X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=blobdiff_plain;f=src%2Fsrc%2Fverify.c;h=384739b2b3ea46383e3c4849e9c177743f3819b8;hp=b957c709b7f0ae0cc79429563efbc738bbb9044d;hb=9b62f401ae723894ac123c555a02390e061d24e6;hpb=bb07bcd32250965a896b0856dd1b839b5795e2f4 diff --git a/src/src/verify.c b/src/src/verify.c index b957c709b..384739b2b 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2017 */ +/* Copyright (c) University of Cambridge 1995 - 2018 */ /* See the file NOTICE for conditions of use and distribution. */ /* Functions concerned with verifying things. The original code for callout @@ -14,7 +14,7 @@ caching was contributed by Kevin Fleming (but I hacked it around a bit). */ #define CUTTHROUGH_CMD_TIMEOUT 30 /* timeout for cutthrough-routing calls */ #define CUTTHROUGH_DATA_TIMEOUT 60 /* timeout for cutthrough-routing calls */ -static smtp_outblock ctblock; +static smtp_context ctctx; uschar ctbuffer[8192]; @@ -39,7 +39,7 @@ static tree_node *dnsbl_cache = NULL; #define MT_NOT 1 #define MT_ALL 2 -static uschar cutthrough_response(int, char, uschar **, int); +static uschar cutthrough_response(client_conn_ctx *, char, uschar **, int); @@ -98,7 +98,7 @@ if (type[0] == 'd' && cache_record->result != ccache_reject) { if (length == sizeof(dbdata_callout_cache_obs)) { - dbdata_callout_cache *new = store_get(sizeof(dbdata_callout_cache)); + dbdata_callout_cache *new = store_get(sizeof(dbdata_callout_cache), FALSE); memcpy(new, cache_record, length); new->postmaster_stamp = new->random_stamp = new->time_stamp; cache_record = new; @@ -140,7 +140,7 @@ if (options & vopt_callout_no_cache) { HDEBUG(D_verify) debug_printf("callout cache: disabled by no_cache\n"); } -else if (!(dbm_file = dbfn_open(US"callout", O_RDWR, &dbblock, FALSE))) +else if (!(dbm_file = dbfn_open(US"callout", O_RDWR, &dbblock, FALSE, TRUE))) { HDEBUG(D_verify) debug_printf("callout cache: not available\n"); } @@ -172,7 +172,6 @@ else if ( cache_record->result == ccache_reject || *from_address == 0 && cache_record->result == ccache_reject_mfnull) { - setflag(addr, af_verify_nsfail); HDEBUG(D_verify) debug_printf("callout cache: domain gave initial rejection, or " "does not accept HELO or MAIL FROM:<>\n"); @@ -196,6 +195,7 @@ else case ccache_accept: HDEBUG(D_verify) debug_printf("callout cache: domain accepts random addresses\n"); + *failure_ptr = US"random"; dbfn_close(dbm_file); return TRUE; /* Default yield is OK */ @@ -313,7 +313,7 @@ implying some kind of I/O error. We don't want to write the cache in that case. Otherwise the value is ccache_accept, ccache_reject, or ccache_reject_mfnull. */ if (dom_rec->result != ccache_unknown) - if (!(dbm_file = dbfn_open(US"callout", O_RDWR|O_CREAT, &dbblock, FALSE))) + if (!(dbm_file = dbfn_open(US"callout", O_RDWR|O_CREAT, &dbblock, FALSE, TRUE))) { HDEBUG(D_verify) debug_printf("callout cache: not available\n"); } @@ -335,7 +335,7 @@ is disabled. */ if (done && addr_rec->result != ccache_unknown) { if (!dbm_file) - dbm_file = dbfn_open(US"callout", O_RDWR|O_CREAT, &dbblock, FALSE); + dbm_file = dbfn_open(US"callout", O_RDWR|O_CREAT, &dbblock, FALSE, TRUE); if (!dbm_file) { HDEBUG(D_verify) debug_printf("no callout cache available\n"); @@ -370,10 +370,9 @@ cutthrough_multi(address_item * addr, host_item * host_list, transport_feedback * tf, int * yield) { BOOL done = FALSE; -host_item * host; if (addr->transport == cutthrough.addr.transport) - for (host = host_list; host; host = host->next) + for (host_item * host = host_list; host; host = host->next) if (Ustrcmp(host->address, cutthrough.host.address) == 0) { int host_af; @@ -388,28 +387,32 @@ if (addr->transport == cutthrough.addr.transport) host_af = Ustrchr(host->address, ':') ? AF_INET6 : AF_INET; - if (!smtp_get_interface(tf->interface, host_af, addr, &interface, - US"callout") || - !smtp_get_port(tf->port, addr, &port, US"callout")) + if ( !smtp_get_interface(tf->interface, host_af, addr, &interface, + US"callout") + || !smtp_get_port(tf->port, addr, &port, US"callout") + ) log_write(0, LOG_MAIN|LOG_PANIC, "<%s>: %s", addr->address, addr->message); + smtp_port_for_connect(host, port); + if ( ( interface == cutthrough.interface || ( interface && cutthrough.interface && Ustrcmp(interface, cutthrough.interface) == 0 ) ) - && port == cutthrough.host.port + && host->port == cutthrough.host.port ) { uschar * resp = NULL; /* Match! Send the RCPT TO, set done from the response */ done = - smtp_write_command(&ctblock, SCMD_FLUSH, "RCPT TO:<%.1000s>\r\n", - transport_rcpt_address(addr, - addr->transport->rcpt_include_affixes)) >= 0 && - cutthrough_response(cutthrough.fd, '2', &resp, CUTTHROUGH_DATA_TIMEOUT) == '2'; + smtp_write_command(&ctctx, SCMD_FLUSH, "RCPT TO:<%.1000s>\r\n", + transport_rcpt_address(addr, + addr->transport->rcpt_include_affixes)) >= 0 + && cutthrough_response(&cutthrough.cctx, '2', &resp, + CUTTHROUGH_DATA_TIMEOUT) == '2'; /* This would go horribly wrong if a callout fail was ignored by ACL. We punt by abandoning cutthrough on a reject, like the @@ -417,7 +420,7 @@ if (addr->transport == cutthrough.addr.transport) if (done) { - address_item * na = store_get(sizeof(address_item)); + address_item * na = store_get(sizeof(address_item), FALSE); *na = cutthrough.addr; cutthrough.addr = *addr; cutthrough.addr.host_used = &cutthrough.host; @@ -571,7 +574,6 @@ else { smtp_transport_options_block *ob = (smtp_transport_options_block *)addr->transport->options_block; - host_item * host; /* The information wasn't available in the cache, so we have to do a real callout and save the result in the cache for next time, unless no_cache is set, @@ -597,7 +599,7 @@ else and cause the client to time out. So in this case we forgo the PIPELINING optimization. */ - if (smtp_out && !disable_callout_flush) mac_smtp_fflush(); + if (smtp_out && !f.disable_callout_flush) mac_smtp_fflush(); clearflag(addr, af_verify_pmfail); /* postmaster callout flag */ clearflag(addr, af_verify_nsfail); /* null sender callout flag */ @@ -608,7 +610,7 @@ that conn for verification purposes (and later delivery also). Simplest coding means skipping this whole loop and doing the append separately. */ /* Can we re-use an open cutthrough connection? */ - if ( cutthrough.fd >= 0 + if ( cutthrough.cctx.sock >= 0 && (options & (vopt_callout_recipsender | vopt_callout_recippmaster)) == vopt_callout_recipsender && !random_local_part @@ -619,7 +621,7 @@ coding means skipping this whole loop and doing the append separately. */ /* If we did not use a cached connection, make connections to the hosts and do real callouts. The list of hosts is passed in as an argument. */ - for (host = host_list; host && !done; host = host->next) + for (host_item * host = host_list; host && !done; host = host->next) { int host_af; int port = 25; @@ -665,12 +667,12 @@ coding means skipping this whole loop and doing the append separately. */ addr->message); sx.addrlist = addr; - sx.host = host; - sx.host_af = host_af, + sx.conn_args.host = host; + sx.conn_args.host_af = host_af, sx.port = port; - sx.interface = interface; + sx.conn_args.interface = interface; sx.helo_data = tf->helo_data; - sx.tblock = addr->transport; + sx.conn_args.tblock = addr->transport; sx.verify = TRUE; tls_retry_connection: @@ -685,11 +687,11 @@ tls_retry_connection: if permitted */ yield = smtp_setup_conn(&sx, FALSE); -#ifdef SUPPORT_TLS +#ifndef DISABLE_TLS if ( yield == DEFER && addr->basic_errno == ERRNO_TLSFAILURE && ob->tls_tempfail_tryclear - && verify_check_given_host(&ob->hosts_require_tls, host) != OK + && verify_check_given_host(CUSS &ob->hosts_require_tls, host) != OK ) { log_write(0, LOG_MAIN, @@ -784,7 +786,7 @@ tls_retry_connection: The sync_responses() would need to be taught about it and we'd need another return code filtering out to here. - Avoid using a SIZE option on the MAIL for all randon-rcpt checks. + Avoid using a SIZE option on the MAIL for all random-rcpt checks. */ sx.avoid_option = OPTION_SIZE; @@ -799,6 +801,7 @@ tls_retry_connection: new_domain_record.random_result = ccache_accept; yield = OK; /* Only usable verify result we can return */ done = TRUE; + *failure_ptr = US"random"; goto no_conn; case FAIL: /* rejected: the preferred result */ new_domain_record.random_result = ccache_reject; @@ -809,20 +812,19 @@ tls_retry_connection: XXX We don't care about that for postmaster_full. Should we? */ if ((done = - smtp_write_command(&sx.outblock, SCMD_FLUSH, "RSET\r\n") >= 0 && - smtp_read_response(&sx.inblock, sx.buffer, sizeof(sx.buffer), - '2', callout))) + smtp_write_command(&sx, SCMD_FLUSH, "RSET\r\n") >= 0 && + smtp_read_response(&sx, sx.buffer, sizeof(sx.buffer), '2', callout))) break; HDEBUG(D_acl|D_v) debug_printf_indent("problem after random/rset/mfrom; reopen conn\n"); random_local_part = NULL; -#ifdef SUPPORT_TLS - tls_close(FALSE, TRUE); +#ifndef DISABLE_TLS + tls_close(sx.cctx.tls_ctx, TLS_SHUTDOWN_NOWAIT); #endif HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP(close)>>\n"); - (void)close(sx.inblock.sock); - sx.inblock.sock = sx.outblock.sock = -1; + (void)close(sx.cctx.sock); + sx.cctx.sock = -1; #ifndef DISABLE_EVENT (void) event_raise(addr->transport->event_action, US"tcp:close", NULL); @@ -906,9 +908,8 @@ tls_retry_connection: cancel_cutthrough_connection(TRUE, US"postmaster verify"); HDEBUG(D_acl|D_v) debug_printf_indent("Cutthrough cancelled by presence of postmaster verify\n"); - done = smtp_write_command(&sx.outblock, SCMD_FLUSH, "RSET\r\n") >= 0 - && smtp_read_response(&sx.inblock, sx.buffer, - sizeof(sx.buffer), '2', callout); + done = smtp_write_command(&sx, SCMD_FLUSH, "RSET\r\n") >= 0 + && smtp_read_response(&sx, sx.buffer, sizeof(sx.buffer), '2', callout); if (done) { @@ -931,9 +932,9 @@ tls_retry_connection: done = TRUE; else done = (options & vopt_callout_fullpm) != 0 - && smtp_write_command(&sx.outblock, SCMD_FLUSH, + && smtp_write_command(&sx, SCMD_FLUSH, "RCPT TO:\r\n") >= 0 - && smtp_read_response(&sx.inblock, sx.buffer, + && smtp_read_response(&sx, sx.buffer, sizeof(sx.buffer), '2', callout); /* Sort out the cache record */ @@ -975,8 +976,7 @@ no_conn: { extern int acl_where; /* src/acl.c */ errno = 0; - addr->message = string_sprintf( - "response to \"EHLO\" did not include SMTPUTF8"); + addr->message = US"response to \"EHLO\" did not include SMTPUTF8"; addr->user_message = acl_where == ACL_WHERE_RCPT ? US"533 no support for internationalised mailbox name" : US"550 mailbox unavailable"; @@ -1001,6 +1001,26 @@ no_conn: string_sprintf("response to \"%s\" was: %s", big_buffer, string_printing(sx.buffer)); + /* RFC 5321 section 4.2: the text portion of the response may have only + HT, SP, Printable US-ASCII. Deal with awkward chars by cutting the + received message off before passing it onward. Newlines are ok; they + just become a multiline response (but wrapped in the error code we + produce). */ + + for (uschar * s = sx.buffer; + *s && s < sx.buffer + sizeof(sx.buffer); + s++) + { + uschar c = *s; + if (c != '\t' && c != '\n' && (c < ' ' || c > '~')) + { + if (s - sx.buffer < sizeof(sx.buffer) - 12) + memcpy(s, "(truncated)", 12); + else + *s = '\0'; + break; + } + } addr->user_message = options & vopt_is_recipient ? string_sprintf("Callout verification failed:\n%s", sx.buffer) : string_sprintf("Called: %s\nSent: %s\nResponse: %s", @@ -1023,6 +1043,29 @@ no_conn: here is where we want to leave the conn open. Ditto for a lazy-close verify. */ + if (cutthrough.delivery) + { + if (addr->transport->filter_command) + { + cutthrough.delivery= FALSE; + HDEBUG(D_acl|D_v) debug_printf("Cutthrough cancelled by presence of transport filter\n"); + } +#ifndef DISABLE_DKIM + if (ob->dkim.dkim_domain) + { + cutthrough.delivery= FALSE; + HDEBUG(D_acl|D_v) debug_printf("Cutthrough cancelled by presence of DKIM signing\n"); + } +#endif +#ifdef EXPERIMENTAL_ARC + if (ob->arc_sign) + { + cutthrough.delivery= FALSE; + HDEBUG(D_acl|D_v) debug_printf("Cutthrough cancelled by presence of ARC signing\n"); + } +#endif + } + if ( (cutthrough.delivery || options & vopt_callout_hold) && rcpt_count == 1 && done @@ -1031,7 +1074,7 @@ no_conn: == vopt_callout_recipsender && !random_local_part && !pm_mailfrom - && cutthrough.fd < 0 + && cutthrough.cctx.sock < 0 && !sx.lmtp ) { @@ -1040,8 +1083,9 @@ no_conn: ? "cutthrough delivery" : "potential further verifies and delivery"); cutthrough.callout_hold_only = !cutthrough.delivery; - cutthrough.is_tls = tls_out.active >= 0; - cutthrough.fd = sx.outblock.sock; /* We assume no buffer in use in the outblock */ + cutthrough.is_tls = tls_out.active.sock >= 0; + /* We assume no buffer in use in the outblock */ + cutthrough.cctx = sx.cctx; cutthrough.nrcpt = 1; cutthrough.transport = addr->transport->name; cutthrough.interface = interface; @@ -1056,17 +1100,21 @@ no_conn: cutthrough.host.address = string_copy(host->address); store_pool = oldpool; } - cutthrough.addr = *addr; /* Save the address_item for later logging */ + + /* Save the address_item and parent chain for later logging */ + cutthrough.addr = *addr; cutthrough.addr.next = NULL; cutthrough.addr.host_used = &cutthrough.host; - if (addr->parent) - *(cutthrough.addr.parent = store_get(sizeof(address_item))) = - *addr->parent; - ctblock.buffer = ctbuffer; - ctblock.buffersize = sizeof(ctbuffer); - ctblock.ptr = ctbuffer; - /* ctblock.cmd_count = 0; ctblock.authenticating = FALSE; */ - ctblock.sock = cutthrough.fd; + for (address_item * caddr = &cutthrough.addr, * parent = addr->parent; + parent; + caddr = caddr->parent, parent = parent->parent) + *(caddr->parent = store_get(sizeof(address_item), FALSE)) = *parent; + + ctctx.outblock.buffer = ctbuffer; + ctctx.outblock.buffersize = sizeof(ctbuffer); + ctctx.outblock.ptr = ctbuffer; + /* ctctx.outblock.cmd_count = 0; ctctx.outblock.authenticating = FALSE; */ + ctctx.outblock.cctx = &cutthrough.cctx; } else { @@ -1074,22 +1122,22 @@ no_conn: if (options & vopt_callout_recipsender) cancel_cutthrough_connection(TRUE, US"not usable for cutthrough"); if (sx.send_quit) - { - (void) smtp_write_command(&sx.outblock, SCMD_FLUSH, "QUIT\r\n"); + if (smtp_write_command(&sx, SCMD_FLUSH, "QUIT\r\n") != -1) + /* Wait a short time for response, and discard it */ + smtp_read_response(&sx, sx.buffer, sizeof(sx.buffer), '2', 1); - /* Wait a short time for response, and discard it */ - smtp_read_response(&sx.inblock, sx.buffer, sizeof(sx.buffer), - '2', 1); - } - - if (sx.inblock.sock >= 0) + if (sx.cctx.sock >= 0) { -#ifdef SUPPORT_TLS - tls_close(FALSE, TRUE); +#ifndef DISABLE_TLS + if (sx.cctx.tls_ctx) + { + tls_close(sx.cctx.tls_ctx, TLS_SHUTDOWN_NOWAIT); + sx.cctx.tls_ctx = NULL; + } #endif HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP(close)>>\n"); - (void)close(sx.inblock.sock); - sx.inblock.sock = sx.outblock.sock = -1; + (void)close(sx.cctx.sock); + sx.cctx.sock = -1; #ifndef DISABLE_EVENT (void) event_raise(addr->transport->event_action, US"tcp:close", NULL); #endif @@ -1144,7 +1192,7 @@ if (!done) /* Come here from within the cache-reading code on fast-track exit. */ END_CALLOUT: -tls_modify_variables(&tls_in); +tls_modify_variables(&tls_in); /* return variables to inbound values */ return yield; } @@ -1154,7 +1202,7 @@ return yield; one was requested and a recipient-verify wasn't subsequently done. */ int -open_cutthrough_connection( address_item * addr ) +open_cutthrough_connection(address_item * addr) { address_item addr2; int rc; @@ -1182,18 +1230,20 @@ return rc; static BOOL cutthrough_send(int n) { -if(cutthrough.fd < 0) +if(cutthrough.cctx.sock < 0) return TRUE; if( -#ifdef SUPPORT_TLS - tls_out.active == cutthrough.fd ? tls_write(FALSE, ctblock.buffer, n, FALSE) : +#ifndef DISABLE_TLS + cutthrough.is_tls + ? tls_write(cutthrough.cctx.tls_ctx, ctctx.outblock.buffer, n, FALSE) + : #endif - send(cutthrough.fd, ctblock.buffer, n, 0) > 0 + send(cutthrough.cctx.sock, ctctx.outblock.buffer, n, 0) > 0 ) { transport_count += n; - ctblock.ptr= ctblock.buffer; + ctctx.outblock.ptr= ctctx.outblock.buffer; return TRUE; } @@ -1208,11 +1258,11 @@ _cutthrough_puts(uschar * cp, int n) { while(n--) { - if(ctblock.ptr >= ctblock.buffer+ctblock.buffersize) - if(!cutthrough_send(ctblock.buffersize)) + if(ctctx.outblock.ptr >= ctctx.outblock.buffer+ctctx.outblock.buffersize) + if(!cutthrough_send(ctctx.outblock.buffersize)) return FALSE; - *ctblock.ptr++ = *cp++; + *ctctx.outblock.ptr++ = *cp++; } return TRUE; } @@ -1221,8 +1271,8 @@ return TRUE; static BOOL cutthrough_puts(uschar * cp, int n) { -if (cutthrough.fd < 0) return TRUE; -if (_cutthrough_puts(cp, n)) return TRUE; +if (cutthrough.cctx.sock < 0) return TRUE; +if (_cutthrough_puts(cp, n)) return TRUE; cancel_cutthrough_connection(TRUE, US"transmit failed"); return FALSE; } @@ -1238,7 +1288,7 @@ return; static BOOL _cutthrough_flush_send(void) { -int n = ctblock.ptr - ctblock.buffer; +int n = ctctx.outblock.ptr - ctctx.outblock.buffer; if(n>0) if(!cutthrough_send(n)) @@ -1273,19 +1323,18 @@ cutthrough_data_puts(US"\r\n", 2); /* Get and check response from cutthrough target */ static uschar -cutthrough_response(int fd, char expect, uschar ** copy, int timeout) +cutthrough_response(client_conn_ctx * cctx, char expect, uschar ** copy, int timeout) { -smtp_inblock inblock; +smtp_context sx = {0}; uschar inbuffer[4096]; uschar responsebuffer[4096]; -inblock.buffer = inbuffer; -inblock.buffersize = sizeof(inbuffer); -inblock.ptr = inbuffer; -inblock.ptrend = inbuffer; -inblock.sock = fd; -/* this relies on (inblock.sock == tls_out.active) */ -if(!smtp_read_response(&inblock, responsebuffer, sizeof(responsebuffer), expect, timeout)) +sx.inblock.buffer = inbuffer; +sx.inblock.buffersize = sizeof(inbuffer); +sx.inblock.ptr = inbuffer; +sx.inblock.ptrend = inbuffer; +sx.inblock.cctx = cctx; +if(!smtp_read_response(&sx, responsebuffer, sizeof(responsebuffer), expect, timeout)) cancel_cutthrough_connection(TRUE, US"target timeout on read"); if(copy) @@ -1306,7 +1355,7 @@ return responsebuffer[0]; BOOL cutthrough_predata(void) { -if(cutthrough.fd < 0 || cutthrough.callout_hold_only) +if(cutthrough.cctx.sock < 0 || cutthrough.callout_hold_only) return FALSE; HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> DATA\n"); @@ -1314,7 +1363,7 @@ cutthrough_puts(US"DATA\r\n", 6); cutthrough_flush_send(); /* Assume nothing buffered. If it was it gets ignored. */ -return cutthrough_response(cutthrough.fd, '3', NULL, CUTTHROUGH_DATA_TIMEOUT) == '3'; +return cutthrough_response(&cutthrough.cctx, '3', NULL, CUTTHROUGH_DATA_TIMEOUT) == '3'; } @@ -1341,7 +1390,7 @@ cutthrough_headers_send(void) { transport_ctx tctx; -if(cutthrough.fd < 0 || cutthrough.callout_hold_only) +if(cutthrough.cctx.sock < 0 || cutthrough.callout_hold_only) return FALSE; /* We share a routine with the mainline transport to handle header add/remove/rewrites, @@ -1349,7 +1398,7 @@ if(cutthrough.fd < 0 || cutthrough.callout_hold_only) */ HDEBUG(D_acl) debug_printf_indent("----------- start cutthrough headers send -----------\n"); -tctx.u.fd = cutthrough.fd; +tctx.u.fd = cutthrough.cctx.sock; tctx.tblock = cutthrough.addr.transport; tctx.addr = &cutthrough.addr; tctx.check_string = US"."; @@ -1368,30 +1417,37 @@ return TRUE; static void close_cutthrough_connection(const uschar * why) { -int fd = cutthrough.fd; +int fd = cutthrough.cctx.sock; if(fd >= 0) { /* We could be sending this after a bunch of data, but that is ok as the only way to cancel the transfer in dataphase is to drop the tcp conn before the final dot. */ - ctblock.ptr = ctbuffer; + client_conn_ctx tmp_ctx = cutthrough.cctx; + ctctx.outblock.ptr = ctbuffer; HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> QUIT\n"); _cutthrough_puts(US"QUIT\r\n", 6); /* avoid recursion */ _cutthrough_flush_send(); - cutthrough.fd = -1; /* avoid recursion via read timeout */ + cutthrough.cctx.sock = -1; /* avoid recursion via read timeout */ + cutthrough.nrcpt = 0; /* permit re-cutthrough on subsequent message */ /* Wait a short time for response, and discard it */ - cutthrough_response(fd, '2', NULL, 1); + cutthrough_response(&tmp_ctx, '2', NULL, 1); -#ifdef SUPPORT_TLS - tls_close(FALSE, TRUE); +#ifndef DISABLE_TLS + if (cutthrough.is_tls) + { + tls_close(cutthrough.cctx.tls_ctx, TLS_SHUTDOWN_NOWAIT); + cutthrough.cctx.tls_ctx = NULL; + cutthrough.is_tls = FALSE; + } #endif HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP(close)>>\n"); (void)close(fd); HDEBUG(D_acl) debug_printf_indent("----------- cutthrough shutdown (%s) ------------\n", why); } -ctblock.ptr = ctbuffer; +ctctx.outblock.ptr = ctbuffer; } void @@ -1406,9 +1462,10 @@ cutthrough.delivery = cutthrough.callout_hold_only = FALSE; void release_cutthrough_connection(const uschar * why) { -if (cutthrough.fd < 0) return; +if (cutthrough.cctx.sock < 0) return; HDEBUG(D_acl) debug_printf_indent("release cutthrough conn: %s\n", why); -cutthrough.fd = -1; +cutthrough.cctx.sock = -1; +cutthrough.cctx.tls_ctx = NULL; cutthrough.delivery = cutthrough.callout_hold_only = FALSE; } @@ -1424,7 +1481,6 @@ uschar * cutthrough_finaldot(void) { uschar res; -address_item * addr; HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> .\n"); /* Assume data finshed with new-line */ @@ -1434,8 +1490,9 @@ if( !cutthrough_puts(US".", 1) ) return cutthrough.addr.message; -res = cutthrough_response(cutthrough.fd, '2', &cutthrough.addr.message, CUTTHROUGH_DATA_TIMEOUT); -for (addr = &cutthrough.addr; addr; addr = addr->next) +res = cutthrough_response(&cutthrough.cctx, '2', &cutthrough.addr.message, + CUTTHROUGH_DATA_TIMEOUT); +for (address_item * addr = &cutthrough.addr; addr; addr = addr->next) { addr->message = cutthrough.addr.message; switch(res) @@ -1491,6 +1548,8 @@ if (addr != vaddr) vaddr->basic_errno = addr->basic_errno; vaddr->more_errno = addr->more_errno; vaddr->prop.address_data = addr->prop.address_data; + vaddr->prop.variables = NULL; + tree_dup((tree_node **)&vaddr->prop.variables, addr->prop.variables); copyflag(vaddr, addr, af_pass_message); } return yield; @@ -1586,18 +1645,18 @@ Returns: OK address verified */ int -verify_address(address_item *vaddr, FILE *f, int options, int callout, - int callout_overall, int callout_connect, uschar *se_mailfrom, +verify_address(address_item * vaddr, FILE * fp, int options, int callout, + int callout_overall, int callout_connect, uschar * se_mailfrom, uschar *pm_mailfrom, BOOL *routed) { BOOL allok = TRUE; -BOOL full_info = (f == NULL)? FALSE : (debug_selector != 0); +BOOL full_info = fp ? debug_selector != 0 : FALSE; BOOL expn = (options & vopt_expn) != 0; BOOL success_on_redirect = (options & vopt_success_on_redirect) != 0; int i; int yield = OK; int verify_type = expn? v_expn : - address_test_mode? v_none : + f.address_test_mode? v_none : options & vopt_is_recipient? v_recipient : v_sender; address_item *addr_list; address_item *addr_new = NULL; @@ -1630,10 +1689,10 @@ else ko_prefix = cr = US""; if (parse_find_at(address) == NULL) { - if ((options & vopt_qualify) == 0) + if (!(options & vopt_qualify)) { - if (f != NULL) - respond_printf(f, "%sA domain is required for \"%s\"%s\n", + if (fp) + respond_printf(fp, "%sA domain is required for \"%s\"%s\n", ko_prefix, address, cr); *failure_ptr = US"qualify"; return FAIL; @@ -1644,36 +1703,36 @@ if (parse_find_at(address) == NULL) DEBUG(D_verify) { debug_printf(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); - debug_printf("%s %s\n", address_test_mode? "Testing" : "Verifying", address); + debug_printf("%s %s\n", f.address_test_mode? "Testing" : "Verifying", address); } /* Rewrite and report on it. Clear the domain and local part caches - these may have been set by domains and local part tests during an ACL. */ -if (global_rewrite_rules != NULL) +if (global_rewrite_rules) { uschar *old = address; address = rewrite_address(address, options & vopt_is_recipient, FALSE, global_rewrite_rules, rewrite_existflags); if (address != old) { - for (i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->localpart_cache[i] = 0; - for (i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->domain_cache[i] = 0; - if (f != NULL && !expn) fprintf(f, "Address rewritten as: %s\n", address); + for (int i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->localpart_cache[i] = 0; + for (int i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->domain_cache[i] = 0; + if (fp && !expn) fprintf(fp, "Address rewritten as: %s\n", address); } } /* If this is the real sender address, we must update sender_address at this point, because it may be referred to in the routers. */ -if ((options & (vopt_fake_sender|vopt_is_recipient)) == 0) +if (!(options & (vopt_fake_sender|vopt_is_recipient))) sender_address = address; /* If the address was rewritten to <> no verification can be done, and we have to return OK. This rewriting is permitted only for sender addresses; for other addresses, such rewriting fails. */ -if (address[0] == 0) return OK; +if (!address[0]) return OK; /* Flip the legacy TLS-related variables over to the outbound set in case they're used in the context of a transport used by verification. Reset them @@ -1725,29 +1784,29 @@ while (addr_new) if (testflag(addr, af_pfr)) { allok = FALSE; - if (f != NULL) + if (fp) { BOOL allow; if (addr->address[0] == '>') { allow = testflag(addr, af_allow_reply); - fprintf(f, "%s -> mail %s", addr->parent->address, addr->address + 1); + fprintf(fp, "%s -> mail %s", addr->parent->address, addr->address + 1); } else { - allow = (addr->address[0] == '|')? - testflag(addr, af_allow_pipe) : testflag(addr, af_allow_file); - fprintf(f, "%s -> %s", addr->parent->address, addr->address); + allow = addr->address[0] == '|' + ? testflag(addr, af_allow_pipe) : testflag(addr, af_allow_file); + fprintf(fp, "%s -> %s", addr->parent->address, addr->address); } if (addr->basic_errno == ERRNO_BADTRANSPORT) - fprintf(f, "\n*** Error in setting up pipe, file, or autoreply:\n" + fprintf(fp, "\n*** Error in setting up pipe, file, or autoreply:\n" "%s\n", addr->message); else if (allow) - fprintf(f, "\n transport = %s\n", addr->transport->name); + fprintf(fp, "\n transport = %s\n", addr->transport->name); else - fprintf(f, " *** forbidden ***\n"); + fprintf(fp, " *** forbidden ***\n"); } continue; } @@ -1836,7 +1895,6 @@ while (addr_new) else { int flags; - host_item *host, *nexthost; host_build_hostlist(&host_list, s, tf.hosts_randomize); /* Just ignore failures to find a host address. If we don't manage @@ -1845,11 +1903,11 @@ while (addr_new) additional host items being inserted into the chain. Hence we must save the next host first. */ - flags = HOST_FIND_BY_A; + flags = HOST_FIND_BY_A | HOST_FIND_BY_AAAA; if (tf.qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE; if (tf.search_parents) flags |= HOST_FIND_SEARCH_PARENTS; - for (host = host_list; host; host = nexthost) + for (host_item * host = host_list, * nexthost; host; host = nexthost) { nexthost = host->next; if (tf.gethostbyname || @@ -1857,16 +1915,16 @@ while (addr_new) (void)host_find_byname(host, NULL, flags, NULL, TRUE); else { - dnssec_domains * dnssec_domains = NULL; + const dnssec_domains * dsp = NULL; if (Ustrcmp(tp->driver_name, "smtp") == 0) { smtp_transport_options_block * ob = (smtp_transport_options_block *) tp->options_block; - dnssec_domains = &ob->dnssec; + dsp = &ob->dnssec; } (void) host_find_bydns(host, NULL, flags, NULL, NULL, NULL, - dnssec_domains, NULL, NULL); + dsp, NULL, NULL); } } } @@ -1879,7 +1937,7 @@ while (addr_new) if (host_list) { HDEBUG(D_verify) debug_printf("Attempting full verification using callout\n"); - if (host_checking && !host_checking_callout) + if (host_checking && !f.host_checking_callout) { HDEBUG(D_verify) debug_printf("... callout omitted by default when host testing\n" @@ -1887,17 +1945,20 @@ while (addr_new) } else { -#ifdef SUPPORT_TLS +#ifndef DISABLE_TLS deliver_set_expansions(addr); #endif rc = do_callout(addr, host_list, &tf, callout, callout_overall, callout_connect, options, se_mailfrom, pm_mailfrom); +#ifndef DISABLE_TLS + deliver_set_expansions(NULL); +#endif } } else { HDEBUG(D_verify) debug_printf("Cannot do callout: neither router nor " - "transport provided a host list\n"); + "transport provided a host list, or transport is not smtp\n"); } } } @@ -1917,29 +1978,29 @@ while (addr_new) if (rc == FAIL) { allok = FALSE; - if (f) + if (fp) { address_item *p = addr->parent; - respond_printf(f, "%s%s %s", ko_prefix, + respond_printf(fp, "%s%s %s", ko_prefix, full_info ? addr->address : address, - address_test_mode ? "is undeliverable" : "failed to verify"); - if (!expn && admin_user) + f.address_test_mode ? "is undeliverable" : "failed to verify"); + if (!expn && f.admin_user) { if (addr->basic_errno > 0) - respond_printf(f, ": %s", strerror(addr->basic_errno)); + respond_printf(fp, ": %s", strerror(addr->basic_errno)); if (addr->message) - respond_printf(f, ": %s", addr->message); + respond_printf(fp, ": %s", addr->message); } /* Show parents iff doing full info */ if (full_info) while (p) { - respond_printf(f, "%s\n <-- %s", cr, p->address); + respond_printf(fp, "%s\n <-- %s", cr, p->address); p = p->parent; } - respond_printf(f, "%s\n", cr); + respond_printf(fp, "%s\n", cr); } cancel_cutthrough_connection(TRUE, US"routing hard fail"); @@ -1956,29 +2017,29 @@ while (addr_new) else if (rc == DEFER) { allok = FALSE; - if (f) + if (fp) { address_item *p = addr->parent; - respond_printf(f, "%s%s cannot be resolved at this time", ko_prefix, + respond_printf(fp, "%s%s cannot be resolved at this time", ko_prefix, full_info? addr->address : address); - if (!expn && admin_user) + if (!expn && f.admin_user) { if (addr->basic_errno > 0) - respond_printf(f, ": %s", strerror(addr->basic_errno)); + respond_printf(fp, ": %s", strerror(addr->basic_errno)); if (addr->message) - respond_printf(f, ": %s", addr->message); + respond_printf(fp, ": %s", addr->message); else if (addr->basic_errno <= 0) - respond_printf(f, ": unknown error"); + respond_printf(fp, ": unknown error"); } /* Show parents iff doing full info */ if (full_info) while (p) { - respond_printf(f, "%s\n <-- %s", cr, p->address); + respond_printf(fp, "%s\n <-- %s", cr, p->address); p = p->parent; } - respond_printf(f, "%s\n", cr); + respond_printf(fp, "%s\n", cr); } cancel_cutthrough_connection(TRUE, US"routing soft fail"); @@ -1999,16 +2060,16 @@ while (addr_new) if (!addr_new) if (!addr_local && !addr_remote) - respond_printf(f, "250 mail to <%s> is discarded\r\n", address); + respond_printf(fp, "250 mail to <%s> is discarded\r\n", address); else - respond_printf(f, "250 <%s>\r\n", address); + respond_printf(fp, "250 <%s>\r\n", address); else do { address_item *addr2 = addr_new; addr_new = addr2->next; if (!addr_new) ok_prefix = US"250 "; - respond_printf(f, "%s<%s>\r\n", ok_prefix, addr2->address); + respond_printf(fp, "%s<%s>\r\n", ok_prefix, addr2->address); } while (addr_new); yield = OK; goto out; @@ -2042,13 +2103,15 @@ while (addr_new) ) ) ) { - if (f) fprintf(f, "%s %s\n", - address, address_test_mode ? "is deliverable" : "verified"); + if (fp) fprintf(fp, "%s %s\n", + address, f.address_test_mode ? "is deliverable" : "verified"); /* If we have carried on to verify a child address, we want the value of $address_data to be that of the child */ vaddr->prop.address_data = addr->prop.address_data; + vaddr->prop.variables = NULL; + tree_dup((tree_node **)&vaddr->prop.variables, addr->prop.variables); /* If stopped because more than one new address, cannot cutthrough */ @@ -2062,7 +2125,7 @@ while (addr_new) } /* Loop for generated addresses */ /* Display the full results of the successful routing, including any generated -addresses. Control gets here only when full_info is set, which requires f not +addresses. Control gets here only when full_info is set, which requires fp not to be NULL, and this occurs only when a top-level verify is called with the debugging switch on. @@ -2072,7 +2135,7 @@ discarded, usually because of the use of :blackhole: in an alias file. */ if (allok && !addr_local && !addr_remote) { - fprintf(f, "mail to %s is discarded\n", address); + fprintf(fp, "mail to %s is discarded\n", address); goto out; } @@ -2080,15 +2143,14 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++) while (addr_list) { address_item *addr = addr_list; - address_item *p = addr->parent; transport_instance * tp = addr->transport; addr_list = addr->next; - fprintf(f, "%s", CS addr->address); + fprintf(fp, "%s", CS addr->address); #ifdef EXPERIMENTAL_SRS if(addr->prop.srs_sender) - fprintf(f, " [srs = %s]", addr->prop.srs_sender); + fprintf(fp, " [srs = %s]", addr->prop.srs_sender); #endif /* If the address is a duplicate, show something about it. */ @@ -2097,19 +2159,19 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++) { tree_node *tnode; if ((tnode = tree_search(tree_duplicates, addr->unique))) - fprintf(f, " [duplicate, would not be delivered]"); + fprintf(fp, " [duplicate, would not be delivered]"); else tree_add_duplicate(addr->unique, addr); } /* Now show its parents */ - for (p = addr->parent; p; p = p->parent) - fprintf(f, "\n <-- %s", p->address); - fprintf(f, "\n "); + for (address_item * p = addr->parent; p; p = p->parent) + fprintf(fp, "\n <-- %s", p->address); + fprintf(fp, "\n "); /* Show router, and transport */ - fprintf(f, "router = %s, transport = %s\n", + fprintf(fp, "router = %s, transport = %s\n", addr->router->name, tp ? tp->name : US"unset"); /* Show any hosts that are set up by a router unless the transport @@ -2117,32 +2179,31 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++) if (addr->host_list && tp && !tp->overrides_hosts) { - host_item *h; int maxlen = 0; int maxaddlen = 0; - for (h = addr->host_list; h; h = h->next) + for (host_item * h = addr->host_list; h; h = h->next) { /* get max lengths of host names, addrs */ int len = Ustrlen(h->name); if (len > maxlen) maxlen = len; len = h->address ? Ustrlen(h->address) : 7; if (len > maxaddlen) maxaddlen = len; } - for (h = addr->host_list; h; h = h->next) + for (host_item * h = addr->host_list; h; h = h->next) { - fprintf(f, " host %-*s ", maxlen, h->name); + fprintf(fp, " host %-*s ", maxlen, h->name); if (h->address) - fprintf(f, "[%s%-*c", h->address, maxaddlen+1 - Ustrlen(h->address), ']'); + fprintf(fp, "[%s%-*c", h->address, maxaddlen+1 - Ustrlen(h->address), ']'); else if (tp->info->local) - fprintf(f, " %-*s ", maxaddlen, ""); /* Omit [unknown] for local */ + fprintf(fp, " %-*s ", maxaddlen, ""); /* Omit [unknown] for local */ else - fprintf(f, "[%s%-*c", "unknown", maxaddlen+1 - 7, ']'); + fprintf(fp, "[%s%-*c", "unknown", maxaddlen+1 - 7, ']'); - if (h->mx >= 0) fprintf(f, " MX=%d", h->mx); - if (h->port != PORT_NONE) fprintf(f, " port=%d", h->port); - if (running_in_test_harness && h->dnssec == DS_YES) fputs(" AD", f); - if (h->status == hstatus_unusable) fputs(" ** unusable **", f); - fputc('\n', f); + if (h->mx >= 0) fprintf(fp, " MX=%d", h->mx); + if (h->port != PORT_NONE) fprintf(fp, " port=%d", h->port); + if (f.running_in_test_harness && h->dnssec == DS_YES) fputs(" AD", fp); + if (h->status == hstatus_unusable) fputs(" ** unusable **", fp); + fputc('\n', fp); } } } @@ -2152,7 +2213,7 @@ the -bv or -bt case). */ out: verify_mode = NULL; -tls_modify_variables(&tls_in); +tls_modify_variables(&tls_in); /* return variables to inbound values */ return yield; } @@ -2165,7 +2226,7 @@ return yield; *************************************************/ /* This function checks those header lines that contain addresses, and verifies -that all the addresses therein are syntactially correct. +that all the addresses therein are 5322-syntactially correct. Arguments: msgptr where to put an error message @@ -2177,11 +2238,10 @@ Returns: OK int verify_check_headers(uschar **msgptr) { -header_line *h; uschar *colon, *s; int yield = OK; -for (h = header_list; h != NULL && yield == OK; h = h->next) +for (header_line * h = header_list; h && yield == OK; h = h->next) { if (h->type != htype_from && h->type != htype_reply_to && @@ -2198,9 +2258,9 @@ for (h = header_list; h != NULL && yield == OK; h = h->next) /* Loop for multiple addresses in the header, enabling group syntax. Note that we have to reset this after the header has been scanned. */ - parse_allow_group = TRUE; + f.parse_allow_group = TRUE; - while (*s != 0) + while (*s) { uschar *ss = parse_find_address_end(s, FALSE); uschar *recipient, *errmess; @@ -2217,15 +2277,15 @@ for (h = header_list; h != NULL && yield == OK; h = h->next) /* Permit an unqualified address only if the message is local, or if the sending host is configured to be permitted to send them. */ - if (recipient != NULL && domain == 0) + if (recipient && !domain) { if (h->type == htype_from || h->type == htype_sender) { - if (!allow_unqualified_sender) recipient = NULL; + if (!f.allow_unqualified_sender) recipient = NULL; } else { - if (!allow_unqualified_recipient) recipient = NULL; + if (!f.allow_unqualified_recipient) recipient = NULL; } if (recipient == NULL) errmess = US"unqualified address not permitted"; } @@ -2233,7 +2293,7 @@ for (h = header_list; h != NULL && yield == OK; h = h->next) /* It's an error if no address could be extracted, except for the special case of an empty address. */ - if (recipient == NULL && Ustrcmp(errmess, "empty address") != 0) + if (!recipient && Ustrcmp(errmess, "empty address") != 0) { uschar *verb = US"is"; uschar *t = ss; @@ -2271,12 +2331,12 @@ for (h = header_list; h != NULL && yield == OK; h = h->next) /* Advance to the next address */ - s = ss + (terminator? 1:0); + s = ss + (terminator ? 1 : 0); while (isspace(*s)) s++; } /* Next address */ - parse_allow_group = FALSE; - parse_found_group = FALSE; + f.parse_allow_group = FALSE; + f.parse_found_group = FALSE; } /* Next header unless yield has been set FALSE */ return yield; @@ -2300,17 +2360,16 @@ Returns: OK int verify_check_header_names_ascii(uschar **msgptr) { -header_line *h; -uschar *colon, *s; +uschar *colon; -for (h = header_list; h; h = h->next) +for (header_line * h = header_list; h; h = h->next) { colon = Ustrchr(h->text, ':'); - for(s = h->text; s < colon; s++) + for(uschar * s = h->text; s < colon; s++) if ((*s < 33) || (*s > 126)) { *msgptr = string_sprintf("Invalid character in header \"%.*s\" found", - colon - h->text, h->text); + (int)(colon - h->text), h->text); return FAIL; } } @@ -2330,22 +2389,20 @@ The original proposed patch did the former, but I have chosen to do the latter, because (a) it requires no memory and (b) will use fewer resources when there are many addresses in To: and/or Cc: and only one or two envelope recipients. -Arguments: none +Arguments: case_sensitive true if case sensitive matching should be used Returns: OK if there are no blind recipients FAIL if there is at least one blind recipient */ int -verify_check_notblind(void) +verify_check_notblind(BOOL case_sensitive) { -int i; -for (i = 0; i < recipients_count; i++) +for (int i = 0; i < recipients_count; i++) { - header_line *h; BOOL found = FALSE; uschar *address = recipients_list[i].address; - for (h = header_list; !found && h != NULL; h = h->next) + for (header_line * h = header_list; !found && h; h = h->next) { uschar *colon, *s; @@ -2358,12 +2415,12 @@ for (i = 0; i < recipients_count; i++) /* Loop for multiple addresses in the header, enabling group syntax. Note that we have to reset this after the header has been scanned. */ - parse_allow_group = TRUE; + f.parse_allow_group = TRUE; - while (*s != 0) + while (*s) { - uschar *ss = parse_find_address_end(s, FALSE); - uschar *recipient,*errmess; + uschar * ss = parse_find_address_end(s, FALSE); + uschar * recipient, * errmess; int terminator = *ss; int start, end, domain; @@ -2375,26 +2432,27 @@ for (i = 0; i < recipients_count; i++) *ss = terminator; /* If we found a valid recipient that has a domain, compare it with the - envelope recipient. Local parts are compared case-sensitively, domains - case-insensitively. By comparing from the start with length "domain", we - include the "@" at the end, which ensures that we are comparing the whole - local part of each address. */ - - if (recipient != NULL && domain != 0) - { - found = Ustrncmp(recipient, address, domain) == 0 && - strcmpic(recipient + domain, address + domain) == 0; - if (found) break; - } + envelope recipient. Local parts are compared with case-sensitivity + according to the routine arg, domains case-insensitively. + By comparing from the start with length "domain", we include the "@" at + the end, which ensures that we are comparing the whole local part of each + address. */ + + if (recipient && domain != 0) + if ((found = (case_sensitive + ? Ustrncmp(recipient, address, domain) == 0 + : strncmpic(recipient, address, domain) == 0) + && strcmpic(recipient + domain, address + domain) == 0)) + break; /* Advance to the next address */ - s = ss + (terminator? 1:0); + s = ss + (terminator ? 1:0); while (isspace(*s)) s++; } /* Next address */ - parse_allow_group = FALSE; - parse_found_group = FALSE; + f.parse_allow_group = FALSE; + f.parse_found_group = FALSE; } /* Next header (if found is false) */ if (!found) return FAIL; @@ -2422,10 +2480,9 @@ Returns: pointer to an address item, or NULL address_item * verify_checked_sender(uschar *sender) { -address_item *addr; -for (addr = sender_verified_list; addr != NULL; addr = addr->next) - if (Ustrcmp(sender, addr->address) == 0) break; -return addr; +for (address_item * addr = sender_verified_list; addr; addr = addr->next) + if (Ustrcmp(sender, addr->address) == 0) return addr; +return NULL; } @@ -2479,12 +2536,9 @@ verify_check_header_address(uschar **user_msgptr, uschar **log_msgptr, static int header_types[] = { htype_sender, htype_reply_to, htype_from }; BOOL done = FALSE; int yield = FAIL; -int i; -for (i = 0; i < 3 && !done; i++) - { - header_line *h; - for (h = header_list; h != NULL && !done; h = h->next) +for (int i = 0; i < 3 && !done; i++) + for (header_line * h = header_list; h != NULL && !done; h = h->next) { int terminator, new_ok; uschar *s, *ss, *endname; @@ -2495,7 +2549,7 @@ for (i = 0; i < 3 && !done; i++) /* Scan the addresses in the header, enabling group syntax. Note that we have to reset this after the header has been scanned. */ - parse_allow_group = TRUE; + f.parse_allow_group = TRUE; while (*s != 0) { @@ -2613,10 +2667,10 @@ for (i = 0; i < 3 && !done; i++) s = ss; } /* Next address */ - parse_allow_group = FALSE; - parse_found_group = FALSE; + f.parse_allow_group = FALSE; + f.parse_found_group = FALSE; } /* Next header, unless done */ - } /* Next header type unless done */ + /* Next header type unless done */ if (yield == FAIL && *log_msgptr == NULL) *log_msgptr = US"there is no valid sender in any header line"; @@ -2652,7 +2706,8 @@ Side effect: any received ident value is put in sender_ident (NULL otherwise) void verify_get_ident(int port) { -int sock, host_af, qlen; +client_conn_ctx ident_conn_ctx = {0}; +int host_af, qlen; int received_sender_port, received_interface_port, n; uschar *p; blob early_data; @@ -2672,9 +2727,9 @@ to the incoming interface address. If the sender host address is an IPv6 address, the incoming interface address will also be IPv6. */ host_af = Ustrchr(sender_host_address, ':') == NULL ? AF_INET : AF_INET6; -if ((sock = ip_socket(SOCK_STREAM, host_af)) < 0) return; +if ((ident_conn_ctx.sock = ip_socket(SOCK_STREAM, host_af)) < 0) return; -if (ip_bind(sock, host_af, interface_address, 0) < 0) +if (ip_bind(ident_conn_ctx.sock, host_af, interface_address, 0) < 0) { DEBUG(D_ident) debug_printf("bind socket for ident failed: %s\n", strerror(errno)); @@ -2688,7 +2743,8 @@ qlen = snprintf(CS buffer, sizeof(buffer), "%d , %d\r\n", early_data.data = buffer; early_data.len = qlen; -if (ip_connect(sock, host_af, sender_host_address, port, +/*XXX we trust that the query is idempotent */ +if (ip_connect(ident_conn_ctx.sock, host_af, sender_host_address, port, rfc1413_query_timeout, &early_data) < 0) { if (errno == ETIMEDOUT && LOGGING(ident_timeout)) @@ -2712,7 +2768,7 @@ for (;;) int size = sizeof(buffer) - (p - buffer); if (size <= 0) goto END_OFF; /* Buffer filled without seeing \n. */ - count = ip_recv(sock, p, size, rfc1413_query_timeout); + count = ip_recv(&ident_conn_ctx, p, size, time(NULL) + rfc1413_query_timeout); if (count <= 0) goto END_OFF; /* Read error or EOF */ /* Scan what we just read, to see if we have reached the terminating \r\n. Be @@ -2777,7 +2833,7 @@ sender_ident = US string_printing(string_copyn(p, 127)); DEBUG(D_ident) debug_printf("sender_ident = %s\n", sender_ident); END_OFF: -(void)close(sock); +(void)close(ident_conn_ctx.sock); return; } @@ -2854,8 +2910,7 @@ if (*ss == '@') } else if (Ustrcmp(ss, "@[]") == 0) { - ip_address_item *ip; - for (ip = host_find_interfaces(); ip != NULL; ip = ip->next) + for (ip_address_item * ip = host_find_interfaces(); ip; ip = ip->next) if (Ustrcmp(ip->address, cb->host_address) == 0) return OK; return FAIL; } @@ -2878,7 +2933,7 @@ only by digits and dots (a slash at the start indicates a file name and of course slashes may be present in lookups, but not preceded only by digits and dots). */ -for (t = ss; isdigit(*t) || *t == '.'; t++); +for (t = ss; isdigit(*t) || *t == '.'; ) t++; if (*t == 0 || (*t == '/' && t != ss)) { *error = US"malformed IPv4 address or address mask"; @@ -2912,7 +2967,8 @@ if (Ustrncmp(ss, "net", 3) == 0 && semicolon != NULL) if (mlen == 0 && t == ss+3) mlen = -1; /* No mask supplied */ iplookup = (*t++ == '-'); } -else t = ss; +else + t = ss; /* Do the IP address lookup if that is indeed what we have */ @@ -2971,8 +3027,8 @@ if (iplookup) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", search_error_message); result = search_find(handle, filename, key, -1, NULL, 0, 0, NULL); - if (valueptr != NULL) *valueptr = result; - return (result != NULL)? OK : search_find_defer? DEFER: FAIL; + if (valueptr) *valueptr = result; + return result ? OK : f.search_find_defer ? DEFER: FAIL; } /* The pattern is not an IP address or network reference of any kind. That is, @@ -3014,11 +3070,8 @@ if (*t == 0) rc = host_find_byname(&h, NULL, HOST_FIND_QUALIFY_SINGLE, NULL, FALSE); if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL) { - host_item *hh; - for (hh = &h; hh != NULL; hh = hh->next) - { + for (host_item * hh = &h; hh; hh = hh->next) if (host_is_in_net(hh->address, cb->host_address, 0)) return OK; - } return FAIL; } if (rc == HOST_FIND_AGAIN) return DEFER; @@ -3072,7 +3125,7 @@ if (isquery) /* Not a query-style lookup; must ensure the host name is present, and then we do a check on the name and all its aliases. */ -if (sender_host_name == NULL) +if (!sender_host_name) { HDEBUG(D_host_lookup) debug_printf("sender host name required, to match against %s\n", ss); @@ -3087,8 +3140,7 @@ if (sender_host_name == NULL) /* Match on the sender host name, using the general matching function */ -switch(match_check_string(sender_host_name, ss, -1, TRUE, TRUE, TRUE, - valueptr)) +switch(match_check_string(sender_host_name, ss, -1, TRUE, TRUE, TRUE, valueptr)) { case OK: return OK; case DEFER: return DEFER; @@ -3097,14 +3149,12 @@ switch(match_check_string(sender_host_name, ss, -1, TRUE, TRUE, TRUE, /* If there are aliases, try matching on them. */ aliases = sender_host_aliases; -while (*aliases != NULL) - { +while (*aliases) switch(match_check_string(*aliases++, ss, -1, TRUE, TRUE, TRUE, valueptr)) { case OK: return OK; case DEFER: return DEFER; } - } return FAIL; } @@ -3190,9 +3240,9 @@ return rc; * Check the given host item matches a list * *************************************************/ int -verify_check_given_host(uschar **listptr, host_item *host) +verify_check_given_host(const uschar **listptr, const host_item *host) { -return verify_check_this_host(CUSS listptr, NULL, host->name, host->address, NULL); +return verify_check_this_host(listptr, NULL, host->name, host->address, NULL); } /************************************************* @@ -3215,7 +3265,7 @@ int verify_check_host(uschar **listptr) { return verify_check_this_host(CUSS listptr, sender_host_cache, NULL, - (sender_host_address == NULL)? US"" : sender_host_address, NULL); + sender_host_address ? sender_host_address : US"", NULL); } @@ -3250,9 +3300,8 @@ always 1. */ if (host_aton(address, bin) == 1) { - int i; int x = bin[0]; - for (i = 0; i < 4; i++) + for (int i = 0; i < 4; i++) { sprintf(CS bptr, "%d.", x & 255); while (*bptr) bptr++; @@ -3266,19 +3315,16 @@ unknown. This is just a guess. */ #if HAVE_IPV6 else - { - int i, j; - for (j = 3; j >= 0; j--) + for (int j = 3; j >= 0; j--) { int x = bin[j]; - for (i = 0; i < 8; i++) + for (int i = 0; i < 8; i++) { sprintf(CS bptr, "%x.", x & 15); while (*bptr) bptr++; x >>= 4; } } - } #endif /* Remove trailing period -- this is needed so that both arbitrary @@ -3325,7 +3371,7 @@ one_check_dnsbl(uschar *domain, uschar *domain_txt, uschar *keydomain, uschar *prepend, uschar *iplist, BOOL bitmask, int match_type, int defer_return) { -dns_answer dnsa; +dns_answer * dnsa = store_get_dns_answer(); dns_scan dnss; tree_node *t; dnsbl_cache_block *cb; @@ -3350,7 +3396,7 @@ if ( (t = tree_search(dnsbl_cache, query)) /* Previous lookup was cached */ { - HDEBUG(D_dnsbl) debug_printf("using result of previous DNS lookup\n"); + HDEBUG(D_dnsbl) debug_printf("dnslists: using result of previous lookup\n"); } /* If not cached from a previous lookup, we must do a DNS lookup, and @@ -3358,7 +3404,7 @@ cache the result in permanent memory. */ else { - uint ttl = 3600; + uint ttl = 3600; /* max TTL for positive cache entries */ store_pool = POOL_PERM; @@ -3369,63 +3415,82 @@ else else { /* Set up a tree entry to cache the lookup */ - t = store_get(sizeof(tree_node) + Ustrlen(query)); + t = store_get(sizeof(tree_node) + Ustrlen(query), is_tainted(query)); Ustrcpy(t->name, query); - t->data.ptr = cb = store_get(sizeof(dnsbl_cache_block)); + t->data.ptr = cb = store_get(sizeof(dnsbl_cache_block), FALSE); (void)tree_insertnode(&dnsbl_cache, t); } /* Do the DNS lookup . */ HDEBUG(D_dnsbl) debug_printf("new DNS lookup for %s\n", query); - cb->rc = dns_basic_lookup(&dnsa, query, T_A); + cb->rc = dns_basic_lookup(dnsa, query, T_A); cb->text_set = FALSE; cb->text = NULL; cb->rhs = NULL; /* If the lookup succeeded, cache the RHS address. The code allows for more than one address - this was for complete generality and the possible - use of A6 records. However, A6 records have been reduced to experimental - status (August 2001) and may die out. So they may never get used at all, - let alone in dnsbl records. However, leave the code here, just in case. + use of A6 records. However, A6 records are no longer supported. Leave the code + here, just in case. Quite apart from one A6 RR generating multiple addresses, there are DNS lists that return more than one A record, so we must handle multiple addresses generated in that way as well. Mark the cache entry with the "now" plus the minimum of the address TTLs, - or some suitably far-future time if none were found. */ + or the RFC 2308 negative-cache value from the SOA if none were found. */ - if (cb->rc == DNS_SUCCEED) + switch (cb->rc) { - dns_record *rr; - dns_address **addrp = &(cb->rhs); - for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); - rr; - rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) + case DNS_SUCCEED: { - if (rr->type == T_A) - { - dns_address *da = dns_address_from_rr(&dnsa, rr); - if (da) - { - *addrp = da; - while (da->next != NULL) da = da->next; - addrp = &(da->next); + dns_address ** addrp = &cb->rhs; + dns_address * da; + for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr; + rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) + if (rr->type == T_A && (da = dns_address_from_rr(dnsa, rr))) + { + *addrp = da; + while (da->next) da = da->next; + addrp = &da->next; if (ttl > rr->ttl) ttl = rr->ttl; - } - } + } + + if (cb->rhs) + { + cb->expiry = time(NULL) + ttl; + break; + } + + /* If we didn't find any A records, change the return code. This can + happen when there is a CNAME record but there are no A records for what + it points to. */ + + cb->rc = DNS_NODATA; } + /*FALLTHROUGH*/ + + case DNS_NOMATCH: + case DNS_NODATA: + { + /* Although there already is a neg-cache layer maintained by + dns_basic_lookup(), we have a dnslist cache entry allocated and + tree-inserted. So we may as well use it. */ - /* If we didn't find any A records, change the return code. This can - happen when there is a CNAME record but there are no A records for what - it points to. */ + time_t soa_negttl = dns_expire_from_soa(dnsa); + cb->expiry = soa_negttl ? soa_negttl : time(NULL) + ttl; + break; + } - if (cb->rhs == NULL) cb->rc = DNS_NODATA; + default: + cb->expiry = time(NULL) + ttl; + break; } - cb->expiry = time(NULL)+ttl; store_pool = old_pool; + HDEBUG(D_dnsbl) debug_printf("dnslists: wrote cache entry, ttl=%d\n", + (int)(cb->expiry - time(NULL))); } /* We now have the result of the DNS lookup, either newly done, or cached @@ -3436,14 +3501,14 @@ list (introduced by "&"), or a negative bitmask list (introduced by "!&").*/ if (cb->rc == DNS_SUCCEED) { - dns_address *da = NULL; + dns_address * da = NULL; uschar *addlist = cb->rhs->address; /* For A and AAAA records, there may be multiple addresses from multiple records. For A6 records (currently not expected to be used) there may be multiple addresses from a single record. */ - for (da = cb->rhs->next; da != NULL; da = da->next) + for (da = cb->rhs->next; da; da = da->next) addlist = string_sprintf("%s, %s", addlist, da->address); HDEBUG(D_dnsbl) debug_printf("DNS lookup for %s succeeded (yielding %s)\n", @@ -3452,9 +3517,9 @@ if (cb->rc == DNS_SUCCEED) /* Address list check; this can be either for equality, or via a bitmask. In the latter case, all the bits must match. */ - if (iplist != NULL) + if (iplist) { - for (da = cb->rhs; da != NULL; da = da->next) + for (da = cb->rhs; da; da = da->next) { int ipsep = ','; uschar ip[46]; @@ -3464,12 +3529,11 @@ if (cb->rc == DNS_SUCCEED) /* Handle exact matching */ if (!bitmask) - { - while ((res = string_nextinlist(&ptr, &ipsep, ip, sizeof(ip))) != NULL) - { - if (Ustrcmp(CS da->address, ip) == 0) break; - } - } + { + while ((res = string_nextinlist(&ptr, &ipsep, ip, sizeof(ip)))) + if (Ustrcmp(CS da->address, ip) == 0) + break; + } /* Handle bitmask matching */ @@ -3489,7 +3553,7 @@ if (cb->rc == DNS_SUCCEED) /* Scan the returned addresses, skipping any that are IPv6 */ - while ((res = string_nextinlist(&ptr, &ipsep, ip, sizeof(ip))) != NULL) + while ((res = string_nextinlist(&ptr, &ipsep, ip, sizeof(ip)))) { if (host_aton(ip, address) != 1) continue; if ((address[0] & mask) == address[0]) break; @@ -3522,17 +3586,13 @@ if (cb->rc == DNS_SUCCEED) switch(match_type) { case 0: - res = US"was no match"; - break; + res = US"was no match"; break; case MT_NOT: - res = US"was an exclude match"; - break; + res = US"was an exclude match"; break; case MT_ALL: - res = US"was an IP address that did not match"; - break; + res = US"was an IP address that did not match"; break; case MT_NOT|MT_ALL: - res = US"were no IP addresses that did not match"; - break; + res = US"were no IP addresses that did not match"; break; } debug_printf("=> but we are not accepting this block class because\n"); debug_printf("=> there %s for %s%c%s\n", @@ -3560,22 +3620,18 @@ if (cb->rc == DNS_SUCCEED) if (!cb->text_set) { cb->text_set = TRUE; - if (dns_basic_lookup(&dnsa, query, T_TXT) == DNS_SUCCEED) - { - dns_record *rr; - for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); - rr != NULL; - rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) - if (rr->type == T_TXT) break; - if (rr != NULL) - { - int len = (rr->data)[0]; - if (len > 511) len = 127; - store_pool = POOL_PERM; - cb->text = string_sprintf("%.*s", len, (const uschar *)(rr->data+1)); - store_pool = old_pool; - } - } + if (dns_basic_lookup(dnsa, query, T_TXT) == DNS_SUCCEED) + for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr; + rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) + if (rr->type == T_TXT) + { + int len = (rr->data)[0]; + if (len > 511) len = 127; + store_pool = POOL_PERM; + cb->text = string_sprintf("%.*s", len, CUS (rr->data+1)); + store_pool = old_pool; + break; + } } dnslist_value = addlist; @@ -3669,7 +3725,6 @@ int sep = 0; int defer_return = FAIL; const uschar *list = *listptr; uschar *domain; -uschar *s; uschar buffer[1024]; uschar revadd[128]; /* Long enough for IPv6 address */ @@ -3683,7 +3738,7 @@ dns_init(FALSE, FALSE, FALSE); /*XXX dnssec? */ /* Loop through all the domains supplied, until something matches */ -while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL) +while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer)))) { int rc; BOOL bitmask = FALSE; @@ -3693,7 +3748,7 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL uschar *iplist; uschar *key; - HDEBUG(D_dnsbl) debug_printf("DNS list check: %s\n", domain); + HDEBUG(D_dnsbl) debug_printf("dnslists check: %s\n", domain); /* Deal with special values that change the behaviour on defer */ @@ -3747,8 +3802,7 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL set domain_txt == domain. */ domain_txt = domain; - comma = Ustrchr(domain, ','); - if (comma != NULL) + if ((comma = Ustrchr(domain, ','))) { *comma++ = 0; domain = comma; @@ -3760,32 +3814,28 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL actually causing an error here, because that would no doubt hold up incoming mail. Instead, I'll just log it. */ - for (s = domain; *s != 0; s++) - { + for (uschar * s = domain; *s; s++) if (!isalnum(*s) && *s != '-' && *s != '.' && *s != '_') { log_write(0, LOG_MAIN, "dnslists domain \"%s\" contains " "strange characters - is this right?", domain); break; } - } /* Check the alternate domain if present */ - if (domain_txt != domain) for (s = domain_txt; *s != 0; s++) - { + if (domain_txt != domain) for (uschar * s = domain_txt; *s; s++) if (!isalnum(*s) && *s != '-' && *s != '.' && *s != '_') { log_write(0, LOG_MAIN, "dnslists domain \"%s\" contains " "strange characters - is this right?", domain_txt); break; } - } /* If there is no key string, construct the query by adding the domain name onto the inverted host address, and perform a single DNS lookup. */ - if (key == NULL) + if (!key) { if (where == ACL_WHERE_NOTSMTP_START || where == ACL_WHERE_NOTSMTP) { @@ -3794,7 +3844,7 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL acl_wherenames[where]); return ERROR; } - if (sender_host_address == NULL) return FAIL; /* can never match */ + if (!sender_host_address) return FAIL; /* can never match */ if (revadd[0] == 0) invert_address(revadd, sender_host_address); rc = one_check_dnsbl(domain, domain_txt, sender_host_address, revadd, iplist, bitmask, match_type, defer_return); @@ -3816,11 +3866,9 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL int keysep = 0; BOOL defer = FALSE; uschar *keydomain; - uschar keybuffer[256]; uschar keyrevadd[128]; - while ((keydomain = string_nextinlist(CUSS &key, &keysep, keybuffer, - sizeof(keybuffer))) != NULL) + while ((keydomain = string_nextinlist(CUSS &key, &keysep, NULL, 0))) { uschar *prepend = keydomain; @@ -3832,7 +3880,6 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL rc = one_check_dnsbl(domain, domain_txt, keydomain, prepend, iplist, bitmask, match_type, defer_return); - if (rc == OK) { dnslist_domain = string_copy(domain_txt);