';
}
- cmd_buffer[ptr++] = c;
+ smtp_cmd_buffer[ptr++] = c;
}
receive_linecount++; /* For BSMTP errors */
/* Remove any CR and white space at the end of the line, and terminate the
string. */
-while (ptr > 0 && isspace(cmd_buffer[ptr-1])) ptr--;
-cmd_buffer[ptr] = 0;
+while (ptr > 0 && isspace(smtp_cmd_buffer[ptr-1])) ptr--;
+smtp_cmd_buffer[ptr] = 0;
-DEBUG(D_receive) debug_printf("SMTP<< %s\n", cmd_buffer);
+DEBUG(D_receive) debug_printf("SMTP<< %s\n", smtp_cmd_buffer);
/* NULLs are not allowed in SMTP commands */
for (p = cmd_list; p < cmd_list_end; p++)
{
- if (strncmpic(cmd_buffer, US p->name, p->len) == 0)
+ if (strncmpic(smtp_cmd_buffer, US p->name, p->len) == 0)
{
if (smtp_inptr < smtp_inend && /* Outstanding input */
p->cmd < sync_cmd_limit && /* Command should sync */
the following test, so that if it fails, the command name can easily be
logged. */
- smtp_data = cmd_buffer + p->len;
+ smtp_cmd_argument = smtp_cmd_buffer + p->len;
/* Count non-mail commands from those hosts that are controlled in this
way. The default is all hosts. We don't waste effort checking the list
return TOO_MANY_NONMAIL_CMD;
}
- /* Get the data pointer over leading spaces and return; if there is no data
- for a command that expects it, we give the error centrally here. */
+ /* Get the data pointer over leading spaces and return; if there is data
+ for a command that does not expect it, give the error centrally here. */
- while (isspace(*smtp_data)) smtp_data++;
- return (p->has_arg || *smtp_data == 0)? p->cmd : BADARG_CMD;
+ while (isspace(*smtp_cmd_argument)) smtp_cmd_argument++;
+ return (p->has_arg || *smtp_cmd_argument == 0)? p->cmd : BADARG_CMD;
}
}
/* This function is called when logging information about an SMTP connection.
It sets up appropriate source information, depending on the type of connection.
+If sender_fullhost is NULL, we are at a very early stage of the connection;
+just use the IP address.
Argument: none
Returns: a string describing the connection
uschar *
smtp_get_connection_info(void)
{
+uschar *hostname = (sender_fullhost == NULL)?
+ sender_host_address : sender_fullhost;
+
if (host_checking)
- return string_sprintf("SMTP connection from %s", sender_fullhost);
+ return string_sprintf("SMTP connection from %s", hostname);
if (sender_host_unknown || sender_host_notsocket)
return string_sprintf("SMTP connection from %s", sender_ident);
if (is_inetd)
- return string_sprintf("SMTP connection from %s (via inetd)", sender_fullhost);
+ return string_sprintf("SMTP connection from %s (via inetd)", hostname);
if ((log_extra_selector & LX_incoming_interface) != 0 &&
interface_address != NULL)
- return string_sprintf("SMTP connection from %s I=[%s]:%d", sender_fullhost,
+ return string_sprintf("SMTP connection from %s I=[%s]:%d", hostname,
interface_address, interface_port);
-return string_sprintf("SMTP connection from %s", sender_fullhost);
+return string_sprintf("SMTP connection from %s", hostname);
}
* Extract SMTP command option *
*************************************************/
-/* This function picks the next option setting off the end of smtp_data. It
+/* This function picks the next option setting off the end of smtp_cmd_argument. It
is called for MAIL FROM and RCPT TO commands, to pick off the optional ESMTP
things that can appear there.
extract_option(uschar **name, uschar **value)
{
uschar *n;
-uschar *v = smtp_data + Ustrlen(smtp_data) -1;
+uschar *v = smtp_cmd_argument + Ustrlen(smtp_cmd_argument) -1;
while (isspace(*v)) v--;
v[1] = 0;
-while (v > smtp_data && *v != '=' && !isspace(*v)) v--;
+while (v > smtp_cmd_argument && *v != '=' && !isspace(*v)) v--;
if (*v != '=') return FALSE;
n = v;
recipients_list = NULL;
rcpt_count = rcpt_defer_count = rcpt_fail_count =
raw_recipients_count = recipients_count = recipients_list_max = 0;
+message_linecount = 0;
message_size = -1;
acl_warn_headers = NULL;
queue_only_policy = FALSE;
deliver_freeze = FALSE; /* Can be set by ACL */
-fake_reject = FALSE; /* Can be set by ACL */
+freeze_tell = freeze_tell_config; /* Can be set by ACL */
+fake_response = OK; /* Can be set by ACL */
#ifdef WITH_CONTENT_SCAN
no_mbox_unspool = FALSE; /* Can be set by ACL */
#endif
submission_mode = FALSE; /* Can be set by ACL */
+suppress_local_fixups = FALSE; /* Can be set by ACL */
active_local_from_check = local_from_check; /* Can be set by ACL */
active_local_sender_retain = local_sender_retain; /* Can be set by ACL */
sender_address = NULL;
+submission_name = NULL; /* Can be set by ACL */
raw_sender = NULL; /* After SMTP rewrite, before qualifying */
sender_address_unrewritten = NULL; /* Set only after verify rewrite */
sender_verified_list = NULL; /* No senders verified */
bmi_run = 0;
bmi_verdicts = NULL;
#endif
+#ifdef EXPERIMENTAL_DOMAINKEYS
+dk_do_verify = 0;
+#endif
#ifdef EXPERIMENTAL_SPF
spf_header_comment = NULL;
spf_received = NULL;
-spf_result = NULL;
+spf_result = NULL;
spf_smtp_comment = NULL;
#endif
body_linecount = body_zerocount = 0;
-for (i = 0; i < ACL_M_MAX; i++) acl_var[ACL_C_MAX + i] = NULL;
+sender_rate = sender_rate_limit = sender_rate_period = NULL;
+ratelimiters_mail = NULL; /* Updated by ratelimit ACL condition */
+ /* Note that ratelimiters_conn persists across resets. */
+
+/* The message variables follow the connection variables. */
+
+for (i = 0; i < ACL_MVARS; i++) acl_var[ACL_CVARS + i] = NULL;
/* The message body variables use malloc store. They may be set if this is
not the first message in an SMTP session and the previous message caused them
case HELO_CMD:
case EHLO_CMD:
- check_helo(smtp_data);
+ check_helo(smtp_cmd_argument);
/* Fall through */
case RSET_CMD:
case MAIL_CMD:
if (sender_address != NULL)
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "503 Sender already given");
+ moan_smtp_batch(smtp_cmd_buffer, "503 Sender already given");
- if (smtp_data[0] == 0)
+ if (smtp_cmd_argument[0] == 0)
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "501 MAIL FROM must have an address operand");
+ moan_smtp_batch(smtp_cmd_buffer, "501 MAIL FROM must have an address operand");
/* Reset to start of message */
/* Apply SMTP rewrite */
raw_sender = ((rewrite_existflags & rewrite_smtp) != 0)?
- rewrite_one(smtp_data, rewrite_smtp|rewrite_smtp_sender, NULL, FALSE,
- US"", global_rewrite_rules) : smtp_data;
+ rewrite_one(smtp_cmd_argument, rewrite_smtp|rewrite_smtp_sender, NULL, FALSE,
+ US"", global_rewrite_rules) : smtp_cmd_argument;
/* Extract the address; the TRUE flag allows <> as valid */
if (raw_sender == NULL)
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "501 %s", errmess);
+ moan_smtp_batch(smtp_cmd_buffer, "501 %s", errmess);
sender_address = string_copy(raw_sender);
"and rewritten\n", raw_sender);
}
/* The function moan_smtp_batch() does not return. */
- else moan_smtp_batch(cmd_buffer, "501 sender address must contain "
+ else moan_smtp_batch(smtp_cmd_buffer, "501 sender address must contain "
"a domain");
}
break;
case RCPT_CMD:
if (sender_address == NULL)
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "503 No sender yet given");
+ moan_smtp_batch(smtp_cmd_buffer, "503 No sender yet given");
- if (smtp_data[0] == 0)
+ if (smtp_cmd_argument[0] == 0)
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "501 RCPT TO must have an address operand");
+ moan_smtp_batch(smtp_cmd_buffer, "501 RCPT TO must have an address operand");
/* Check maximum number allowed */
if (recipients_max > 0 && recipients_count + 1 > recipients_max)
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "%s too many recipients",
+ moan_smtp_batch(smtp_cmd_buffer, "%s too many recipients",
recipients_max_reject? "552": "452");
/* Apply SMTP rewrite, then extract address. Don't allow "<>" as a
recipient address */
recipient = ((rewrite_existflags & rewrite_smtp) != 0)?
- rewrite_one(smtp_data, rewrite_smtp, NULL, FALSE, US"",
- global_rewrite_rules) : smtp_data;
+ rewrite_one(smtp_cmd_argument, rewrite_smtp, NULL, FALSE, US"",
+ global_rewrite_rules) : smtp_cmd_argument;
/* rfc821_domains = TRUE; << no longer needed */
recipient = parse_extract_address(recipient, &errmess, &start, &end,
if (recipient == NULL)
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "501 %s", errmess);
+ moan_smtp_batch(smtp_cmd_buffer, "501 %s", errmess);
/* If the recipient address is unqualified, qualify it if permitted. Then
add it to the list of recipients. */
recipient = rewrite_address_qualify(recipient, TRUE);
}
/* The function moan_smtp_batch() does not return. */
- else moan_smtp_batch(cmd_buffer, "501 recipient address must contain "
+ else moan_smtp_batch(smtp_cmd_buffer, "501 recipient address must contain "
"a domain");
}
receive_add_recipient(recipient, -1);
{
/* The function moan_smtp_batch() does not return. */
if (sender_address == NULL)
- moan_smtp_batch(cmd_buffer,
+ moan_smtp_batch(smtp_cmd_buffer,
"503 MAIL FROM:<sender> command must precede DATA");
else
- moan_smtp_batch(cmd_buffer,
+ moan_smtp_batch(smtp_cmd_buffer,
"503 RCPT TO:<recipient> must precede DATA");
}
else
case BADARG_CMD:
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "501 Unexpected argument data");
+ moan_smtp_batch(smtp_cmd_buffer, "501 Unexpected argument data");
break;
case BADCHAR_CMD:
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "501 Unexpected NULL in SMTP command");
+ moan_smtp_batch(smtp_cmd_buffer, "501 Unexpected NULL in SMTP command");
break;
default:
/* The function moan_smtp_batch() does not return. */
- moan_smtp_batch(cmd_buffer, "500 Command unrecognized");
+ moan_smtp_batch(smtp_cmd_buffer, "500 Command unrecognized");
break;
}
}
int i, ptr;
uschar *p, *s, *ss;
+/* Default values for certain variables */
+
helo_seen = esmtp = helo_accept_junk = FALSE;
count_nonmail = TRUE_UNSET;
synprot_error_count = unknown_command_count = nonmail_command_count = 0;
/* Reset ACL connection variables */
-for (i = 0; i < ACL_C_MAX; i++) acl_var[i] = NULL;
+for (i = 0; i < ACL_CVARS; i++) acl_var[i] = NULL;
+
+/* Allow for trailing 0 in the command buffer. */
-cmd_buffer = (uschar *)malloc(cmd_buffer_size + 1); /* allow for trailing 0 */
-if (cmd_buffer == NULL)
+smtp_cmd_buffer = (uschar *)malloc(smtp_cmd_buffer_size + 1);
+if (smtp_cmd_buffer == NULL)
log_write(0, LOG_MAIN|LOG_PANIC_DIE,
"malloc() failed for SMTP command buffer");
if (!host_checking && !sender_host_notsocket)
{
#if OPTSTYLE == 1
- SOCKLEN_T optlen = sizeof(struct ip_options) + MAX_IPOPTLEN;
+ EXIM_SOCKLEN_T optlen = sizeof(struct ip_options) + MAX_IPOPTLEN;
struct ip_options *ipopt = store_get(optlen);
#elif OPTSTYLE == 2
struct ip_opts ipoptblock;
struct ip_opts *ipopt = &ipoptblock;
- SOCKLEN_T optlen = sizeof(ipoptblock);
+ EXIM_SOCKLEN_T optlen = sizeof(ipoptblock);
#else
struct ipoption ipoptblock;
struct ipoption *ipopt = &ipoptblock;
- SOCKLEN_T optlen = sizeof(ipoptblock);
+ EXIM_SOCKLEN_T optlen = sizeof(ipoptblock);
#endif
/* Occasional genuine failures of getsockopt() have been seen - for
{
int rc;
uschar *user_msg, *log_msg;
- smtp_data = US"in \"connect\" ACL"; /* For logged failure message */
- rc = acl_check(ACL_WHERE_CONNECT, US"", acl_smtp_connect, &user_msg,
+ rc = acl_check(ACL_WHERE_CONNECT, NULL, acl_smtp_connect, &user_msg,
&log_msg);
if (rc != OK)
{
if (select(fileno(smtp_in) + 1, (SELECT_ARG2_TYPE *)&fds, NULL, NULL,
&tzero) > 0)
{
- log_write(0, LOG_MAIN|LOG_REJECT, "SMTP protocol violation: "
- "synchronization error (input sent without waiting for greeting): "
- "rejected connection from %s", host_and_ident(TRUE));
- smtp_printf("554 SMTP synchronization error\r\n");
- return FALSE;
+ int rc = read(fileno(smtp_in), smtp_inbuffer, in_buffer_size);
+ if (rc > 0)
+ {
+ if (rc > 150) rc = 150;
+ smtp_inbuffer[rc] = 0;
+ log_write(0, LOG_MAIN|LOG_REJECT, "SMTP protocol "
+ "synchronization error (input sent without waiting for greeting): "
+ "rejected connection from %s input=\"%s\"", host_and_ident(TRUE),
+ string_printing(smtp_inbuffer));
+ smtp_printf("554 SMTP synchronization error\r\n");
+ return FALSE;
+ }
}
}
log_write(type, LOG_MAIN, "SMTP %s error in \"%s\" %s %s",
(type == L_smtp_syntax_error)? "syntax" : "protocol",
- string_printing(cmd_buffer), host_and_ident(TRUE), errmess);
+ string_printing(smtp_cmd_buffer), host_and_ident(TRUE), errmess);
if (++synprot_error_count > smtp_max_synprot_errors)
{
yield = 1;
log_write(0, LOG_MAIN|LOG_REJECT, "SMTP call from %s dropped: too many "
"syntax or protocol errors (last command was \"%s\")",
- host_and_ident(FALSE), cmd_buffer);
+ host_and_ident(FALSE), smtp_cmd_buffer);
}
if (code > 0)
BOOL drop = rc == FAIL_DROP;
uschar *lognl;
uschar *sender_info = US"";
-uschar *what = (where == ACL_WHERE_PREDATA)? US"DATA" :
+uschar *what =
#ifdef WITH_CONTENT_SCAN
- (where == ACL_WHERE_MIME)? US"during MIME ACL checks" :
-#endif
- (where == ACL_WHERE_DATA)? US"after DATA" :
- string_sprintf("%s %s", acl_wherenames[where], smtp_data);
+ (where == ACL_WHERE_MIME)? US"during MIME ACL checks" :
+#endif
+ (where == ACL_WHERE_PREDATA)? US"DATA" :
+ (where == ACL_WHERE_DATA)? US"after DATA" :
+ (smtp_cmd_argument == NULL)?
+ string_sprintf("%s in \"connect\" ACL", acl_wherenames[where]) :
+ string_sprintf("%s %s", acl_wherenames[where], smtp_cmd_argument);
if (drop) rc = FAIL;
+/*************************************************
+* Verify HELO argument *
+*************************************************/
+
+/* This function is called if helo_verify_hosts or helo_try_verify_hosts is
+matched. It is also called from ACL processing if verify = helo is used and
+verification was not previously tried (i.e. helo_try_verify_hosts was not
+matched). The result of its processing is to set helo_verified and
+helo_verify_failed. These variables should both be FALSE for this function to
+be called.
+
+Note that EHLO/HELO is legitimately allowed to quote an address literal. Allow
+for IPv6 ::ffff: literals.
+
+Argument: none
+Returns: TRUE if testing was completed;
+ FALSE on a temporary failure
+*/
+
+BOOL
+smtp_verify_helo(void)
+{
+BOOL yield = TRUE;
+
+HDEBUG(D_receive) debug_printf("verifying EHLO/HELO argument \"%s\"\n",
+ sender_helo_name);
+
+if (sender_helo_name == NULL)
+ {
+ HDEBUG(D_receive) debug_printf("no EHLO/HELO command was issued\n");
+ }
+
+else if (sender_helo_name[0] == '[')
+ {
+ helo_verified = Ustrncmp(sender_helo_name+1, sender_host_address,
+ Ustrlen(sender_host_address)) == 0;
+
+ #if HAVE_IPV6
+ if (!helo_verified)
+ {
+ if (strncmpic(sender_host_address, US"::ffff:", 7) == 0)
+ helo_verified = Ustrncmp(sender_helo_name + 1,
+ sender_host_address + 7, Ustrlen(sender_host_address) - 7) == 0;
+ }
+ #endif
+
+ HDEBUG(D_receive)
+ { if (helo_verified) debug_printf("matched host address\n"); }
+ }
+
+/* Do a reverse lookup if one hasn't already given a positive or negative
+response. If that fails, or the name doesn't match, try checking with a forward
+lookup. */
+
+else
+ {
+ if (sender_host_name == NULL && !host_lookup_failed)
+ yield = host_name_lookup() != DEFER;
+
+ /* If a host name is known, check it and all its aliases. */
+
+ if (sender_host_name != NULL)
+ {
+ helo_verified = strcmpic(sender_host_name, sender_helo_name) == 0;
+
+ if (helo_verified)
+ {
+ HDEBUG(D_receive) debug_printf("matched host name\n");
+ }
+ else
+ {
+ uschar **aliases = sender_host_aliases;
+ while (*aliases != NULL)
+ {
+ helo_verified = strcmpic(*aliases++, sender_helo_name) == 0;
+ if (helo_verified) break;
+ }
+ HDEBUG(D_receive)
+ {
+ if (helo_verified)
+ debug_printf("matched alias %s\n", *(--aliases));
+ }
+ }
+ }
+
+ /* Final attempt: try a forward lookup of the helo name */
+
+ if (!helo_verified)
+ {
+ int rc;
+ host_item h;
+ h.name = sender_helo_name;
+ h.address = NULL;
+ h.mx = MX_NONE;
+ h.next = NULL;
+ HDEBUG(D_receive) debug_printf("getting IP address for %s\n",
+ sender_helo_name);
+ rc = host_find_byname(&h, NULL, NULL, TRUE);
+ if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
+ {
+ host_item *hh = &h;
+ while (hh != NULL)
+ {
+ if (Ustrcmp(hh->address, sender_host_address) == 0)
+ {
+ helo_verified = TRUE;
+ HDEBUG(D_receive)
+ debug_printf("IP address for %s matches calling address\n",
+ sender_helo_name);
+ break;
+ }
+ hh = hh->next;
+ }
+ }
+ }
+ }
+
+if (!helo_verified) helo_verify_failed = FALSE; /* We've tried ... */
+return yield;
+}
+
+
+
+
/*************************************************
* Initialize for SMTP incoming message *
*************************************************/
pid_t pid;
int start, end, sender_domain, recipient_domain;
int ptr, size, rc;
- int c;
+ int c, i;
auth_instance *au;
switch(smtp_read_command(TRUE))
if (acl_smtp_auth != NULL)
{
- rc = acl_check(ACL_WHERE_AUTH, smtp_data, acl_smtp_auth, &user_msg,
- &log_msg);
+ rc = acl_check(ACL_WHERE_AUTH, NULL, acl_smtp_auth, &user_msg, &log_msg);
if (rc != OK)
{
done = smtp_handle_acl_fail(ACL_WHERE_AUTH, rc, user_msg, log_msg);
/* Find the name of the requested authentication mechanism. */
- s = smtp_data;
- while ((c = *smtp_data) != 0 && !isspace(c))
+ s = smtp_cmd_argument;
+ while ((c = *smtp_cmd_argument) != 0 && !isspace(c))
{
if (!isalnum(c) && c != '-' && c != '_')
{
US"invalid character in authentication mechanism name");
goto COMMAND_LOOP;
}
- smtp_data++;
+ smtp_cmd_argument++;
}
/* If not at the end of the line, we must be at white space. Terminate the
name and move the pointer on to any data that may be present. */
- if (*smtp_data != 0)
+ if (*smtp_cmd_argument != 0)
{
- *smtp_data++ = 0;
- while (isspace(*smtp_data)) smtp_data++;
+ *smtp_cmd_argument++ = 0;
+ while (isspace(*smtp_cmd_argument)) smtp_cmd_argument++;
}
/* Search for an authentication mechanism which is configured for use
break;
}
- /* Run the checking code, passing the remainder of the command
- line as data. Initialize $0 empty. The authenticator may set up
- other numeric variables. Afterwards, have a go at expanding the set_id
- string, even if authentication failed - for bad passwords it can be useful
- to log the userid. On success, require set_id to expand and exist, and
- put it in authenticated_id. Save this in permanent store, as the working
- store gets reset at HELO, RSET, etc. */
+ /* Run the checking code, passing the remainder of the command line as
+ data. Initials the $auth<n> variables as empty. Initialize $0 empty and set
+ it as the only set numerical variable. The authenticator may set $auth<n>
+ and also set other numeric variables. The $auth<n> variables are preferred
+ nowadays; the numerical variables remain for backwards compatibility.
+
+ Afterwards, have a go at expanding the set_id string, even if
+ authentication failed - for bad passwords it can be useful to log the
+ userid. On success, require set_id to expand and exist, and put it in
+ authenticated_id. Save this in permanent store, as the working store gets
+ reset at HELO, RSET, etc. */
+ for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
expand_nmax = 0;
expand_nlength[0] = 0; /* $0 contains nothing */
- c = (au->info->servercode)(au, smtp_data);
+ c = (au->info->servercode)(au, smtp_cmd_argument);
if (au->set_id != NULL) set_id = expand_string(au->set_id);
expand_nmax = -1; /* Reset numeric variables */
+ for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL; /* Reset $auth<n> */
+
+ /* The value of authenticated_id is stored in the spool file and printed in
+ log lines. It must not contain binary zeros or newline characters. In
+ normal use, it never will, but when playing around or testing, this error
+ can (did) happen. To guard against this, ensure that the id contains only
+ printing characters. */
+
+ if (set_id != NULL) set_id = string_printing(set_id);
/* For the non-OK cases, set up additional logging data if set_id
is not empty. */
/* Reject the HELO if its argument was invalid or non-existent. A
successful check causes the argument to be saved in malloc store. */
- if (!check_helo(smtp_data))
+ if (!check_helo(smtp_cmd_argument))
{
smtp_printf("501 Syntactically invalid %s argument(s)\r\n", hello);
log_write(0, LOG_MAIN|LOG_REJECT, "rejected %s from %s: syntactically "
"invalid argument(s): %s", hello, host_and_ident(FALSE),
- (*smtp_data == 0)? US"(no argument given)" :
- string_printing(smtp_data));
+ (*smtp_cmd_argument == 0)? US"(no argument given)" :
+ string_printing(smtp_cmd_argument));
if (++synprot_error_count > smtp_max_synprot_errors)
{
log_write(0, LOG_MAIN|LOG_REJECT, "SMTP call from %s dropped: too many "
"syntax or protocol errors (last command was \"%s\")",
- host_and_ident(FALSE), cmd_buffer);
+ host_and_ident(FALSE), smtp_cmd_buffer);
done = 1;
}
if (!sender_host_unknown)
{
BOOL old_helo_verified = helo_verified;
- uschar *p = smtp_data;
+ uschar *p = smtp_cmd_argument;
while (*p != 0 && !isspace(*p)) { *p = tolower(*p); p++; }
*p = 0;
(tls_active >= 0)? " TLS" : "", host_and_ident(FALSE));
/* Verify if configured. This doesn't give much security, but it does
- make some people happy to be able to do it. Note that HELO is legitimately
- allowed to quote an address literal. Allow for IPv6 ::ffff: literals. */
+ make some people happy to be able to do it. If helo_required is set,
+ (host matches helo_verify_hosts) failure forces rejection. If helo_verify
+ is set (host matches helo_try_verify_hosts), it does not. This is perhaps
+ now obsolescent, since the verification can now be requested selectively
+ at ACL time. */
- helo_verified = FALSE;
+ helo_verified = helo_verify_failed = FALSE;
if (helo_required || helo_verify)
{
- BOOL tempfail = FALSE;
-
- HDEBUG(D_receive) debug_printf("verifying %s %s\n", hello,
- sender_helo_name);
- if (sender_helo_name[0] == '[')
- {
- helo_verified = Ustrncmp(sender_helo_name+1, sender_host_address,
- Ustrlen(sender_host_address)) == 0;
-
- #if HAVE_IPV6
- if (!helo_verified)
- {
- if (strncmpic(sender_host_address, US"::ffff:", 7) == 0)
- helo_verified = Ustrncmp(sender_helo_name + 1,
- sender_host_address + 7, Ustrlen(sender_host_address) - 7) == 0;
- }
- #endif
-
- HDEBUG(D_receive)
- { if (helo_verified) debug_printf("matched host address\n"); }
- }
-
- /* Do a reverse lookup if one hasn't already given a positive or
- negative response. If that fails, or the name doesn't match, try
- checking with a forward lookup. */
-
- else
- {
- if (sender_host_name == NULL && !host_lookup_failed)
- tempfail = host_name_lookup() == DEFER;
-
- /* If a host name is known, check it and all its aliases. */
-
- if (sender_host_name != NULL)
- {
- helo_verified = strcmpic(sender_host_name, sender_helo_name) == 0;
-
- if (helo_verified)
- {
- HDEBUG(D_receive) debug_printf("matched host name\n");
- }
- else
- {
- uschar **aliases = sender_host_aliases;
- while (*aliases != NULL)
- {
- helo_verified = strcmpic(*aliases++, sender_helo_name) == 0;
- if (helo_verified) break;
- }
- HDEBUG(D_receive)
- {
- if (helo_verified)
- debug_printf("matched alias %s\n", *(--aliases));
- }
- }
- }
-
- /* Final attempt: try a forward lookup of the helo name */
-
- if (!helo_verified)
- {
- int rc;
- host_item h;
- h.name = sender_helo_name;
- h.address = NULL;
- h.mx = MX_NONE;
- h.next = NULL;
- HDEBUG(D_receive) debug_printf("getting IP address for %s\n",
- sender_helo_name);
- rc = host_find_byname(&h, NULL, NULL, TRUE);
- if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
- {
- host_item *hh = &h;
- while (hh != NULL)
- {
- if (Ustrcmp(hh->address, sender_host_address) == 0)
- {
- helo_verified = TRUE;
- HDEBUG(D_receive)
- debug_printf("IP address for %s matches calling address\n",
- sender_helo_name);
- break;
- }
- hh = hh->next;
- }
- }
- }
- }
-
- /* Verification failed. A temporary lookup failure gives a temporary
- error. */
-
+ BOOL tempfail = !smtp_verify_helo();
if (!helo_verified)
{
if (helo_required)
if (acl_smtp_helo != NULL)
{
- rc = acl_check(ACL_WHERE_HELO, smtp_data, acl_smtp_helo, &user_msg,
- &log_msg);
+ rc = acl_check(ACL_WHERE_HELO, NULL, acl_smtp_helo, &user_msg, &log_msg);
if (rc != OK)
{
done = smtp_handle_acl_fail(ACL_WHERE_HELO, rc, user_msg, log_msg);
if (tls_active >= 0) (void)tls_write(s, ptr); else
#endif
- fwrite(s, 1, ptr, smtp_out);
+ (void)fwrite(s, 1, ptr, smtp_out);
DEBUG(D_receive) debug_printf("SMTP>> %s", s);
helo_seen = TRUE;
break; /* HELO/EHLO */
break;
}
- if (smtp_data[0] == 0)
+ if (smtp_cmd_argument[0] == 0)
{
done = synprot_error(L_smtp_protocol_error, 501, NULL,
US"MAIL must have an address operand");
TRUE flag allows "<>" as a sender address. */
raw_sender = ((rewrite_existflags & rewrite_smtp) != 0)?
- rewrite_one(smtp_data, rewrite_smtp, NULL, FALSE, US"",
- global_rewrite_rules) : smtp_data;
+ rewrite_one(smtp_cmd_argument, rewrite_smtp, NULL, FALSE, US"",
+ global_rewrite_rules) : smtp_cmd_argument;
/* rfc821_domains = TRUE; << no longer needed */
raw_sender =
if (raw_sender == NULL)
{
- done = synprot_error(L_smtp_syntax_error, 501, smtp_data, errmess);
+ done = synprot_error(L_smtp_syntax_error, 501, smtp_cmd_argument, errmess);
break;
}
else
{
smtp_printf("501 %s: sender address must contain a domain\r\n",
- smtp_data);
+ smtp_cmd_argument);
log_write(L_smtp_syntax_error,
LOG_MAIN|LOG_REJECT,
"unqualified sender rejected: <%s> %s%s",
/* Check for an operand */
- if (smtp_data[0] == 0)
+ if (smtp_cmd_argument[0] == 0)
{
done = synprot_error(L_smtp_syntax_error, 501, NULL,
US"RCPT must have an address operand");
as a recipient address */
recipient = ((rewrite_existflags & rewrite_smtp) != 0)?
- rewrite_one(smtp_data, rewrite_smtp, NULL, FALSE, US"",
- global_rewrite_rules) : smtp_data;
+ rewrite_one(smtp_cmd_argument, rewrite_smtp, NULL, FALSE, US"",
+ global_rewrite_rules) : smtp_cmd_argument;
/* rfc821_domains = TRUE; << no longer needed */
recipient = parse_extract_address(recipient, &errmess, &start, &end,
if (recipient == NULL)
{
- done = synprot_error(L_smtp_syntax_error, 501, smtp_data, errmess);
+ done = synprot_error(L_smtp_syntax_error, 501, smtp_cmd_argument, errmess);
rcpt_fail_count++;
break;
}
{
rcpt_fail_count++;
smtp_printf("501 %s: recipient address must contain a domain\r\n",
- smtp_data);
+ smtp_cmd_argument);
log_write(L_smtp_syntax_error,
LOG_MAIN|LOG_REJECT, "unqualified recipient rejected: "
"<%s> %s%s", recipient, host_and_ident(TRUE),
"discarded by %s ACL%s%s", host_and_ident(TRUE),
(sender_address_unrewritten != NULL)?
sender_address_unrewritten : sender_address,
- smtp_data, recipients_discarded? "MAIL" : "RCPT",
+ smtp_cmd_argument, recipients_discarded? "MAIL" : "RCPT",
(log_msg == NULL)? US"" : US": ",
(log_msg == NULL)? US"" : log_msg);
}
smtp_printf("554 Too many recipients\r\n");
break;
}
-
+
if (acl_smtp_predata == NULL) rc = OK; else
- {
+ {
enable_dollar_recipients = TRUE;
- rc = acl_check(ACL_WHERE_PREDATA, NULL, acl_smtp_predata, &user_msg,
+ rc = acl_check(ACL_WHERE_PREDATA, NULL, acl_smtp_predata, &user_msg,
&log_msg);
enable_dollar_recipients = FALSE;
}
case VRFY_CMD:
- rc = acl_check(ACL_WHERE_VRFY, smtp_data, acl_smtp_vrfy, &user_msg,
- &log_msg);
+ rc = acl_check(ACL_WHERE_VRFY, NULL, acl_smtp_vrfy, &user_msg, &log_msg);
if (rc != OK)
done = smtp_handle_acl_fail(ACL_WHERE_VRFY, rc, user_msg, log_msg);
else
uschar *s = NULL;
/* rfc821_domains = TRUE; << no longer needed */
- address = parse_extract_address(smtp_data, &errmess, &start, &end,
+ address = parse_extract_address(smtp_cmd_argument, &errmess, &start, &end,
&recipient_domain, FALSE);
/* rfc821_domains = FALSE; << no longer needed */
string_sprintf("550 <%s> %s", address, addr->message) :
string_sprintf("550 <%s> is not deliverable", address);
log_write(0, LOG_MAIN, "VRFY failed for %s %s",
- smtp_data, host_and_ident(TRUE));
+ smtp_cmd_argument, host_and_ident(TRUE));
break;
}
}
case EXPN_CMD:
- rc = acl_check(ACL_WHERE_EXPN, smtp_data, acl_smtp_expn, &user_msg,
- &log_msg);
+ rc = acl_check(ACL_WHERE_EXPN, NULL, acl_smtp_expn, &user_msg, &log_msg);
if (rc != OK)
done = smtp_handle_acl_fail(ACL_WHERE_EXPN, rc, user_msg, log_msg);
else
{
BOOL save_log_testing_mode = log_testing_mode;
address_test_mode = log_testing_mode = TRUE;
- (void) verify_address(deliver_make_addr(smtp_data, FALSE), smtp_out,
- vopt_is_recipient | vopt_qualify | vopt_expn, -1, -1, -1, NULL, NULL,
- NULL);
+ (void) verify_address(deliver_make_addr(smtp_cmd_argument, FALSE),
+ smtp_out, vopt_is_recipient | vopt_qualify | vopt_expn, -1, -1, -1,
+ NULL, NULL, NULL);
address_test_mode = FALSE;
log_testing_mode = save_log_testing_mode; /* true for -bh */
}
if (acl_smtp_quit != NULL)
{
- rc = acl_check(ACL_WHERE_QUIT, US"", acl_smtp_quit,&user_msg,&log_msg);
+ rc = acl_check(ACL_WHERE_QUIT, NULL, acl_smtp_quit,&user_msg,&log_msg);
if (rc == ERROR)
log_write(0, LOG_MAIN|LOG_PANIC, "ACL for QUIT returned ERROR: %s",
log_msg);
break;
}
- log_write(L_etrn, LOG_MAIN, "ETRN %s received from %s", smtp_data,
+ log_write(L_etrn, LOG_MAIN, "ETRN %s received from %s", smtp_cmd_argument,
host_and_ident(FALSE));
- rc = acl_check(ACL_WHERE_ETRN, smtp_data, acl_smtp_etrn, &user_msg,
- &log_msg);
+ rc = acl_check(ACL_WHERE_ETRN, NULL, acl_smtp_etrn, &user_msg, &log_msg);
if (rc != OK)
{
done = smtp_handle_acl_fail(ACL_WHERE_ETRN, rc, user_msg, log_msg);
/* Compute the serialization key for this command. */
- etrn_serialize_key = string_sprintf("etrn-%s\n", smtp_data);
+ etrn_serialize_key = string_sprintf("etrn-%s\n", smtp_cmd_argument);
/* If a command has been specified for running as a result of ETRN, we
permit any argument to ETRN. If not, only the # standard form is permitted,
uschar *error;
BOOL rc;
etrn_command = smtp_etrn_command;
- deliver_domain = smtp_data;
+ deliver_domain = smtp_cmd_argument;
rc = transport_set_up_command(&argv, smtp_etrn_command, TRUE, 0, NULL,
US"ETRN processing", &error);
deliver_domain = NULL;
else
{
- if (*smtp_data++ != '#')
+ if (*smtp_cmd_argument++ != '#')
{
done = synprot_error(L_smtp_syntax_error, 501, NULL,
US"argument must begin with #");
}
etrn_command = US"exim -R";
argv = child_exec_exim(CEE_RETURN_ARGV, TRUE, NULL, TRUE, 2, US"-R",
- smtp_data);
+ smtp_cmd_argument);
}
/* If we are host-testing, don't actually do anything. */
if (smtp_etrn_serialize && !enq_start(etrn_serialize_key))
{
- smtp_printf("458 Already processing %s\r\n", smtp_data);
+ smtp_printf("458 Already processing %s\r\n", smtp_cmd_argument);
break;
}
if ((pid = fork()) == 0)
{
- smtp_input = FALSE; /* This process is not associated with the */
- fclose(smtp_in); /* SMTP call any more. */
- fclose(smtp_out);
+ smtp_input = FALSE; /* This process is not associated with the */
+ (void)fclose(smtp_in); /* SMTP call any more. */
+ (void)fclose(smtp_out);
signal(SIGCHLD, SIG_DFL); /* Want to catch child */
if (c > 150) c = 150;
smtp_inptr[c] = 0;
incomplete_transaction_log(US"sync failure");
- log_write(0, LOG_MAIN|LOG_REJECT, "SMTP protocol violation: "
- "synchronization error "
+ log_write(0, LOG_MAIN|LOG_REJECT, "SMTP protocol synchronization error "
"(next input sent too soon: pipelining was%s advertised): "
"rejected \"%s\" %s next input=\"%s\"",
pipelining_advertised? "" : " not",
- cmd_buffer, host_and_ident(TRUE),
+ smtp_cmd_buffer, host_and_ident(TRUE),
string_printing(smtp_inptr));
smtp_printf("554 SMTP synchronization error\r\n");
done = 1; /* Pretend eof - drops connection */
incomplete_transaction_log(US"too many non-mail commands");
log_write(0, LOG_MAIN|LOG_REJECT, "SMTP call from %s dropped: too many "
"nonmail commands (last was \"%.*s\")", host_and_ident(FALSE),
- smtp_data - cmd_buffer, cmd_buffer);
+ smtp_cmd_argument - smtp_cmd_buffer, smtp_cmd_buffer);
smtp_printf("554 Too many nonmail commands\r\n");
done = 1; /* Pretend eof - drops connection */
break;
{
log_write(L_smtp_syntax_error, LOG_MAIN,
"SMTP syntax error in \"%s\" %s %s",
- string_printing(cmd_buffer), host_and_ident(TRUE),
+ string_printing(smtp_cmd_buffer), host_and_ident(TRUE),
US"unrecognized command");
incomplete_transaction_log(US"unrecognized command");
smtp_printf("500 Too many unrecognized commands\r\n");
done = 2;
log_write(0, LOG_MAIN|LOG_REJECT, "SMTP call from %s dropped: too many "
"unrecognized commands (last was \"%s\")", host_and_ident(FALSE),
- cmd_buffer);
+ smtp_cmd_buffer);
}
else
done = synprot_error(L_smtp_syntax_error, 500, NULL,
projects / exim.git / blobdiff