1 /* 2 * Copyright (c) 2008 The DragonFly Project. All rights reserved. 3 * 4 * This code is derived from software contributed to The DragonFly Project 5 * by Matthias Schmidt <matthias@dragonflybsd.org>, University of Marburg, 6 * Germany. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * 3. Neither the name of The DragonFly Project nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific, prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 25 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 26 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 27 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 28 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 29 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 30 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 31 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 32 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include "dfcompat.h" 37 38 #include <sys/param.h> 39 #include <sys/queue.h> 40 #include <sys/stat.h> 41 #include <sys/types.h> 42 #include <sys/socket.h> 43 #include <netinet/in.h> 44 #include <arpa/inet.h> 45 46 #include <openssl/ssl.h> 47 #include <openssl/err.h> 48 49 #include <ctype.h> 50 #include <err.h> 51 #include <errno.h> 52 #include <netdb.h> 53 #include <setjmp.h> 54 #include <signal.h> 55 #include <syslog.h> 56 #include <unistd.h> 57 58 #include "dma.h" 59 60 char neterr[ERRMSG_SIZE]; 61 62 char * 63 ssl_errstr(void) 64 { 65 long oerr, nerr; 66 67 oerr = 0; 68 while ((nerr = ERR_get_error()) != 0) 69 oerr = nerr; 70 71 return (ERR_error_string(oerr, NULL)); 72 } 73 74 ssize_t 75 send_remote_command(int fd, const char* fmt, ...) 76 { 77 va_list va; 78 char cmd[4096]; 79 size_t len, pos; 80 int s; 81 ssize_t n; 82 83 va_start(va, fmt); 84 s = vsnprintf(cmd, sizeof(cmd) - 2, fmt, va); 85 va_end(va); 86 if (s == sizeof(cmd) - 2 || s < 0) { 87 strcpy(neterr, "Internal error: oversized command string"); 88 return (-1); 89 } 90 91 /* We *know* there are at least two more bytes available */ 92 strcat(cmd, "\r\n"); 93 len = strlen(cmd); 94 95 if (((config.features & SECURETRANS) != 0) && 96 ((config.features & NOSSL) == 0)) { 97 while ((s = SSL_write(config.ssl, (const char*)cmd, len)) <= 0) { 98 s = SSL_get_error(config.ssl, s); 99 if (s != SSL_ERROR_WANT_READ && 100 s != SSL_ERROR_WANT_WRITE) { 101 strncpy(neterr, ssl_errstr(), sizeof(neterr)); 102 return (-1); 103 } 104 } 105 } 106 else { 107 pos = 0; 108 while (pos < len) { 109 n = write(fd, cmd + pos, len - pos); 110 if (n < 0) 111 return (-1); 112 pos += n; 113 } 114 } 115 116 return (len); 117 } 118 119 int 120 read_remote(int fd, int extbufsize, char *extbuf) 121 { 122 ssize_t rlen = 0; 123 size_t pos, len, copysize; 124 char buff[BUF_SIZE]; 125 int done = 0, status = 0, status_running = 0, extbufpos = 0; 126 enum { parse_status, parse_spacedash, parse_rest } parsestate; 127 128 if (do_timeout(CON_TIMEOUT, 1) != 0) { 129 snprintf(neterr, sizeof(neterr), "Timeout reached"); 130 return (-1); 131 } 132 133 /* 134 * Remote reading code from femail.c written by Henning Brauer of 135 * OpenBSD and released under a BSD style license. 136 */ 137 len = 0; 138 pos = 0; 139 parsestate = parse_status; 140 neterr[0] = 0; 141 while (!(done && parsestate == parse_status)) { 142 rlen = 0; 143 if (pos == 0 || 144 (pos > 0 && memchr(buff + pos, '\n', len - pos) == NULL)) { 145 memmove(buff, buff + pos, len - pos); 146 len -= pos; 147 pos = 0; 148 if (((config.features & SECURETRANS) != 0) && 149 (config.features & NOSSL) == 0) { 150 if ((rlen = SSL_read(config.ssl, buff + len, sizeof(buff) - len)) == -1) { 151 strncpy(neterr, ssl_errstr(), sizeof(neterr)); 152 goto error; 153 } 154 } else { 155 if ((rlen = read(fd, buff + len, sizeof(buff) - len)) == -1) { 156 strncpy(neterr, strerror(errno), sizeof(neterr)); 157 goto error; 158 } 159 } 160 len += rlen; 161 162 copysize = sizeof(neterr) - strlen(neterr) - 1; 163 if (copysize > len) 164 copysize = len; 165 strncat(neterr, buff, copysize); 166 } 167 /* 168 * If there is an external buffer with a size bigger than zero 169 * and as long as there is space in the external buffer and 170 * there are new characters read from the mailserver 171 * copy them to the external buffer 172 */ 173 if (extbufpos <= (extbufsize - 1) && rlen > 0 && extbufsize > 0 && extbuf != NULL) { 174 /* do not write over the bounds of the buffer */ 175 if(extbufpos + rlen > (extbufsize - 1)) { 176 rlen = extbufsize - extbufpos; 177 } 178 memcpy(extbuf + extbufpos, buff + len - rlen, rlen); 179 extbufpos += rlen; 180 } 181 182 if (pos == len) 183 continue; 184 185 switch (parsestate) { 186 case parse_status: 187 for (; pos < len; pos++) { 188 if (isdigit(buff[pos])) { 189 status_running = status_running * 10 + (buff[pos] - '0'); 190 } else { 191 status = status_running; 192 status_running = 0; 193 parsestate = parse_spacedash; 194 break; 195 } 196 } 197 continue; 198 199 case parse_spacedash: 200 switch (buff[pos]) { 201 case ' ': 202 done = 1; 203 break; 204 205 case '-': 206 /* ignore */ 207 /* XXX read capabilities */ 208 break; 209 210 default: 211 strcpy(neterr, "invalid syntax in reply from server"); 212 goto error; 213 } 214 215 pos++; 216 parsestate = parse_rest; 217 continue; 218 219 case parse_rest: 220 /* skip up to \n */ 221 for (; pos < len; pos++) { 222 if (buff[pos] == '\n') { 223 pos++; 224 parsestate = parse_status; 225 break; 226 } 227 } 228 } 229 230 } 231 232 do_timeout(0, 0); 233 234 /* chop off trailing newlines */ 235 while (neterr[0] != 0 && strchr("\r\n", neterr[strlen(neterr) - 1]) != 0) 236 neterr[strlen(neterr) - 1] = 0; 237 238 return (status/100); 239 240 error: 241 do_timeout(0, 0); 242 return (-1); 243 } 244 245 /* 246 * Handle SMTP authentication 247 */ 248 static int 249 smtp_login(int fd, char *login, char* password) 250 { 251 char *temp; 252 int len, res = 0; 253 254 res = smtp_auth_md5(fd, login, password); 255 if (res == 0) { 256 return (0); 257 } else if (res == -2) { 258 /* 259 * If the return code is -2, then then the login attempt failed, 260 * do not try other login mechanisms 261 */ 262 return (1); 263 } 264 265 if ((config.features & INSECURE) != 0 || 266 (config.features & SECURETRANS) != 0) { 267 /* Send AUTH command according to RFC 2554 */ 268 send_remote_command(fd, "AUTH LOGIN"); 269 if (read_remote(fd, 0, NULL) != 3) { 270 syslog(LOG_NOTICE, "remote delivery deferred:" 271 " AUTH login not available: %s", 272 neterr); 273 return (1); 274 } 275 276 len = base64_encode(login, strlen(login), &temp); 277 if (len < 0) { 278 encerr: 279 syslog(LOG_ERR, "can not encode auth reply: %m"); 280 return (1); 281 } 282 283 send_remote_command(fd, "%s", temp); 284 free(temp); 285 res = read_remote(fd, 0, NULL); 286 if (res != 3) { 287 syslog(LOG_NOTICE, "remote delivery %s: AUTH login failed: %s", 288 res == 5 ? "failed" : "deferred", neterr); 289 return (res == 5 ? -1 : 1); 290 } 291 292 len = base64_encode(password, strlen(password), &temp); 293 if (len < 0) 294 goto encerr; 295 296 send_remote_command(fd, "%s", temp); 297 free(temp); 298 res = read_remote(fd, 0, NULL); 299 if (res != 2) { 300 syslog(LOG_NOTICE, "remote delivery %s: Authentication failed: %s", 301 res == 5 ? "failed" : "deferred", neterr); 302 return (res == 5 ? -1 : 1); 303 } 304 } else { 305 syslog(LOG_WARNING, "non-encrypted SMTP login is disabled in config, so skipping it. "); 306 return (1); 307 } 308 309 return (0); 310 } 311 312 static int 313 open_connection(struct mx_hostentry *h) 314 { 315 int fd; 316 317 syslog(LOG_INFO, "trying remote delivery to %s [%s] pref %d", 318 h->host, h->addr, h->pref); 319 320 fd = socket(h->ai.ai_family, h->ai.ai_socktype, h->ai.ai_protocol); 321 if (fd < 0) { 322 syslog(LOG_INFO, "socket for %s [%s] failed: %m", 323 h->host, h->addr); 324 return (-1); 325 } 326 327 if (connect(fd, (struct sockaddr *)&h->sa, h->ai.ai_addrlen) < 0) { 328 syslog(LOG_INFO, "connect to %s [%s] failed: %m", 329 h->host, h->addr); 330 close(fd); 331 return (-1); 332 } 333 334 return (fd); 335 } 336 337 static void 338 close_connection(int fd) 339 { 340 if (config.ssl != NULL) { 341 if (((config.features & SECURETRANS) != 0) && 342 ((config.features & NOSSL) == 0)) 343 SSL_shutdown(config.ssl); 344 SSL_free(config.ssl); 345 } 346 347 close(fd); 348 } 349 350 static int 351 deliver_to_host(struct qitem *it, struct mx_hostentry *host) 352 { 353 struct authuser *a; 354 char line[1000]; 355 size_t linelen; 356 int fd, error = 0, do_auth = 0, res = 0; 357 358 if (fseek(it->mailf, 0, SEEK_SET) != 0) { 359 snprintf(errmsg, sizeof(errmsg), "can not seek: %s", strerror(errno)); 360 return (-1); 361 } 362 363 fd = open_connection(host); 364 if (fd < 0) 365 return (1); 366 367 #define READ_REMOTE_CHECK(c, exp) \ 368 res = read_remote(fd, 0, NULL); \ 369 if (res == 5) { \ 370 syslog(LOG_ERR, "remote delivery to %s [%s] failed after %s: %s", \ 371 host->host, host->addr, c, neterr); \ 372 snprintf(errmsg, sizeof(errmsg), "%s [%s] did not like our %s:\n%s", \ 373 host->host, host->addr, c, neterr); \ 374 return (-1); \ 375 } else if (res != exp) { \ 376 syslog(LOG_NOTICE, "remote delivery deferred: %s [%s] failed after %s: %s", \ 377 host->host, host->addr, c, neterr); \ 378 return (1); \ 379 } 380 381 /* Check first reply from remote host */ 382 if ((config.features & SECURETRANS) == 0 || 383 (config.features & STARTTLS) != 0) { 384 config.features |= NOSSL; 385 READ_REMOTE_CHECK("connect", 2); 386 387 config.features &= ~NOSSL; 388 } 389 390 if ((config.features & SECURETRANS) != 0) { 391 error = smtp_init_crypto(fd, config.features); 392 if (error == 0) 393 syslog(LOG_DEBUG, "SSL initialization successful"); 394 else 395 goto out; 396 397 if ((config.features & STARTTLS) == 0) 398 READ_REMOTE_CHECK("connect", 2); 399 } 400 401 /* XXX allow HELO fallback */ 402 /* XXX record ESMTP keywords */ 403 send_remote_command(fd, "EHLO %s", hostname()); 404 READ_REMOTE_CHECK("EHLO", 2); 405 406 /* 407 * Use SMTP authentication if the user defined an entry for the remote 408 * or smarthost 409 */ 410 SLIST_FOREACH(a, &authusers, next) { 411 if (strcmp(a->host, host->host) == 0) { 412 do_auth = 1; 413 break; 414 } 415 } 416 417 if (do_auth == 1) { 418 /* 419 * Check if the user wants plain text login without using 420 * encryption. 421 */ 422 syslog(LOG_INFO, "using SMTP authentication for user %s", a->login); 423 error = smtp_login(fd, a->login, a->password); 424 if (error < 0) { 425 syslog(LOG_ERR, "remote delivery failed:" 426 " SMTP login failed: %m"); 427 snprintf(errmsg, sizeof(errmsg), "SMTP login to %s failed", host->host); 428 return (-1); 429 } 430 /* SMTP login is not available, so try without */ 431 else if (error > 0) { 432 syslog(LOG_WARNING, "SMTP login not available. Trying without."); 433 } 434 } 435 436 /* XXX send ESMTP ENVID, RET (FULL/HDRS) and 8BITMIME */ 437 send_remote_command(fd, "MAIL FROM:<%s>", it->sender); 438 READ_REMOTE_CHECK("MAIL FROM", 2); 439 440 /* XXX send ESMTP ORCPT */ 441 send_remote_command(fd, "RCPT TO:<%s>", it->addr); 442 READ_REMOTE_CHECK("RCPT TO", 2); 443 444 send_remote_command(fd, "DATA"); 445 READ_REMOTE_CHECK("DATA", 3); 446 447 error = 0; 448 while (!feof(it->mailf)) { 449 if (fgets(line, sizeof(line), it->mailf) == NULL) 450 break; 451 linelen = strlen(line); 452 if (linelen == 0 || line[linelen - 1] != '\n') { 453 syslog(LOG_CRIT, "remote delivery failed: corrupted queue file"); 454 snprintf(errmsg, sizeof(errmsg), "corrupted queue file"); 455 error = -1; 456 goto out; 457 } 458 459 /* Remove trailing \n's and escape leading dots */ 460 trim_line(line); 461 462 /* 463 * If the first character is a dot, we escape it so the line 464 * length increases 465 */ 466 if (line[0] == '.') 467 linelen++; 468 469 if (send_remote_command(fd, "%s", line) != (ssize_t)linelen+1) { 470 syslog(LOG_NOTICE, "remote delivery deferred: write error"); 471 error = 1; 472 goto out; 473 } 474 } 475 476 send_remote_command(fd, "."); 477 READ_REMOTE_CHECK("final DATA", 2); 478 479 send_remote_command(fd, "QUIT"); 480 if (read_remote(fd, 0, NULL) != 2) 481 syslog(LOG_INFO, "remote delivery succeeded but QUIT failed: %s", neterr); 482 out: 483 484 close_connection(fd); 485 return (error); 486 } 487 488 int 489 deliver_remote(struct qitem *it) 490 { 491 struct mx_hostentry *hosts, *h; 492 const char *host; 493 int port; 494 int error = 1, smarthost = 0; 495 496 host = strrchr(it->addr, '@'); 497 /* Should not happen */ 498 if (host == NULL) { 499 snprintf(errmsg, sizeof(errmsg), "Internal error: badly formed address %s", 500 it->addr); 501 return(-1); 502 } else { 503 /* Step over the @ */ 504 host++; 505 } 506 507 port = SMTP_PORT; 508 509 /* Smarthost support? */ 510 if (config.smarthost != NULL) { 511 host = config.smarthost; 512 port = config.port; 513 syslog(LOG_INFO, "using smarthost (%s:%i)", host, port); 514 smarthost = 1; 515 } 516 517 error = dns_get_mx_list(host, port, &hosts, smarthost); 518 if (error) { 519 syslog(LOG_NOTICE, "remote delivery %s: DNS failure (%s)", 520 error < 0 ? "failed" : "deferred", 521 host); 522 return (error); 523 } 524 525 for (h = hosts; *h->host != 0; h++) { 526 switch (deliver_to_host(it, h)) { 527 case 0: 528 /* success */ 529 error = 0; 530 goto out; 531 case 1: 532 /* temp failure */ 533 error = 1; 534 break; 535 default: 536 /* perm failure */ 537 error = -1; 538 goto out; 539 } 540 } 541 out: 542 free(hosts); 543 544 return (error); 545 } 546