1 /* $OpenBSD: mta_session.c,v 1.138 2020/12/21 11:44:07 martijn Exp $ */ 2 3 /* 4 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> 5 * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> 6 * Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net> 7 * Copyright (c) 2012 Eric Faurot <eric@openbsd.org> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 #include <sys/types.h> 23 #include <sys/queue.h> 24 #include <sys/tree.h> 25 #include <sys/socket.h> 26 #include <sys/stat.h> 27 #include <sys/uio.h> 28 29 #include <arpa/inet.h> 30 #include <ctype.h> 31 #include <err.h> 32 #include <errno.h> 33 #include <event.h> 34 #include <imsg.h> 35 #include <inttypes.h> 36 #include <netdb.h> 37 #include <openssl/ssl.h> 38 #include <pwd.h> 39 #include <resolv.h> 40 #include <limits.h> 41 #include <signal.h> 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> 45 #include <time.h> 46 #include <unistd.h> 47 48 #include "smtpd.h" 49 #include "log.h" 50 #include "ssl.h" 51 52 #define MAX_TRYBEFOREDISABLE 10 53 54 #define MTA_HIWAT 65535 55 56 enum mta_state { 57 MTA_INIT, 58 MTA_BANNER, 59 MTA_EHLO, 60 MTA_HELO, 61 MTA_LHLO, 62 MTA_STARTTLS, 63 MTA_AUTH, 64 MTA_AUTH_PLAIN, 65 MTA_AUTH_LOGIN, 66 MTA_AUTH_LOGIN_USER, 67 MTA_AUTH_LOGIN_PASS, 68 MTA_READY, 69 MTA_MAIL, 70 MTA_RCPT, 71 MTA_DATA, 72 MTA_BODY, 73 MTA_EOM, 74 MTA_LMTP_EOM, 75 MTA_RSET, 76 MTA_QUIT, 77 }; 78 79 #define MTA_FORCE_ANYSSL 0x0001 80 #define MTA_FORCE_SMTPS 0x0002 81 #define MTA_FORCE_TLS 0x0004 82 #define MTA_FORCE_PLAIN 0x0008 83 #define MTA_WANT_SECURE 0x0010 84 #define MTA_DOWNGRADE_PLAIN 0x0080 85 86 #define MTA_TLS 0x0100 87 #define MTA_TLS_VERIFIED 0x0200 88 89 #define MTA_FREE 0x0400 90 #define MTA_LMTP 0x0800 91 #define MTA_WAIT 0x1000 92 #define MTA_HANGON 0x2000 93 #define MTA_RECONN 0x4000 94 95 #define MTA_EXT_STARTTLS 0x01 96 #define MTA_EXT_PIPELINING 0x02 97 #define MTA_EXT_AUTH 0x04 98 #define MTA_EXT_AUTH_PLAIN 0x08 99 #define MTA_EXT_AUTH_LOGIN 0x10 100 #define MTA_EXT_SIZE 0x20 101 102 struct mta_session { 103 uint64_t id; 104 struct mta_relay *relay; 105 struct mta_route *route; 106 char *helo; 107 char *mxname; 108 109 char *username; 110 111 int flags; 112 113 int attempt; 114 int use_smtps; 115 int use_starttls; 116 int use_smtp_tls; 117 int ready; 118 119 struct event ev; 120 struct io *io; 121 int ext; 122 123 size_t ext_size; 124 125 size_t msgtried; 126 size_t msgcount; 127 size_t rcptcount; 128 int hangon; 129 130 enum mta_state state; 131 struct mta_task *task; 132 struct mta_envelope *currevp; 133 FILE *datafp; 134 size_t datalen; 135 136 size_t failures; 137 138 char replybuf[2048]; 139 }; 140 141 static void mta_session_init(void); 142 static void mta_start(int fd, short ev, void *arg); 143 static void mta_io(struct io *, int, void *); 144 static void mta_free(struct mta_session *); 145 static void mta_getnameinfo_cb(void *, int, const char *, const char *); 146 static void mta_on_ptr(void *, void *, void *); 147 static void mta_on_timeout(struct runq *, void *); 148 static void mta_connect(struct mta_session *); 149 static void mta_enter_state(struct mta_session *, int); 150 static void mta_flush_task(struct mta_session *, int, const char *, size_t, int); 151 static void mta_error(struct mta_session *, const char *, ...); 152 static void mta_send(struct mta_session *, char *, ...); 153 static ssize_t mta_queue_data(struct mta_session *); 154 static void mta_response(struct mta_session *, char *); 155 static const char * mta_strstate(int); 156 static void mta_cert_init(struct mta_session *); 157 static void mta_cert_init_cb(void *, int, const char *, const void *, size_t); 158 static void mta_cert_verify(struct mta_session *); 159 static void mta_cert_verify_cb(void *, int); 160 static void mta_tls_verified(struct mta_session *); 161 static struct mta_session *mta_tree_pop(struct tree *, uint64_t); 162 static const char * dsn_strret(enum dsn_ret); 163 static const char * dsn_strnotify(uint8_t); 164 165 void mta_hoststat_update(const char *, const char *); 166 void mta_hoststat_reschedule(const char *); 167 void mta_hoststat_cache(const char *, uint64_t); 168 void mta_hoststat_uncache(const char *, uint64_t); 169 170 171 static void mta_filter_begin(struct mta_session *); 172 static void mta_filter_end(struct mta_session *); 173 static void mta_connected(struct mta_session *); 174 static void mta_disconnected(struct mta_session *); 175 176 static void mta_report_link_connect(struct mta_session *, const char *, int, 177 const struct sockaddr_storage *, 178 const struct sockaddr_storage *); 179 static void mta_report_link_greeting(struct mta_session *, const char *); 180 static void mta_report_link_identify(struct mta_session *, const char *, const char *); 181 static void mta_report_link_tls(struct mta_session *, const char *); 182 static void mta_report_link_disconnect(struct mta_session *); 183 static void mta_report_link_auth(struct mta_session *, const char *, const char *); 184 static void mta_report_tx_reset(struct mta_session *, uint32_t); 185 static void mta_report_tx_begin(struct mta_session *, uint32_t); 186 static void mta_report_tx_mail(struct mta_session *, uint32_t, const char *, int); 187 static void mta_report_tx_rcpt(struct mta_session *, uint32_t, const char *, int); 188 static void mta_report_tx_envelope(struct mta_session *, uint32_t, uint64_t); 189 static void mta_report_tx_data(struct mta_session *, uint32_t, int); 190 static void mta_report_tx_commit(struct mta_session *, uint32_t, size_t); 191 static void mta_report_tx_rollback(struct mta_session *, uint32_t); 192 static void mta_report_protocol_client(struct mta_session *, const char *); 193 static void mta_report_protocol_server(struct mta_session *, const char *); 194 #if 0 195 static void mta_report_filter_response(struct mta_session *, int, int, const char *); 196 #endif 197 static void mta_report_timeout(struct mta_session *); 198 199 200 static struct tree wait_helo; 201 static struct tree wait_ptr; 202 static struct tree wait_fd; 203 static struct tree wait_tls_init; 204 static struct tree wait_tls_verify; 205 206 static struct runq *hangon; 207 208 #define SESSION_FILTERED(s) \ 209 ((s)->relay->dispatcher->u.remote.filtername) 210 211 static void 212 mta_session_init(void) 213 { 214 static int init = 0; 215 216 if (!init) { 217 tree_init(&wait_helo); 218 tree_init(&wait_ptr); 219 tree_init(&wait_fd); 220 tree_init(&wait_tls_init); 221 tree_init(&wait_tls_verify); 222 runq_init(&hangon, mta_on_timeout); 223 init = 1; 224 } 225 } 226 227 void 228 mta_session(struct mta_relay *relay, struct mta_route *route, const char *mxname) 229 { 230 struct mta_session *s; 231 struct timeval tv; 232 233 mta_session_init(); 234 235 s = xcalloc(1, sizeof *s); 236 s->id = generate_uid(); 237 s->relay = relay; 238 s->route = route; 239 s->mxname = xstrdup(mxname); 240 241 mta_filter_begin(s); 242 243 if (relay->flags & RELAY_LMTP) 244 s->flags |= MTA_LMTP; 245 switch (relay->tls) { 246 case RELAY_TLS_SMTPS: 247 s->flags |= MTA_FORCE_SMTPS; 248 s->flags |= MTA_WANT_SECURE; 249 break; 250 case RELAY_TLS_STARTTLS: 251 s->flags |= MTA_FORCE_TLS; 252 s->flags |= MTA_WANT_SECURE; 253 break; 254 case RELAY_TLS_OPPORTUNISTIC: 255 /* do not force anything, try tls then smtp */ 256 break; 257 case RELAY_TLS_NO: 258 s->flags |= MTA_FORCE_PLAIN; 259 break; 260 default: 261 fatalx("bad value for relay->tls: %d", relay->tls); 262 } 263 264 log_debug("debug: mta: %p: spawned for relay %s", s, 265 mta_relay_to_text(relay)); 266 stat_increment("mta.session", 1); 267 268 if (route->dst->ptrname || route->dst->lastptrquery) { 269 /* We want to delay the connection since to always notify 270 * the relay asynchronously. 271 */ 272 tv.tv_sec = 0; 273 tv.tv_usec = 0; 274 evtimer_set(&s->ev, mta_start, s); 275 evtimer_add(&s->ev, &tv); 276 } else if (waitq_wait(&route->dst->ptrname, mta_on_ptr, s)) { 277 resolver_getnameinfo(s->route->dst->sa, NI_NUMERICSERV, 278 mta_getnameinfo_cb, s); 279 } 280 } 281 282 void 283 mta_session_imsg(struct mproc *p, struct imsg *imsg) 284 { 285 struct mta_session *s; 286 struct msg m; 287 uint64_t reqid; 288 const char *name; 289 int status; 290 struct stat sb; 291 292 switch (imsg->hdr.type) { 293 294 case IMSG_MTA_OPEN_MESSAGE: 295 m_msg(&m, imsg); 296 m_get_id(&m, &reqid); 297 m_end(&m); 298 299 s = mta_tree_pop(&wait_fd, reqid); 300 if (s == NULL) { 301 if (imsg->fd != -1) 302 close(imsg->fd); 303 return; 304 } 305 306 if (imsg->fd == -1) { 307 log_debug("debug: mta: failed to obtain msg fd"); 308 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 309 "Could not get message fd", 0, 0); 310 mta_enter_state(s, MTA_READY); 311 return; 312 } 313 314 if ((s->ext & MTA_EXT_SIZE) && s->ext_size != 0) { 315 if (fstat(imsg->fd, &sb) == -1) { 316 log_debug("debug: mta: failed to stat msg fd"); 317 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 318 "Could not stat message fd", 0, 0); 319 mta_enter_state(s, MTA_READY); 320 close(imsg->fd); 321 return; 322 } 323 if (sb.st_size > (off_t)s->ext_size) { 324 log_debug("debug: mta: message too large for peer"); 325 mta_flush_task(s, IMSG_MTA_DELIVERY_PERMFAIL, 326 "message too large for peer", 0, 0); 327 mta_enter_state(s, MTA_READY); 328 close(imsg->fd); 329 return; 330 } 331 } 332 333 s->datafp = fdopen(imsg->fd, "r"); 334 if (s->datafp == NULL) 335 fatal("mta: fdopen"); 336 337 mta_enter_state(s, MTA_MAIL); 338 return; 339 340 case IMSG_MTA_LOOKUP_HELO: 341 m_msg(&m, imsg); 342 m_get_id(&m, &reqid); 343 m_get_int(&m, &status); 344 if (status == LKA_OK) 345 m_get_string(&m, &name); 346 m_end(&m); 347 348 s = mta_tree_pop(&wait_helo, reqid); 349 if (s == NULL) 350 return; 351 352 if (status == LKA_OK) { 353 s->helo = xstrdup(name); 354 mta_connect(s); 355 } else { 356 mta_source_error(s->relay, s->route, 357 "Failed to retrieve helo string"); 358 mta_free(s); 359 } 360 return; 361 362 default: 363 errx(1, "mta_session_imsg: unexpected %s imsg", 364 imsg_to_str(imsg->hdr.type)); 365 } 366 } 367 368 static struct mta_session * 369 mta_tree_pop(struct tree *wait, uint64_t reqid) 370 { 371 struct mta_session *s; 372 373 s = tree_xpop(wait, reqid); 374 if (s->flags & MTA_FREE) { 375 log_debug("debug: mta: %p: zombie session", s); 376 mta_free(s); 377 return (NULL); 378 } 379 s->flags &= ~MTA_WAIT; 380 381 return (s); 382 } 383 384 static void 385 mta_free(struct mta_session *s) 386 { 387 struct mta_relay *relay; 388 struct mta_route *route; 389 390 log_debug("debug: mta: %p: session done", s); 391 392 mta_disconnected(s); 393 394 if (s->ready) 395 s->relay->nconn_ready -= 1; 396 397 if (s->flags & MTA_HANGON) { 398 log_debug("debug: mta: %p: cancelling hangon timer", s); 399 runq_cancel(hangon, s); 400 } 401 402 if (s->io) 403 io_free(s->io); 404 405 if (s->task) 406 fatalx("current task should have been deleted already"); 407 if (s->datafp) { 408 fclose(s->datafp); 409 s->datalen = 0; 410 } 411 free(s->helo); 412 413 relay = s->relay; 414 route = s->route; 415 free(s->username); 416 free(s->mxname); 417 free(s); 418 stat_decrement("mta.session", 1); 419 mta_route_collect(relay, route); 420 } 421 422 static void 423 mta_getnameinfo_cb(void *arg, int gaierrno, const char *host, const char *serv) 424 { 425 struct mta_session *s = arg; 426 struct mta_host *h; 427 428 h = s->route->dst; 429 h->lastptrquery = time(NULL); 430 if (host) 431 h->ptrname = xstrdup(host); 432 waitq_run(&h->ptrname, h->ptrname); 433 } 434 435 static void 436 mta_on_timeout(struct runq *runq, void *arg) 437 { 438 struct mta_session *s = arg; 439 440 log_debug("mta: timeout for session hangon"); 441 442 s->flags &= ~MTA_HANGON; 443 s->hangon++; 444 445 mta_enter_state(s, MTA_READY); 446 } 447 448 static void 449 mta_on_ptr(void *tag, void *arg, void *data) 450 { 451 struct mta_session *s = arg; 452 453 mta_connect(s); 454 } 455 456 static void 457 mta_start(int fd, short ev, void *arg) 458 { 459 struct mta_session *s = arg; 460 461 mta_connect(s); 462 } 463 464 static void 465 mta_connect(struct mta_session *s) 466 { 467 struct sockaddr_storage ss; 468 struct sockaddr *sa; 469 int portno; 470 const char *schema; 471 472 if (s->helo == NULL) { 473 if (s->relay->helotable && s->route->src->sa) { 474 m_create(p_lka, IMSG_MTA_LOOKUP_HELO, 0, 0, -1); 475 m_add_id(p_lka, s->id); 476 m_add_string(p_lka, s->relay->helotable); 477 m_add_sockaddr(p_lka, s->route->src->sa); 478 m_close(p_lka); 479 tree_xset(&wait_helo, s->id, s); 480 s->flags |= MTA_WAIT; 481 return; 482 } 483 else if (s->relay->heloname) 484 s->helo = xstrdup(s->relay->heloname); 485 else 486 s->helo = xstrdup(env->sc_hostname); 487 } 488 489 if (s->io) { 490 io_free(s->io); 491 s->io = NULL; 492 } 493 494 s->use_smtps = s->use_starttls = s->use_smtp_tls = 0; 495 496 switch (s->attempt) { 497 case 0: 498 if (s->flags & MTA_FORCE_SMTPS) 499 s->use_smtps = 1; /* smtps */ 500 else if (s->flags & (MTA_FORCE_TLS|MTA_FORCE_ANYSSL)) 501 s->use_starttls = 1; /* tls, tls+smtps */ 502 else if (!(s->flags & MTA_FORCE_PLAIN)) 503 s->use_smtp_tls = 1; 504 break; 505 case 1: 506 if (s->flags & MTA_FORCE_ANYSSL) { 507 s->use_smtps = 1; /* tls+smtps */ 508 break; 509 } 510 else if (s->flags & MTA_DOWNGRADE_PLAIN) { 511 /* smtp, with tls failure */ 512 break; 513 } 514 default: 515 mta_free(s); 516 return; 517 } 518 portno = s->use_smtps ? 465 : 25; 519 520 /* Override with relay-specified port */ 521 if (s->relay->port) 522 portno = s->relay->port; 523 524 memmove(&ss, s->route->dst->sa, s->route->dst->sa->sa_len); 525 sa = (struct sockaddr *)&ss; 526 527 if (sa->sa_family == AF_INET) 528 ((struct sockaddr_in *)sa)->sin_port = htons(portno); 529 else if (sa->sa_family == AF_INET6) 530 ((struct sockaddr_in6 *)sa)->sin6_port = htons(portno); 531 532 s->attempt += 1; 533 if (s->use_smtp_tls) 534 schema = "smtp://"; 535 else if (s->use_starttls) 536 schema = "smtp+tls://"; 537 else if (s->use_smtps) 538 schema = "smtps://"; 539 else if (s->flags & MTA_LMTP) 540 schema = "lmtp://"; 541 else 542 schema = "smtp+notls://"; 543 544 log_info("%016"PRIx64" mta " 545 "connecting address=%s%s:%d host=%s", 546 s->id, schema, sa_to_text(s->route->dst->sa), 547 portno, s->route->dst->ptrname); 548 549 mta_enter_state(s, MTA_INIT); 550 s->io = io_new(); 551 io_set_callback(s->io, mta_io, s); 552 io_set_timeout(s->io, 300000); 553 if (io_connect(s->io, sa, s->route->src->sa) == -1) { 554 /* 555 * This error is most likely a "no route", 556 * so there is no need to try again. 557 */ 558 log_debug("debug: mta: io_connect failed: %s", io_error(s->io)); 559 if (errno == EADDRNOTAVAIL) 560 mta_source_error(s->relay, s->route, io_error(s->io)); 561 else 562 mta_error(s, "Connection failed: %s", io_error(s->io)); 563 mta_free(s); 564 } 565 } 566 567 static void 568 mta_enter_state(struct mta_session *s, int newstate) 569 { 570 struct mta_envelope *e; 571 size_t envid_sz; 572 int oldstate; 573 ssize_t q; 574 char ibuf[LINE_MAX]; 575 char obuf[LINE_MAX]; 576 int offset; 577 const char *srs_sender; 578 579 again: 580 oldstate = s->state; 581 582 log_trace(TRACE_MTA, "mta: %p: %s -> %s", s, 583 mta_strstate(oldstate), 584 mta_strstate(newstate)); 585 586 s->state = newstate; 587 588 memset(s->replybuf, 0, sizeof s->replybuf); 589 590 /* don't try this at home! */ 591 #define mta_enter_state(_s, _st) do { newstate = _st; goto again; } while (0) 592 593 switch (s->state) { 594 case MTA_INIT: 595 case MTA_BANNER: 596 break; 597 598 case MTA_EHLO: 599 s->ext = 0; 600 mta_send(s, "EHLO %s", s->helo); 601 mta_report_link_identify(s, "EHLO", s->helo); 602 break; 603 604 case MTA_HELO: 605 s->ext = 0; 606 mta_send(s, "HELO %s", s->helo); 607 mta_report_link_identify(s, "HELO", s->helo); 608 break; 609 610 case MTA_LHLO: 611 s->ext = 0; 612 mta_send(s, "LHLO %s", s->helo); 613 mta_report_link_identify(s, "LHLO", s->helo); 614 break; 615 616 case MTA_STARTTLS: 617 if (s->flags & MTA_DOWNGRADE_PLAIN) 618 mta_enter_state(s, MTA_AUTH); 619 if (s->flags & MTA_TLS) /* already started */ 620 mta_enter_state(s, MTA_AUTH); 621 else if ((s->ext & MTA_EXT_STARTTLS) == 0) { 622 if (s->flags & MTA_FORCE_TLS || s->flags & MTA_WANT_SECURE) { 623 mta_error(s, "TLS required but not supported by remote host"); 624 s->flags |= MTA_RECONN; 625 } 626 else 627 /* server doesn't support starttls, do not use it */ 628 mta_enter_state(s, MTA_AUTH); 629 } 630 else 631 mta_send(s, "STARTTLS"); 632 break; 633 634 case MTA_AUTH: 635 if (s->relay->secret && s->flags & MTA_TLS) { 636 if (s->ext & MTA_EXT_AUTH) { 637 if (s->ext & MTA_EXT_AUTH_PLAIN) { 638 mta_enter_state(s, MTA_AUTH_PLAIN); 639 break; 640 } 641 if (s->ext & MTA_EXT_AUTH_LOGIN) { 642 mta_enter_state(s, MTA_AUTH_LOGIN); 643 break; 644 } 645 log_debug("debug: mta: %p: no supported AUTH method on session", s); 646 mta_error(s, "no supported AUTH method"); 647 } 648 else { 649 log_debug("debug: mta: %p: AUTH not advertised on session", s); 650 mta_error(s, "AUTH not advertised"); 651 } 652 } 653 else if (s->relay->secret) { 654 log_debug("debug: mta: %p: not using AUTH on non-TLS " 655 "session", s); 656 mta_error(s, "Refuse to AUTH over unsecure channel"); 657 mta_connect(s); 658 } else { 659 mta_enter_state(s, MTA_READY); 660 } 661 break; 662 663 case MTA_AUTH_PLAIN: 664 memset(ibuf, 0, sizeof ibuf); 665 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 666 sizeof(ibuf)-1) == -1) { 667 log_debug("debug: mta: %p: credentials too large on session", s); 668 mta_error(s, "Credentials too large"); 669 break; 670 } 671 s->username = xstrdup(ibuf+1); 672 mta_send(s, "AUTH PLAIN %s", s->relay->secret); 673 break; 674 675 case MTA_AUTH_LOGIN: 676 mta_send(s, "AUTH LOGIN"); 677 break; 678 679 case MTA_AUTH_LOGIN_USER: 680 memset(ibuf, 0, sizeof ibuf); 681 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 682 sizeof(ibuf)-1) == -1) { 683 log_debug("debug: mta: %p: credentials too large on session", s); 684 mta_error(s, "Credentials too large"); 685 break; 686 } 687 s->username = xstrdup(ibuf+1); 688 689 memset(obuf, 0, sizeof obuf); 690 base64_encode((unsigned char *)ibuf + 1, strlen(ibuf + 1), obuf, sizeof obuf); 691 mta_send(s, "%s", obuf); 692 693 memset(ibuf, 0, sizeof ibuf); 694 memset(obuf, 0, sizeof obuf); 695 break; 696 697 case MTA_AUTH_LOGIN_PASS: 698 memset(ibuf, 0, sizeof ibuf); 699 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 700 sizeof(ibuf)-1) == -1) { 701 log_debug("debug: mta: %p: credentials too large on session", s); 702 mta_error(s, "Credentials too large"); 703 break; 704 } 705 706 offset = strlen(ibuf+1)+2; 707 memset(obuf, 0, sizeof obuf); 708 base64_encode((unsigned char *)ibuf + offset, strlen(ibuf + offset), obuf, sizeof obuf); 709 mta_send(s, "%s", obuf); 710 711 memset(ibuf, 0, sizeof ibuf); 712 memset(obuf, 0, sizeof obuf); 713 break; 714 715 case MTA_READY: 716 /* Ready to send a new mail */ 717 if (s->ready == 0) { 718 s->ready = 1; 719 s->relay->nconn_ready += 1; 720 mta_route_ok(s->relay, s->route); 721 } 722 723 if (s->msgtried >= MAX_TRYBEFOREDISABLE) { 724 log_info("%016"PRIx64" mta host-rejects-all-mails", 725 s->id); 726 mta_route_down(s->relay, s->route); 727 mta_enter_state(s, MTA_QUIT); 728 break; 729 } 730 731 if (s->msgcount >= s->relay->limits->max_mail_per_session) { 732 log_debug("debug: mta: " 733 "%p: cannot send more message to relay %s", s, 734 mta_relay_to_text(s->relay)); 735 mta_enter_state(s, MTA_QUIT); 736 break; 737 } 738 739 /* 740 * When downgrading from opportunistic TLS, clear flag and 741 * possibly reuse the same task (forbidden in other cases). 742 */ 743 if (s->flags & MTA_DOWNGRADE_PLAIN) 744 s->flags &= ~MTA_DOWNGRADE_PLAIN; 745 else if (s->task) 746 fatalx("task should be NULL at this point"); 747 748 if (s->task == NULL) 749 s->task = mta_route_next_task(s->relay, s->route); 750 if (s->task == NULL) { 751 log_debug("debug: mta: %p: no task for relay %s", 752 s, mta_relay_to_text(s->relay)); 753 754 if (s->relay->nconn > 1 || 755 s->hangon >= s->relay->limits->sessdelay_keepalive) { 756 mta_enter_state(s, MTA_QUIT); 757 break; 758 } 759 760 log_debug("mta: debug: last connection: hanging on for %llds", 761 (long long)(s->relay->limits->sessdelay_keepalive - 762 s->hangon)); 763 s->flags |= MTA_HANGON; 764 runq_schedule(hangon, 1, s); 765 break; 766 } 767 768 log_debug("debug: mta: %p: handling next task for relay %s", s, 769 mta_relay_to_text(s->relay)); 770 771 stat_increment("mta.task.running", 1); 772 773 m_create(p_queue, IMSG_MTA_OPEN_MESSAGE, 0, 0, -1); 774 m_add_id(p_queue, s->id); 775 m_add_msgid(p_queue, s->task->msgid); 776 m_close(p_queue); 777 778 tree_xset(&wait_fd, s->id, s); 779 s->flags |= MTA_WAIT; 780 break; 781 782 case MTA_MAIL: 783 s->currevp = TAILQ_FIRST(&s->task->envelopes); 784 785 e = s->currevp; 786 s->hangon = 0; 787 s->msgtried++; 788 envid_sz = strlen(e->dsn_envid); 789 790 /* SRS-encode if requested for the relay action, AND we're not 791 * bouncing, AND we have an RCPT which means we are forwarded, 792 * AND the RCPT has a '@' just for sanity check (will always). 793 */ 794 if (env->sc_srs_key != NULL && 795 s->relay->srs && 796 strchr(s->task->sender, '@') && 797 e->rcpt && 798 strchr(e->rcpt, '@')) { 799 /* encode and replace task sender with new SRS-sender */ 800 srs_sender = srs_encode(s->task->sender, 801 strchr(e->rcpt, '@') + 1); 802 if (srs_sender) { 803 free(s->task->sender); 804 s->task->sender = xstrdup(srs_sender); 805 } 806 } 807 808 if (s->ext & MTA_EXT_DSN) { 809 mta_send(s, "MAIL FROM:<%s>%s%s%s%s", 810 s->task->sender, 811 e->dsn_ret ? " RET=" : "", 812 e->dsn_ret ? dsn_strret(e->dsn_ret) : "", 813 envid_sz ? " ENVID=" : "", 814 envid_sz ? e->dsn_envid : ""); 815 } else 816 mta_send(s, "MAIL FROM:<%s>", s->task->sender); 817 break; 818 819 case MTA_RCPT: 820 if (s->currevp == NULL) 821 s->currevp = TAILQ_FIRST(&s->task->envelopes); 822 823 e = s->currevp; 824 if (s->ext & MTA_EXT_DSN) { 825 mta_send(s, "RCPT TO:<%s>%s%s%s%s", 826 e->dest, 827 e->dsn_notify ? " NOTIFY=" : "", 828 e->dsn_notify ? dsn_strnotify(e->dsn_notify) : "", 829 e->dsn_orcpt ? " ORCPT=rfc822;" : "", 830 e->dsn_orcpt ? e->dsn_orcpt : ""); 831 } else 832 mta_send(s, "RCPT TO:<%s>", e->dest); 833 834 mta_report_tx_envelope(s, s->task->msgid, e->id); 835 s->rcptcount++; 836 break; 837 838 case MTA_DATA: 839 fseek(s->datafp, 0, SEEK_SET); 840 mta_send(s, "DATA"); 841 break; 842 843 case MTA_BODY: 844 if (s->datafp == NULL) { 845 log_trace(TRACE_MTA, "mta: %p: end-of-file", s); 846 mta_enter_state(s, MTA_EOM); 847 break; 848 } 849 850 if ((q = mta_queue_data(s)) == -1) { 851 s->flags |= MTA_FREE; 852 break; 853 } 854 if (q == 0) { 855 mta_enter_state(s, MTA_BODY); 856 break; 857 } 858 859 log_trace(TRACE_MTA, "mta: %p: >>> [...%zd bytes...]", s, q); 860 break; 861 862 case MTA_EOM: 863 mta_send(s, "."); 864 break; 865 866 case MTA_LMTP_EOM: 867 /* LMTP reports status of each delivery, so enable read */ 868 io_set_read(s->io); 869 break; 870 871 case MTA_RSET: 872 if (s->datafp) { 873 fclose(s->datafp); 874 s->datafp = NULL; 875 s->datalen = 0; 876 } 877 mta_send(s, "RSET"); 878 break; 879 880 case MTA_QUIT: 881 mta_send(s, "QUIT"); 882 break; 883 884 default: 885 fatalx("mta_enter_state: unknown state"); 886 } 887 #undef mta_enter_state 888 } 889 890 /* 891 * Handle a response to an SMTP command 892 */ 893 static void 894 mta_response(struct mta_session *s, char *line) 895 { 896 struct mta_envelope *e; 897 struct sockaddr_storage ss; 898 struct sockaddr *sa; 899 const char *domain; 900 char *pbuf; 901 socklen_t sa_len; 902 char buf[LINE_MAX]; 903 int delivery; 904 905 switch (s->state) { 906 907 case MTA_BANNER: 908 if (line[0] != '2') { 909 mta_error(s, "BANNER rejected: %s", line); 910 s->flags |= MTA_FREE; 911 return; 912 } 913 914 pbuf = ""; 915 if (strlen(line) > 4) { 916 (void)strlcpy(buf, line + 4, sizeof buf); 917 if ((pbuf = strchr(buf, ' '))) 918 *pbuf = '\0'; 919 pbuf = valid_domainpart(buf) ? buf : ""; 920 } 921 mta_report_link_greeting(s, pbuf); 922 923 if (s->flags & MTA_LMTP) 924 mta_enter_state(s, MTA_LHLO); 925 else 926 mta_enter_state(s, MTA_EHLO); 927 break; 928 929 case MTA_EHLO: 930 if (line[0] != '2') { 931 /* rejected at ehlo state */ 932 if ((s->relay->flags & RELAY_AUTH) || 933 (s->flags & MTA_WANT_SECURE)) { 934 mta_error(s, "EHLO rejected: %s", line); 935 s->flags |= MTA_FREE; 936 return; 937 } 938 mta_enter_state(s, MTA_HELO); 939 return; 940 } 941 if (!(s->flags & MTA_FORCE_PLAIN)) 942 mta_enter_state(s, MTA_STARTTLS); 943 else 944 mta_enter_state(s, MTA_READY); 945 break; 946 947 case MTA_HELO: 948 if (line[0] != '2') { 949 mta_error(s, "HELO rejected: %s", line); 950 s->flags |= MTA_FREE; 951 return; 952 } 953 mta_enter_state(s, MTA_READY); 954 break; 955 956 case MTA_LHLO: 957 if (line[0] != '2') { 958 mta_error(s, "LHLO rejected: %s", line); 959 s->flags |= MTA_FREE; 960 return; 961 } 962 mta_enter_state(s, MTA_READY); 963 break; 964 965 case MTA_STARTTLS: 966 if (line[0] != '2') { 967 if (!(s->flags & MTA_WANT_SECURE)) { 968 mta_enter_state(s, MTA_AUTH); 969 return; 970 } 971 /* XXX mark that the MX doesn't support STARTTLS */ 972 mta_error(s, "STARTTLS rejected: %s", line); 973 s->flags |= MTA_FREE; 974 return; 975 } 976 977 mta_cert_init(s); 978 break; 979 980 case MTA_AUTH_PLAIN: 981 if (line[0] != '2') { 982 mta_error(s, "AUTH rejected: %s", line); 983 mta_report_link_auth(s, s->username, "fail"); 984 s->flags |= MTA_FREE; 985 return; 986 } 987 mta_report_link_auth(s, s->username, "pass"); 988 mta_enter_state(s, MTA_READY); 989 break; 990 991 case MTA_AUTH_LOGIN: 992 if (strncmp(line, "334 ", 4) != 0) { 993 mta_error(s, "AUTH rejected: %s", line); 994 mta_report_link_auth(s, s->username, "fail"); 995 s->flags |= MTA_FREE; 996 return; 997 } 998 mta_enter_state(s, MTA_AUTH_LOGIN_USER); 999 break; 1000 1001 case MTA_AUTH_LOGIN_USER: 1002 if (strncmp(line, "334 ", 4) != 0) { 1003 mta_error(s, "AUTH rejected: %s", line); 1004 mta_report_link_auth(s, s->username, "fail"); 1005 s->flags |= MTA_FREE; 1006 return; 1007 } 1008 mta_enter_state(s, MTA_AUTH_LOGIN_PASS); 1009 break; 1010 1011 case MTA_AUTH_LOGIN_PASS: 1012 if (line[0] != '2') { 1013 mta_error(s, "AUTH rejected: %s", line); 1014 mta_report_link_auth(s, s->username, "fail"); 1015 s->flags |= MTA_FREE; 1016 return; 1017 } 1018 mta_report_link_auth(s, s->username, "pass"); 1019 mta_enter_state(s, MTA_READY); 1020 break; 1021 1022 case MTA_MAIL: 1023 if (line[0] != '2') { 1024 if (line[0] == '5') 1025 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1026 else 1027 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1028 1029 mta_flush_task(s, delivery, line, 0, 0); 1030 mta_enter_state(s, MTA_RSET); 1031 return; 1032 } 1033 mta_report_tx_begin(s, s->task->msgid); 1034 mta_report_tx_mail(s, s->task->msgid, s->task->sender, 1); 1035 mta_enter_state(s, MTA_RCPT); 1036 break; 1037 1038 case MTA_RCPT: 1039 e = s->currevp; 1040 1041 /* remove envelope from hosttat cache if there */ 1042 if ((domain = strchr(e->dest, '@')) != NULL) { 1043 domain++; 1044 mta_hoststat_uncache(domain, e->id); 1045 } 1046 1047 s->currevp = TAILQ_NEXT(s->currevp, entry); 1048 if (line[0] == '2') { 1049 s->failures = 0; 1050 /* 1051 * this host is up, reschedule envelopes that 1052 * were cached for reschedule. 1053 */ 1054 if (domain) 1055 mta_hoststat_reschedule(domain); 1056 } 1057 else { 1058 mta_report_tx_rollback(s, s->task->msgid); 1059 mta_report_tx_reset(s, s->task->msgid); 1060 if (line[0] == '5') 1061 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1062 else 1063 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1064 s->failures++; 1065 1066 /* remove failed envelope from task list */ 1067 TAILQ_REMOVE(&s->task->envelopes, e, entry); 1068 stat_decrement("mta.envelope", 1); 1069 1070 /* log right away */ 1071 (void)snprintf(buf, sizeof(buf), "%s", 1072 mta_host_to_text(s->route->dst)); 1073 1074 e->session = s->id; 1075 /* XXX */ 1076 /* 1077 * getsockname() can only fail with ENOBUFS here 1078 * best effort, don't log source ... 1079 */ 1080 sa_len = sizeof(ss); 1081 sa = (struct sockaddr *)&ss; 1082 if (getsockname(io_fileno(s->io), sa, &sa_len) == -1) 1083 mta_delivery_log(e, NULL, buf, delivery, line); 1084 else 1085 mta_delivery_log(e, sa_to_text(sa), 1086 buf, delivery, line); 1087 1088 if (domain) 1089 mta_hoststat_update(domain, e->status); 1090 mta_delivery_notify(e); 1091 1092 if (s->relay->limits->max_failures_per_session && 1093 s->failures == s->relay->limits->max_failures_per_session) { 1094 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 1095 "Too many consecutive errors, closing connection", 0, 1); 1096 mta_enter_state(s, MTA_QUIT); 1097 break; 1098 } 1099 1100 /* 1101 * if no more envelopes, flush failed queue 1102 */ 1103 if (TAILQ_EMPTY(&s->task->envelopes)) { 1104 mta_flush_task(s, IMSG_MTA_DELIVERY_OK, 1105 "No envelope", 0, 0); 1106 mta_enter_state(s, MTA_RSET); 1107 break; 1108 } 1109 } 1110 1111 switch (line[0]) { 1112 case '2': 1113 mta_report_tx_rcpt(s, 1114 s->task->msgid, e->dest, 1); 1115 break; 1116 case '4': 1117 mta_report_tx_rcpt(s, 1118 s->task->msgid, e->dest, -1); 1119 break; 1120 case '5': 1121 mta_report_tx_rcpt(s, 1122 s->task->msgid, e->dest, 0); 1123 break; 1124 } 1125 1126 if (s->currevp == NULL) 1127 mta_enter_state(s, MTA_DATA); 1128 else 1129 mta_enter_state(s, MTA_RCPT); 1130 break; 1131 1132 case MTA_DATA: 1133 if (line[0] == '2' || line[0] == '3') { 1134 mta_report_tx_data(s, s->task->msgid, 1); 1135 mta_enter_state(s, MTA_BODY); 1136 break; 1137 } 1138 1139 if (line[0] == '5') 1140 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1141 else 1142 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1143 mta_report_tx_data(s, s->task->msgid, 1144 delivery == IMSG_MTA_DELIVERY_TEMPFAIL ? -1 : 0); 1145 mta_report_tx_rollback(s, s->task->msgid); 1146 mta_report_tx_reset(s, s->task->msgid); 1147 mta_flush_task(s, delivery, line, 0, 0); 1148 mta_enter_state(s, MTA_RSET); 1149 break; 1150 1151 case MTA_LMTP_EOM: 1152 case MTA_EOM: 1153 if (line[0] == '2') { 1154 delivery = IMSG_MTA_DELIVERY_OK; 1155 s->msgtried = 0; 1156 s->msgcount++; 1157 } 1158 else if (line[0] == '5') 1159 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1160 else 1161 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1162 if (delivery != IMSG_MTA_DELIVERY_OK) { 1163 mta_report_tx_rollback(s, s->task->msgid); 1164 mta_report_tx_reset(s, s->task->msgid); 1165 } 1166 else { 1167 mta_report_tx_commit(s, s->task->msgid, s->datalen); 1168 mta_report_tx_reset(s, s->task->msgid); 1169 } 1170 mta_flush_task(s, delivery, line, (s->flags & MTA_LMTP) ? 1 : 0, 0); 1171 if (s->task) { 1172 s->rcptcount--; 1173 mta_enter_state(s, MTA_LMTP_EOM); 1174 } else { 1175 s->rcptcount = 0; 1176 if (s->relay->limits->sessdelay_transaction) { 1177 log_debug("debug: mta: waiting for %llds before next transaction", 1178 (long long int)s->relay->limits->sessdelay_transaction); 1179 s->hangon = s->relay->limits->sessdelay_transaction -1; 1180 s->flags |= MTA_HANGON; 1181 runq_schedule(hangon, 1182 s->relay->limits->sessdelay_transaction, s); 1183 } 1184 else 1185 mta_enter_state(s, MTA_READY); 1186 } 1187 break; 1188 1189 case MTA_RSET: 1190 s->rcptcount = 0; 1191 1192 if (s->task) { 1193 mta_report_tx_rollback(s, s->task->msgid); 1194 mta_report_tx_reset(s, s->task->msgid); 1195 } 1196 if (s->relay->limits->sessdelay_transaction) { 1197 log_debug("debug: mta: waiting for %llds after reset", 1198 (long long int)s->relay->limits->sessdelay_transaction); 1199 s->hangon = s->relay->limits->sessdelay_transaction -1; 1200 s->flags |= MTA_HANGON; 1201 runq_schedule(hangon, 1202 s->relay->limits->sessdelay_transaction, s); 1203 } 1204 else 1205 mta_enter_state(s, MTA_READY); 1206 break; 1207 1208 default: 1209 fatalx("mta_response() bad state"); 1210 } 1211 } 1212 1213 static void 1214 mta_io(struct io *io, int evt, void *arg) 1215 { 1216 struct mta_session *s = arg; 1217 char *line, *msg, *p; 1218 size_t len; 1219 const char *error; 1220 int cont; 1221 1222 log_trace(TRACE_IO, "mta: %p: %s %s", s, io_strevent(evt), 1223 io_strio(io)); 1224 1225 switch (evt) { 1226 1227 case IO_CONNECTED: 1228 mta_connected(s); 1229 1230 if (s->use_smtps) { 1231 io_set_write(io); 1232 mta_cert_init(s); 1233 } 1234 else { 1235 mta_enter_state(s, MTA_BANNER); 1236 io_set_read(io); 1237 } 1238 break; 1239 1240 case IO_TLSREADY: 1241 log_info("%016"PRIx64" mta tls ciphers=%s", 1242 s->id, ssl_to_text(io_tls(s->io))); 1243 s->flags |= MTA_TLS; 1244 1245 mta_report_link_tls(s, 1246 ssl_to_text(io_tls(s->io))); 1247 1248 mta_cert_verify(s); 1249 break; 1250 1251 case IO_DATAIN: 1252 nextline: 1253 line = io_getline(s->io, &len); 1254 if (line == NULL) { 1255 if (io_datalen(s->io) >= LINE_MAX) { 1256 mta_error(s, "Input too long"); 1257 mta_free(s); 1258 } 1259 return; 1260 } 1261 1262 /* Strip trailing '\r' */ 1263 if (len && line[len - 1] == '\r') 1264 line[--len] = '\0'; 1265 1266 log_trace(TRACE_MTA, "mta: %p: <<< %s", s, line); 1267 mta_report_protocol_server(s, line); 1268 1269 if ((error = parse_smtp_response(line, len, &msg, &cont))) { 1270 mta_error(s, "Bad response: %s", error); 1271 mta_free(s); 1272 return; 1273 } 1274 1275 /* read extensions */ 1276 if (s->state == MTA_EHLO) { 1277 if (strcmp(msg, "STARTTLS") == 0) 1278 s->ext |= MTA_EXT_STARTTLS; 1279 else if (strncmp(msg, "AUTH ", 5) == 0) { 1280 s->ext |= MTA_EXT_AUTH; 1281 if ((p = strstr(msg, " PLAIN")) && 1282 (*(p+6) == '\0' || *(p+6) == ' ')) 1283 s->ext |= MTA_EXT_AUTH_PLAIN; 1284 if ((p = strstr(msg, " LOGIN")) && 1285 (*(p+6) == '\0' || *(p+6) == ' ')) 1286 s->ext |= MTA_EXT_AUTH_LOGIN; 1287 } 1288 else if (strcmp(msg, "PIPELINING") == 0) 1289 s->ext |= MTA_EXT_PIPELINING; 1290 else if (strcmp(msg, "DSN") == 0) 1291 s->ext |= MTA_EXT_DSN; 1292 else if (strncmp(msg, "SIZE ", 5) == 0) { 1293 s->ext_size = strtonum(msg+5, 0, UINT32_MAX, &error); 1294 if (error == NULL) 1295 s->ext |= MTA_EXT_SIZE; 1296 } 1297 } 1298 1299 /* continuation reply, we parse out the repeating statuses and ESC */ 1300 if (cont) { 1301 if (s->replybuf[0] == '\0') 1302 (void)strlcat(s->replybuf, line, sizeof s->replybuf); 1303 else if (len > 4) { 1304 p = line + 4; 1305 if (isdigit((unsigned char)p[0]) && p[1] == '.' && 1306 isdigit((unsigned char)p[2]) && p[3] == '.' && 1307 isdigit((unsigned char)p[4]) && isspace((unsigned char)p[5])) 1308 p += 5; 1309 (void)strlcat(s->replybuf, p, sizeof s->replybuf); 1310 } 1311 goto nextline; 1312 } 1313 1314 /* last line of a reply, check if we're on a continuation to parse out status and ESC. 1315 * if we overflow reply buffer or are not on continuation, log entire last line. 1316 */ 1317 if (s->replybuf[0] == '\0') 1318 (void)strlcat(s->replybuf, line, sizeof s->replybuf); 1319 else if (len > 4) { 1320 p = line + 4; 1321 if (isdigit((unsigned char)p[0]) && p[1] == '.' && 1322 isdigit((unsigned char)p[2]) && p[3] == '.' && 1323 isdigit((unsigned char)p[4]) && isspace((unsigned char)p[5])) 1324 p += 5; 1325 if (strlcat(s->replybuf, p, sizeof s->replybuf) >= sizeof s->replybuf) 1326 (void)strlcpy(s->replybuf, line, sizeof s->replybuf); 1327 } 1328 1329 if (s->state == MTA_QUIT) { 1330 log_info("%016"PRIx64" mta disconnected reason=quit messages=%zu", 1331 s->id, s->msgcount); 1332 mta_free(s); 1333 return; 1334 } 1335 io_set_write(io); 1336 mta_response(s, s->replybuf); 1337 if (s->flags & MTA_FREE) { 1338 mta_free(s); 1339 return; 1340 } 1341 if (s->flags & MTA_RECONN) { 1342 s->flags &= ~MTA_RECONN; 1343 mta_connect(s); 1344 return; 1345 } 1346 1347 if (io_datalen(s->io)) { 1348 log_debug("debug: mta: remaining data in input buffer"); 1349 mta_error(s, "Remote host sent too much data"); 1350 if (s->flags & MTA_WAIT) 1351 s->flags |= MTA_FREE; 1352 else 1353 mta_free(s); 1354 } 1355 break; 1356 1357 case IO_LOWAT: 1358 if (s->state == MTA_BODY) { 1359 mta_enter_state(s, MTA_BODY); 1360 if (s->flags & MTA_FREE) { 1361 mta_free(s); 1362 return; 1363 } 1364 } 1365 1366 if (io_queued(s->io) == 0) 1367 io_set_read(io); 1368 break; 1369 1370 case IO_TIMEOUT: 1371 log_debug("debug: mta: %p: connection timeout", s); 1372 mta_error(s, "Connection timeout"); 1373 mta_report_timeout(s); 1374 if (!s->ready) 1375 mta_connect(s); 1376 else 1377 mta_free(s); 1378 break; 1379 1380 case IO_ERROR: 1381 case IO_TLSERROR: 1382 log_debug("debug: mta: %p: IO error: %s", s, io_error(io)); 1383 1384 if (s->state == MTA_STARTTLS && s->use_smtp_tls) { 1385 /* error in non-strict SSL negotiation, downgrade to plain */ 1386 log_info("smtp-out: Error on session %016"PRIx64 1387 ": opportunistic TLS failed, " 1388 "downgrading to plain", s->id); 1389 s->flags &= ~MTA_TLS; 1390 s->flags |= MTA_DOWNGRADE_PLAIN; 1391 mta_connect(s); 1392 break; 1393 } 1394 1395 mta_error(s, "IO Error: %s", io_error(io)); 1396 mta_free(s); 1397 break; 1398 1399 case IO_DISCONNECTED: 1400 log_debug("debug: mta: %p: disconnected in state %s", 1401 s, mta_strstate(s->state)); 1402 mta_error(s, "Connection closed unexpectedly"); 1403 if (!s->ready) 1404 mta_connect(s); 1405 else 1406 mta_free(s); 1407 break; 1408 1409 default: 1410 fatalx("mta_io() bad event"); 1411 } 1412 } 1413 1414 static void 1415 mta_send(struct mta_session *s, char *fmt, ...) 1416 { 1417 va_list ap; 1418 char *p; 1419 int len; 1420 1421 va_start(ap, fmt); 1422 if ((len = vasprintf(&p, fmt, ap)) == -1) 1423 fatal("mta: vasprintf"); 1424 va_end(ap); 1425 1426 log_trace(TRACE_MTA, "mta: %p: >>> %s", s, p); 1427 1428 if (strncasecmp(p, "AUTH PLAIN ", 11) == 0) 1429 mta_report_protocol_client(s, "AUTH PLAIN ********"); 1430 else if (s->state == MTA_AUTH_LOGIN_USER || s->state == MTA_AUTH_LOGIN_PASS) 1431 mta_report_protocol_client(s, "********"); 1432 else 1433 mta_report_protocol_client(s, p); 1434 1435 io_xprintf(s->io, "%s\r\n", p); 1436 1437 free(p); 1438 } 1439 1440 /* 1441 * Queue some data into the input buffer 1442 */ 1443 static ssize_t 1444 mta_queue_data(struct mta_session *s) 1445 { 1446 char *ln = NULL; 1447 size_t sz = 0, q; 1448 ssize_t len; 1449 1450 q = io_queued(s->io); 1451 1452 while (io_queued(s->io) < MTA_HIWAT) { 1453 if ((len = getline(&ln, &sz, s->datafp)) == -1) 1454 break; 1455 if (ln[len - 1] == '\n') 1456 ln[len - 1] = '\0'; 1457 s->datalen += io_xprintf(s->io, "%s%s\r\n", *ln == '.' ? "." : "", ln); 1458 } 1459 1460 free(ln); 1461 if (ferror(s->datafp)) { 1462 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 1463 "Error reading content file", 0, 0); 1464 return (-1); 1465 } 1466 1467 if (feof(s->datafp)) { 1468 fclose(s->datafp); 1469 s->datafp = NULL; 1470 } 1471 1472 return (io_queued(s->io) - q); 1473 } 1474 1475 static void 1476 mta_flush_task(struct mta_session *s, int delivery, const char *error, size_t count, 1477 int cache) 1478 { 1479 struct mta_envelope *e; 1480 char relay[LINE_MAX]; 1481 size_t n; 1482 struct sockaddr_storage ss; 1483 struct sockaddr *sa; 1484 socklen_t sa_len; 1485 const char *domain; 1486 1487 (void)snprintf(relay, sizeof relay, "%s", mta_host_to_text(s->route->dst)); 1488 n = 0; 1489 while ((e = TAILQ_FIRST(&s->task->envelopes))) { 1490 1491 if (count && n == count) { 1492 stat_decrement("mta.envelope", n); 1493 return; 1494 } 1495 1496 TAILQ_REMOVE(&s->task->envelopes, e, entry); 1497 1498 /* we're about to log, associate session to envelope */ 1499 e->session = s->id; 1500 e->ext = s->ext; 1501 1502 /* XXX */ 1503 /* 1504 * getsockname() can only fail with ENOBUFS here 1505 * best effort, don't log source ... 1506 */ 1507 sa = (struct sockaddr *)&ss; 1508 sa_len = sizeof(ss); 1509 if (getsockname(io_fileno(s->io), sa, &sa_len) == -1) 1510 mta_delivery_log(e, NULL, relay, delivery, error); 1511 else 1512 mta_delivery_log(e, sa_to_text(sa), 1513 relay, delivery, error); 1514 1515 mta_delivery_notify(e); 1516 1517 domain = strchr(e->dest, '@'); 1518 if (domain) { 1519 domain++; 1520 mta_hoststat_update(domain, error); 1521 if (cache) 1522 mta_hoststat_cache(domain, e->id); 1523 } 1524 1525 n++; 1526 } 1527 1528 free(s->task->sender); 1529 free(s->task); 1530 s->task = NULL; 1531 1532 if (s->datafp) { 1533 fclose(s->datafp); 1534 s->datafp = NULL; 1535 } 1536 1537 stat_decrement("mta.envelope", n); 1538 stat_decrement("mta.task.running", 1); 1539 stat_decrement("mta.task", 1); 1540 } 1541 1542 static void 1543 mta_error(struct mta_session *s, const char *fmt, ...) 1544 { 1545 va_list ap; 1546 char *error; 1547 int len; 1548 1549 va_start(ap, fmt); 1550 if ((len = vasprintf(&error, fmt, ap)) == -1) 1551 fatal("mta: vasprintf"); 1552 va_end(ap); 1553 1554 if (s->msgcount) 1555 log_info("smtp-out: Error on session %016"PRIx64 1556 " after %zu message%s sent: %s", s->id, s->msgcount, 1557 (s->msgcount > 1) ? "s" : "", error); 1558 else 1559 log_info("%016"PRIx64" mta error reason=%s", 1560 s->id, error); 1561 1562 /* 1563 * If not connected yet, and the error is not local, just ignore it 1564 * and try to reconnect. 1565 */ 1566 if (s->state == MTA_INIT && 1567 (errno == ETIMEDOUT || errno == ECONNREFUSED)) { 1568 log_debug("debug: mta: not reporting route error yet"); 1569 free(error); 1570 return; 1571 } 1572 1573 mta_route_error(s->relay, s->route); 1574 1575 if (s->task) 1576 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, error, 0, 0); 1577 1578 free(error); 1579 } 1580 1581 static void 1582 mta_cert_init(struct mta_session *s) 1583 { 1584 const char *name; 1585 int fallback; 1586 1587 if (s->relay->pki_name) { 1588 name = s->relay->pki_name; 1589 fallback = 0; 1590 } 1591 else { 1592 name = s->helo; 1593 fallback = 1; 1594 } 1595 1596 if (cert_init(name, fallback, mta_cert_init_cb, s)) { 1597 tree_xset(&wait_tls_init, s->id, s); 1598 s->flags |= MTA_WAIT; 1599 } 1600 } 1601 1602 static void 1603 mta_cert_init_cb(void *arg, int status, const char *name, const void *cert, 1604 size_t cert_len) 1605 { 1606 struct mta_session *s = arg; 1607 void *ssl; 1608 char *xname = NULL, *xcert = NULL; 1609 union { 1610 struct in_addr in4; 1611 struct in6_addr in6; 1612 } addrbuf; 1613 1614 if (s->flags & MTA_WAIT) 1615 mta_tree_pop(&wait_tls_init, s->id); 1616 1617 if (status == CA_FAIL && s->relay->pki_name) { 1618 log_info("%016"PRIx64" mta closing reason=ca-failure", s->id); 1619 mta_free(s); 1620 return; 1621 } 1622 1623 if (name) 1624 xname = xstrdup(name); 1625 if (cert) 1626 xcert = xmemdup(cert, cert_len); 1627 ssl = ssl_mta_init(xname, xcert, cert_len, env->sc_tls_ciphers); 1628 free(xname); 1629 free(xcert); 1630 if (ssl == NULL) 1631 fatal("mta: ssl_mta_init"); 1632 1633 /* 1634 * RFC4366 (SNI): Literal IPv4 and IPv6 addresses are not 1635 * permitted in "HostName". 1636 */ 1637 if (s->relay->domain->as_host == 1) { 1638 if (inet_pton(AF_INET, s->relay->domain->name, &addrbuf) != 1 && 1639 inet_pton(AF_INET6, s->relay->domain->name, &addrbuf) != 1) { 1640 log_debug("%016"PRIx64" mta tls setting SNI name=%s", 1641 s->id, s->relay->domain->name); 1642 if (SSL_set_tlsext_host_name(ssl, s->relay->domain->name) == 0) 1643 log_warnx("%016"PRIx64" mta tls setting SNI failed", 1644 s->id); 1645 } 1646 } 1647 1648 io_start_tls(s->io, ssl); 1649 } 1650 1651 static void 1652 mta_cert_verify(struct mta_session *s) 1653 { 1654 const char *name; 1655 int fallback; 1656 1657 if (s->relay->ca_name) { 1658 name = s->relay->ca_name; 1659 fallback = 0; 1660 } 1661 else { 1662 name = s->helo; 1663 fallback = 1; 1664 } 1665 1666 if (cert_verify(io_tls(s->io), name, fallback, mta_cert_verify_cb, s)) { 1667 tree_xset(&wait_tls_verify, s->id, s); 1668 io_pause(s->io, IO_IN); 1669 s->flags |= MTA_WAIT; 1670 } 1671 } 1672 1673 static void 1674 mta_cert_verify_cb(void *arg, int status) 1675 { 1676 struct mta_session *s = arg; 1677 int match, resume = 0; 1678 X509 *cert; 1679 1680 if (s->flags & MTA_WAIT) { 1681 mta_tree_pop(&wait_tls_verify, s->id); 1682 resume = 1; 1683 } 1684 1685 if (status == CERT_OK) { 1686 cert = SSL_get_peer_certificate(io_tls(s->io)); 1687 if (!cert) 1688 status = CERT_NOCERT; 1689 else { 1690 match = 0; 1691 (void)ssl_check_name(cert, s->mxname, &match); 1692 X509_free(cert); 1693 if (!match) { 1694 log_info("%016"PRIx64" mta " 1695 "ssl_check_name: no match for '%s' in cert", 1696 s->id, s->mxname); 1697 status = CERT_INVALID; 1698 } 1699 } 1700 } 1701 1702 if (status == CERT_OK) 1703 s->flags |= MTA_TLS_VERIFIED; 1704 else if (s->relay->flags & RELAY_TLS_VERIFY) { 1705 errno = 0; 1706 mta_error(s, "SSL certificate check failed"); 1707 mta_free(s); 1708 return; 1709 } 1710 1711 mta_tls_verified(s); 1712 if (resume) 1713 io_resume(s->io, IO_IN); 1714 } 1715 1716 static void 1717 mta_tls_verified(struct mta_session *s) 1718 { 1719 X509 *x; 1720 1721 x = SSL_get_peer_certificate(io_tls(s->io)); 1722 if (x) { 1723 log_info("%016"PRIx64" mta " 1724 "server-cert-check result=\"%s\"", 1725 s->id, 1726 (s->flags & MTA_TLS_VERIFIED) ? "success" : "failure"); 1727 X509_free(x); 1728 } 1729 1730 if (s->use_smtps) { 1731 mta_enter_state(s, MTA_BANNER); 1732 io_set_read(s->io); 1733 } 1734 else 1735 mta_enter_state(s, MTA_EHLO); 1736 } 1737 1738 static const char * 1739 dsn_strret(enum dsn_ret ret) 1740 { 1741 if (ret == DSN_RETHDRS) 1742 return "HDRS"; 1743 else if (ret == DSN_RETFULL) 1744 return "FULL"; 1745 else { 1746 log_debug("mta: invalid ret %d", ret); 1747 return "???"; 1748 } 1749 } 1750 1751 static const char * 1752 dsn_strnotify(uint8_t arg) 1753 { 1754 static char buf[32]; 1755 size_t sz; 1756 1757 buf[0] = '\0'; 1758 if (arg & DSN_SUCCESS) 1759 (void)strlcat(buf, "SUCCESS,", sizeof(buf)); 1760 1761 if (arg & DSN_FAILURE) 1762 (void)strlcat(buf, "FAILURE,", sizeof(buf)); 1763 1764 if (arg & DSN_DELAY) 1765 (void)strlcat(buf, "DELAY,", sizeof(buf)); 1766 1767 if (arg & DSN_NEVER) 1768 (void)strlcat(buf, "NEVER,", sizeof(buf)); 1769 1770 /* trim trailing comma */ 1771 sz = strlen(buf); 1772 if (sz) 1773 buf[sz - 1] = '\0'; 1774 1775 return (buf); 1776 } 1777 1778 #define CASE(x) case x : return #x 1779 1780 static const char * 1781 mta_strstate(int state) 1782 { 1783 switch (state) { 1784 CASE(MTA_INIT); 1785 CASE(MTA_BANNER); 1786 CASE(MTA_EHLO); 1787 CASE(MTA_HELO); 1788 CASE(MTA_STARTTLS); 1789 CASE(MTA_AUTH); 1790 CASE(MTA_AUTH_PLAIN); 1791 CASE(MTA_AUTH_LOGIN); 1792 CASE(MTA_AUTH_LOGIN_USER); 1793 CASE(MTA_AUTH_LOGIN_PASS); 1794 CASE(MTA_READY); 1795 CASE(MTA_MAIL); 1796 CASE(MTA_RCPT); 1797 CASE(MTA_DATA); 1798 CASE(MTA_BODY); 1799 CASE(MTA_EOM); 1800 CASE(MTA_LMTP_EOM); 1801 CASE(MTA_RSET); 1802 CASE(MTA_QUIT); 1803 default: 1804 return "MTA_???"; 1805 } 1806 } 1807 1808 static void 1809 mta_filter_begin(struct mta_session *s) 1810 { 1811 if (!SESSION_FILTERED(s)) 1812 return; 1813 1814 m_create(p_lka, IMSG_FILTER_SMTP_BEGIN, 0, 0, -1); 1815 m_add_id(p_lka, s->id); 1816 m_add_string(p_lka, s->relay->dispatcher->u.remote.filtername); 1817 m_close(p_lka); 1818 } 1819 1820 static void 1821 mta_filter_end(struct mta_session *s) 1822 { 1823 if (!SESSION_FILTERED(s)) 1824 return; 1825 1826 m_create(p_lka, IMSG_FILTER_SMTP_END, 0, 0, -1); 1827 m_add_id(p_lka, s->id); 1828 m_close(p_lka); 1829 } 1830 1831 static void 1832 mta_connected(struct mta_session *s) 1833 { 1834 struct sockaddr_storage sa_src; 1835 struct sockaddr_storage sa_dest; 1836 int sa_len; 1837 1838 log_info("%016"PRIx64" mta connected", s->id); 1839 1840 sa_len = sizeof sa_src; 1841 if (getsockname(io_fileno(s->io), 1842 (struct sockaddr *)&sa_src, &sa_len) == -1) 1843 bzero(&sa_src, sizeof sa_src); 1844 sa_len = sizeof sa_dest; 1845 if (getpeername(io_fileno(s->io), 1846 (struct sockaddr *)&sa_dest, &sa_len) == -1) 1847 bzero(&sa_dest, sizeof sa_dest); 1848 1849 mta_report_link_connect(s, 1850 s->route->dst->ptrname, 1, 1851 &sa_src, 1852 &sa_dest); 1853 } 1854 1855 static void 1856 mta_disconnected(struct mta_session *s) 1857 { 1858 mta_report_link_disconnect(s); 1859 mta_filter_end(s); 1860 } 1861 1862 1863 static void 1864 mta_report_link_connect(struct mta_session *s, const char *rdns, int fcrdns, 1865 const struct sockaddr_storage *ss_src, 1866 const struct sockaddr_storage *ss_dest) 1867 { 1868 if (! SESSION_FILTERED(s)) 1869 return; 1870 1871 report_smtp_link_connect("smtp-out", s->id, rdns, fcrdns, ss_src, ss_dest); 1872 } 1873 1874 static void 1875 mta_report_link_greeting(struct mta_session *s, 1876 const char *domain) 1877 { 1878 if (! SESSION_FILTERED(s)) 1879 return; 1880 1881 report_smtp_link_greeting("smtp-out", s->id, domain); 1882 } 1883 1884 static void 1885 mta_report_link_identify(struct mta_session *s, const char *method, const char *identity) 1886 { 1887 if (! SESSION_FILTERED(s)) 1888 return; 1889 1890 report_smtp_link_identify("smtp-out", s->id, method, identity); 1891 } 1892 1893 static void 1894 mta_report_link_tls(struct mta_session *s, const char *ssl) 1895 { 1896 if (! SESSION_FILTERED(s)) 1897 return; 1898 1899 report_smtp_link_tls("smtp-out", s->id, ssl); 1900 } 1901 1902 static void 1903 mta_report_link_disconnect(struct mta_session *s) 1904 { 1905 if (! SESSION_FILTERED(s)) 1906 return; 1907 1908 report_smtp_link_disconnect("smtp-out", s->id); 1909 } 1910 1911 static void 1912 mta_report_link_auth(struct mta_session *s, const char *user, const char *result) 1913 { 1914 if (! SESSION_FILTERED(s)) 1915 return; 1916 1917 report_smtp_link_auth("smtp-out", s->id, user, result); 1918 } 1919 1920 static void 1921 mta_report_tx_reset(struct mta_session *s, uint32_t msgid) 1922 { 1923 if (! SESSION_FILTERED(s)) 1924 return; 1925 1926 report_smtp_tx_reset("smtp-out", s->id, msgid); 1927 } 1928 1929 static void 1930 mta_report_tx_begin(struct mta_session *s, uint32_t msgid) 1931 { 1932 if (! SESSION_FILTERED(s)) 1933 return; 1934 1935 report_smtp_tx_begin("smtp-out", s->id, msgid); 1936 } 1937 1938 static void 1939 mta_report_tx_mail(struct mta_session *s, uint32_t msgid, const char *address, int ok) 1940 { 1941 if (! SESSION_FILTERED(s)) 1942 return; 1943 1944 report_smtp_tx_mail("smtp-out", s->id, msgid, address, ok); 1945 } 1946 1947 static void 1948 mta_report_tx_rcpt(struct mta_session *s, uint32_t msgid, const char *address, int ok) 1949 { 1950 if (! SESSION_FILTERED(s)) 1951 return; 1952 1953 report_smtp_tx_rcpt("smtp-out", s->id, msgid, address, ok); 1954 } 1955 1956 static void 1957 mta_report_tx_envelope(struct mta_session *s, uint32_t msgid, uint64_t evpid) 1958 { 1959 if (! SESSION_FILTERED(s)) 1960 return; 1961 1962 report_smtp_tx_envelope("smtp-out", s->id, msgid, evpid); 1963 } 1964 1965 static void 1966 mta_report_tx_data(struct mta_session *s, uint32_t msgid, int ok) 1967 { 1968 if (! SESSION_FILTERED(s)) 1969 return; 1970 1971 report_smtp_tx_data("smtp-out", s->id, msgid, ok); 1972 } 1973 1974 static void 1975 mta_report_tx_commit(struct mta_session *s, uint32_t msgid, size_t msgsz) 1976 { 1977 if (! SESSION_FILTERED(s)) 1978 return; 1979 1980 report_smtp_tx_commit("smtp-out", s->id, msgid, msgsz); 1981 } 1982 1983 static void 1984 mta_report_tx_rollback(struct mta_session *s, uint32_t msgid) 1985 { 1986 if (! SESSION_FILTERED(s)) 1987 return; 1988 1989 report_smtp_tx_rollback("smtp-out", s->id, msgid); 1990 } 1991 1992 static void 1993 mta_report_protocol_client(struct mta_session *s, const char *command) 1994 { 1995 if (! SESSION_FILTERED(s)) 1996 return; 1997 1998 report_smtp_protocol_client("smtp-out", s->id, command); 1999 } 2000 2001 static void 2002 mta_report_protocol_server(struct mta_session *s, const char *response) 2003 { 2004 if (! SESSION_FILTERED(s)) 2005 return; 2006 2007 report_smtp_protocol_server("smtp-out", s->id, response); 2008 } 2009 2010 #if 0 2011 static void 2012 mta_report_filter_response(struct mta_session *s, int phase, int response, const char *param) 2013 { 2014 if (! SESSION_FILTERED(s)) 2015 return; 2016 2017 report_smtp_filter_response("smtp-out", s->id, phase, response, param); 2018 } 2019 #endif 2020 2021 static void 2022 mta_report_timeout(struct mta_session *s) 2023 { 2024 if (! SESSION_FILTERED(s)) 2025 return; 2026 2027 report_smtp_timeout("smtp-out", s->id); 2028 } 2029