1 /* $OpenBSD: mta_session.c,v 1.137 2020/06/09 06:35:17 semarie Exp $ */ 2 3 /* 4 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> 5 * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> 6 * Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net> 7 * Copyright (c) 2012 Eric Faurot <eric@openbsd.org> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 #include <sys/types.h> 23 #include <sys/queue.h> 24 #include <sys/tree.h> 25 #include <sys/socket.h> 26 #include <sys/stat.h> 27 #include <sys/uio.h> 28 29 #include <arpa/inet.h> 30 #include <ctype.h> 31 #include <err.h> 32 #include <errno.h> 33 #include <event.h> 34 #include <imsg.h> 35 #include <inttypes.h> 36 #include <netdb.h> 37 #include <openssl/ssl.h> 38 #include <pwd.h> 39 #include <resolv.h> 40 #include <limits.h> 41 #include <signal.h> 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> 45 #include <time.h> 46 #include <unistd.h> 47 48 #include "smtpd.h" 49 #include "log.h" 50 #include "ssl.h" 51 52 #define MAX_TRYBEFOREDISABLE 10 53 54 #define MTA_HIWAT 65535 55 56 enum mta_state { 57 MTA_INIT, 58 MTA_BANNER, 59 MTA_EHLO, 60 MTA_HELO, 61 MTA_LHLO, 62 MTA_STARTTLS, 63 MTA_AUTH, 64 MTA_AUTH_PLAIN, 65 MTA_AUTH_LOGIN, 66 MTA_AUTH_LOGIN_USER, 67 MTA_AUTH_LOGIN_PASS, 68 MTA_READY, 69 MTA_MAIL, 70 MTA_RCPT, 71 MTA_DATA, 72 MTA_BODY, 73 MTA_EOM, 74 MTA_LMTP_EOM, 75 MTA_RSET, 76 MTA_QUIT, 77 }; 78 79 #define MTA_FORCE_ANYSSL 0x0001 80 #define MTA_FORCE_SMTPS 0x0002 81 #define MTA_FORCE_TLS 0x0004 82 #define MTA_FORCE_PLAIN 0x0008 83 #define MTA_WANT_SECURE 0x0010 84 #define MTA_DOWNGRADE_PLAIN 0x0080 85 86 #define MTA_TLS 0x0100 87 #define MTA_TLS_VERIFIED 0x0200 88 89 #define MTA_FREE 0x0400 90 #define MTA_LMTP 0x0800 91 #define MTA_WAIT 0x1000 92 #define MTA_HANGON 0x2000 93 #define MTA_RECONN 0x4000 94 95 #define MTA_EXT_STARTTLS 0x01 96 #define MTA_EXT_PIPELINING 0x02 97 #define MTA_EXT_AUTH 0x04 98 #define MTA_EXT_AUTH_PLAIN 0x08 99 #define MTA_EXT_AUTH_LOGIN 0x10 100 #define MTA_EXT_SIZE 0x20 101 102 struct mta_session { 103 uint64_t id; 104 struct mta_relay *relay; 105 struct mta_route *route; 106 char *helo; 107 char *mxname; 108 109 char *username; 110 111 int flags; 112 113 int attempt; 114 int use_smtps; 115 int use_starttls; 116 int use_smtp_tls; 117 int ready; 118 119 struct event ev; 120 struct io *io; 121 int ext; 122 123 size_t ext_size; 124 125 size_t msgtried; 126 size_t msgcount; 127 size_t rcptcount; 128 int hangon; 129 130 enum mta_state state; 131 struct mta_task *task; 132 struct mta_envelope *currevp; 133 FILE *datafp; 134 size_t datalen; 135 136 size_t failures; 137 138 char replybuf[2048]; 139 }; 140 141 static void mta_session_init(void); 142 static void mta_start(int fd, short ev, void *arg); 143 static void mta_io(struct io *, int, void *); 144 static void mta_free(struct mta_session *); 145 static void mta_getnameinfo_cb(void *, int, const char *, const char *); 146 static void mta_on_ptr(void *, void *, void *); 147 static void mta_on_timeout(struct runq *, void *); 148 static void mta_connect(struct mta_session *); 149 static void mta_enter_state(struct mta_session *, int); 150 static void mta_flush_task(struct mta_session *, int, const char *, size_t, int); 151 static void mta_error(struct mta_session *, const char *, ...); 152 static void mta_send(struct mta_session *, char *, ...); 153 static ssize_t mta_queue_data(struct mta_session *); 154 static void mta_response(struct mta_session *, char *); 155 static const char * mta_strstate(int); 156 static void mta_cert_init(struct mta_session *); 157 static void mta_cert_init_cb(void *, int, const char *, const void *, size_t); 158 static void mta_cert_verify(struct mta_session *); 159 static void mta_cert_verify_cb(void *, int); 160 static void mta_tls_verified(struct mta_session *); 161 static struct mta_session *mta_tree_pop(struct tree *, uint64_t); 162 static const char * dsn_strret(enum dsn_ret); 163 static const char * dsn_strnotify(uint8_t); 164 165 void mta_hoststat_update(const char *, const char *); 166 void mta_hoststat_reschedule(const char *); 167 void mta_hoststat_cache(const char *, uint64_t); 168 void mta_hoststat_uncache(const char *, uint64_t); 169 170 171 static void mta_filter_begin(struct mta_session *); 172 static void mta_filter_end(struct mta_session *); 173 static void mta_connected(struct mta_session *); 174 static void mta_disconnected(struct mta_session *); 175 176 static void mta_report_link_connect(struct mta_session *, const char *, int, 177 const struct sockaddr_storage *, 178 const struct sockaddr_storage *); 179 static void mta_report_link_greeting(struct mta_session *, const char *); 180 static void mta_report_link_identify(struct mta_session *, const char *, const char *); 181 static void mta_report_link_tls(struct mta_session *, const char *); 182 static void mta_report_link_disconnect(struct mta_session *); 183 static void mta_report_link_auth(struct mta_session *, const char *, const char *); 184 static void mta_report_tx_reset(struct mta_session *, uint32_t); 185 static void mta_report_tx_begin(struct mta_session *, uint32_t); 186 static void mta_report_tx_mail(struct mta_session *, uint32_t, const char *, int); 187 static void mta_report_tx_rcpt(struct mta_session *, uint32_t, const char *, int); 188 static void mta_report_tx_envelope(struct mta_session *, uint32_t, uint64_t); 189 static void mta_report_tx_data(struct mta_session *, uint32_t, int); 190 static void mta_report_tx_commit(struct mta_session *, uint32_t, size_t); 191 static void mta_report_tx_rollback(struct mta_session *, uint32_t); 192 static void mta_report_protocol_client(struct mta_session *, const char *); 193 static void mta_report_protocol_server(struct mta_session *, const char *); 194 #if 0 195 static void mta_report_filter_response(struct mta_session *, int, int, const char *); 196 #endif 197 static void mta_report_timeout(struct mta_session *); 198 199 200 static struct tree wait_helo; 201 static struct tree wait_ptr; 202 static struct tree wait_fd; 203 static struct tree wait_tls_init; 204 static struct tree wait_tls_verify; 205 206 static struct runq *hangon; 207 208 #define SESSION_FILTERED(s) \ 209 ((s)->relay->dispatcher->u.remote.filtername) 210 211 static void 212 mta_session_init(void) 213 { 214 static int init = 0; 215 216 if (!init) { 217 tree_init(&wait_helo); 218 tree_init(&wait_ptr); 219 tree_init(&wait_fd); 220 tree_init(&wait_tls_init); 221 tree_init(&wait_tls_verify); 222 runq_init(&hangon, mta_on_timeout); 223 init = 1; 224 } 225 } 226 227 void 228 mta_session(struct mta_relay *relay, struct mta_route *route, const char *mxname) 229 { 230 struct mta_session *s; 231 struct timeval tv; 232 233 mta_session_init(); 234 235 s = xcalloc(1, sizeof *s); 236 s->id = generate_uid(); 237 s->relay = relay; 238 s->route = route; 239 s->mxname = xstrdup(mxname); 240 241 mta_filter_begin(s); 242 243 if (relay->flags & RELAY_LMTP) 244 s->flags |= MTA_LMTP; 245 switch (relay->tls) { 246 case RELAY_TLS_SMTPS: 247 s->flags |= MTA_FORCE_SMTPS; 248 s->flags |= MTA_WANT_SECURE; 249 break; 250 case RELAY_TLS_STARTTLS: 251 s->flags |= MTA_FORCE_TLS; 252 s->flags |= MTA_WANT_SECURE; 253 break; 254 case RELAY_TLS_OPPORTUNISTIC: 255 /* do not force anything, try tls then smtp */ 256 break; 257 case RELAY_TLS_NO: 258 s->flags |= MTA_FORCE_PLAIN; 259 break; 260 default: 261 fatalx("bad value for relay->tls: %d", relay->tls); 262 } 263 264 log_debug("debug: mta: %p: spawned for relay %s", s, 265 mta_relay_to_text(relay)); 266 stat_increment("mta.session", 1); 267 268 if (route->dst->ptrname || route->dst->lastptrquery) { 269 /* We want to delay the connection since to always notify 270 * the relay asynchronously. 271 */ 272 tv.tv_sec = 0; 273 tv.tv_usec = 0; 274 evtimer_set(&s->ev, mta_start, s); 275 evtimer_add(&s->ev, &tv); 276 } else if (waitq_wait(&route->dst->ptrname, mta_on_ptr, s)) { 277 resolver_getnameinfo(s->route->dst->sa, 0, mta_getnameinfo_cb, s); 278 } 279 } 280 281 void 282 mta_session_imsg(struct mproc *p, struct imsg *imsg) 283 { 284 struct mta_session *s; 285 struct msg m; 286 uint64_t reqid; 287 const char *name; 288 int status; 289 struct stat sb; 290 291 switch (imsg->hdr.type) { 292 293 case IMSG_MTA_OPEN_MESSAGE: 294 m_msg(&m, imsg); 295 m_get_id(&m, &reqid); 296 m_end(&m); 297 298 s = mta_tree_pop(&wait_fd, reqid); 299 if (s == NULL) { 300 if (imsg->fd != -1) 301 close(imsg->fd); 302 return; 303 } 304 305 if (imsg->fd == -1) { 306 log_debug("debug: mta: failed to obtain msg fd"); 307 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 308 "Could not get message fd", 0, 0); 309 mta_enter_state(s, MTA_READY); 310 return; 311 } 312 313 if ((s->ext & MTA_EXT_SIZE) && s->ext_size != 0) { 314 if (fstat(imsg->fd, &sb) == -1) { 315 log_debug("debug: mta: failed to stat msg fd"); 316 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 317 "Could not stat message fd", 0, 0); 318 mta_enter_state(s, MTA_READY); 319 close(imsg->fd); 320 return; 321 } 322 if (sb.st_size > (off_t)s->ext_size) { 323 log_debug("debug: mta: message too large for peer"); 324 mta_flush_task(s, IMSG_MTA_DELIVERY_PERMFAIL, 325 "message too large for peer", 0, 0); 326 mta_enter_state(s, MTA_READY); 327 close(imsg->fd); 328 return; 329 } 330 } 331 332 s->datafp = fdopen(imsg->fd, "r"); 333 if (s->datafp == NULL) 334 fatal("mta: fdopen"); 335 336 mta_enter_state(s, MTA_MAIL); 337 return; 338 339 case IMSG_MTA_LOOKUP_HELO: 340 m_msg(&m, imsg); 341 m_get_id(&m, &reqid); 342 m_get_int(&m, &status); 343 if (status == LKA_OK) 344 m_get_string(&m, &name); 345 m_end(&m); 346 347 s = mta_tree_pop(&wait_helo, reqid); 348 if (s == NULL) 349 return; 350 351 if (status == LKA_OK) { 352 s->helo = xstrdup(name); 353 mta_connect(s); 354 } else { 355 mta_source_error(s->relay, s->route, 356 "Failed to retrieve helo string"); 357 mta_free(s); 358 } 359 return; 360 361 default: 362 errx(1, "mta_session_imsg: unexpected %s imsg", 363 imsg_to_str(imsg->hdr.type)); 364 } 365 } 366 367 static struct mta_session * 368 mta_tree_pop(struct tree *wait, uint64_t reqid) 369 { 370 struct mta_session *s; 371 372 s = tree_xpop(wait, reqid); 373 if (s->flags & MTA_FREE) { 374 log_debug("debug: mta: %p: zombie session", s); 375 mta_free(s); 376 return (NULL); 377 } 378 s->flags &= ~MTA_WAIT; 379 380 return (s); 381 } 382 383 static void 384 mta_free(struct mta_session *s) 385 { 386 struct mta_relay *relay; 387 struct mta_route *route; 388 389 log_debug("debug: mta: %p: session done", s); 390 391 mta_disconnected(s); 392 393 if (s->ready) 394 s->relay->nconn_ready -= 1; 395 396 if (s->flags & MTA_HANGON) { 397 log_debug("debug: mta: %p: cancelling hangon timer", s); 398 runq_cancel(hangon, s); 399 } 400 401 if (s->io) 402 io_free(s->io); 403 404 if (s->task) 405 fatalx("current task should have been deleted already"); 406 if (s->datafp) { 407 fclose(s->datafp); 408 s->datalen = 0; 409 } 410 free(s->helo); 411 412 relay = s->relay; 413 route = s->route; 414 free(s->username); 415 free(s->mxname); 416 free(s); 417 stat_decrement("mta.session", 1); 418 mta_route_collect(relay, route); 419 } 420 421 static void 422 mta_getnameinfo_cb(void *arg, int gaierrno, const char *host, const char *serv) 423 { 424 struct mta_session *s = arg; 425 struct mta_host *h; 426 427 h = s->route->dst; 428 h->lastptrquery = time(NULL); 429 if (host) 430 h->ptrname = xstrdup(host); 431 waitq_run(&h->ptrname, h->ptrname); 432 } 433 434 static void 435 mta_on_timeout(struct runq *runq, void *arg) 436 { 437 struct mta_session *s = arg; 438 439 log_debug("mta: timeout for session hangon"); 440 441 s->flags &= ~MTA_HANGON; 442 s->hangon++; 443 444 mta_enter_state(s, MTA_READY); 445 } 446 447 static void 448 mta_on_ptr(void *tag, void *arg, void *data) 449 { 450 struct mta_session *s = arg; 451 452 mta_connect(s); 453 } 454 455 static void 456 mta_start(int fd, short ev, void *arg) 457 { 458 struct mta_session *s = arg; 459 460 mta_connect(s); 461 } 462 463 static void 464 mta_connect(struct mta_session *s) 465 { 466 struct sockaddr_storage ss; 467 struct sockaddr *sa; 468 int portno; 469 const char *schema; 470 471 if (s->helo == NULL) { 472 if (s->relay->helotable && s->route->src->sa) { 473 m_create(p_lka, IMSG_MTA_LOOKUP_HELO, 0, 0, -1); 474 m_add_id(p_lka, s->id); 475 m_add_string(p_lka, s->relay->helotable); 476 m_add_sockaddr(p_lka, s->route->src->sa); 477 m_close(p_lka); 478 tree_xset(&wait_helo, s->id, s); 479 s->flags |= MTA_WAIT; 480 return; 481 } 482 else if (s->relay->heloname) 483 s->helo = xstrdup(s->relay->heloname); 484 else 485 s->helo = xstrdup(env->sc_hostname); 486 } 487 488 if (s->io) { 489 io_free(s->io); 490 s->io = NULL; 491 } 492 493 s->use_smtps = s->use_starttls = s->use_smtp_tls = 0; 494 495 switch (s->attempt) { 496 case 0: 497 if (s->flags & MTA_FORCE_SMTPS) 498 s->use_smtps = 1; /* smtps */ 499 else if (s->flags & (MTA_FORCE_TLS|MTA_FORCE_ANYSSL)) 500 s->use_starttls = 1; /* tls, tls+smtps */ 501 else if (!(s->flags & MTA_FORCE_PLAIN)) 502 s->use_smtp_tls = 1; 503 break; 504 case 1: 505 if (s->flags & MTA_FORCE_ANYSSL) { 506 s->use_smtps = 1; /* tls+smtps */ 507 break; 508 } 509 else if (s->flags & MTA_DOWNGRADE_PLAIN) { 510 /* smtp, with tls failure */ 511 break; 512 } 513 default: 514 mta_free(s); 515 return; 516 } 517 portno = s->use_smtps ? 465 : 25; 518 519 /* Override with relay-specified port */ 520 if (s->relay->port) 521 portno = s->relay->port; 522 523 memmove(&ss, s->route->dst->sa, s->route->dst->sa->sa_len); 524 sa = (struct sockaddr *)&ss; 525 526 if (sa->sa_family == AF_INET) 527 ((struct sockaddr_in *)sa)->sin_port = htons(portno); 528 else if (sa->sa_family == AF_INET6) 529 ((struct sockaddr_in6 *)sa)->sin6_port = htons(portno); 530 531 s->attempt += 1; 532 if (s->use_smtp_tls) 533 schema = "smtp://"; 534 else if (s->use_starttls) 535 schema = "smtp+tls://"; 536 else if (s->use_smtps) 537 schema = "smtps://"; 538 else if (s->flags & MTA_LMTP) 539 schema = "lmtp://"; 540 else 541 schema = "smtp+notls://"; 542 543 log_info("%016"PRIx64" mta " 544 "connecting address=%s%s:%d host=%s", 545 s->id, schema, sa_to_text(s->route->dst->sa), 546 portno, s->route->dst->ptrname); 547 548 mta_enter_state(s, MTA_INIT); 549 s->io = io_new(); 550 io_set_callback(s->io, mta_io, s); 551 io_set_timeout(s->io, 300000); 552 if (io_connect(s->io, sa, s->route->src->sa) == -1) { 553 /* 554 * This error is most likely a "no route", 555 * so there is no need to try again. 556 */ 557 log_debug("debug: mta: io_connect failed: %s", io_error(s->io)); 558 if (errno == EADDRNOTAVAIL) 559 mta_source_error(s->relay, s->route, io_error(s->io)); 560 else 561 mta_error(s, "Connection failed: %s", io_error(s->io)); 562 mta_free(s); 563 } 564 } 565 566 static void 567 mta_enter_state(struct mta_session *s, int newstate) 568 { 569 struct mta_envelope *e; 570 size_t envid_sz; 571 int oldstate; 572 ssize_t q; 573 char ibuf[LINE_MAX]; 574 char obuf[LINE_MAX]; 575 int offset; 576 const char *srs_sender; 577 578 again: 579 oldstate = s->state; 580 581 log_trace(TRACE_MTA, "mta: %p: %s -> %s", s, 582 mta_strstate(oldstate), 583 mta_strstate(newstate)); 584 585 s->state = newstate; 586 587 memset(s->replybuf, 0, sizeof s->replybuf); 588 589 /* don't try this at home! */ 590 #define mta_enter_state(_s, _st) do { newstate = _st; goto again; } while (0) 591 592 switch (s->state) { 593 case MTA_INIT: 594 case MTA_BANNER: 595 break; 596 597 case MTA_EHLO: 598 s->ext = 0; 599 mta_send(s, "EHLO %s", s->helo); 600 mta_report_link_identify(s, "EHLO", s->helo); 601 break; 602 603 case MTA_HELO: 604 s->ext = 0; 605 mta_send(s, "HELO %s", s->helo); 606 mta_report_link_identify(s, "HELO", s->helo); 607 break; 608 609 case MTA_LHLO: 610 s->ext = 0; 611 mta_send(s, "LHLO %s", s->helo); 612 mta_report_link_identify(s, "LHLO", s->helo); 613 break; 614 615 case MTA_STARTTLS: 616 if (s->flags & MTA_DOWNGRADE_PLAIN) 617 mta_enter_state(s, MTA_AUTH); 618 if (s->flags & MTA_TLS) /* already started */ 619 mta_enter_state(s, MTA_AUTH); 620 else if ((s->ext & MTA_EXT_STARTTLS) == 0) { 621 if (s->flags & MTA_FORCE_TLS || s->flags & MTA_WANT_SECURE) { 622 mta_error(s, "TLS required but not supported by remote host"); 623 s->flags |= MTA_RECONN; 624 } 625 else 626 /* server doesn't support starttls, do not use it */ 627 mta_enter_state(s, MTA_AUTH); 628 } 629 else 630 mta_send(s, "STARTTLS"); 631 break; 632 633 case MTA_AUTH: 634 if (s->relay->secret && s->flags & MTA_TLS) { 635 if (s->ext & MTA_EXT_AUTH) { 636 if (s->ext & MTA_EXT_AUTH_PLAIN) { 637 mta_enter_state(s, MTA_AUTH_PLAIN); 638 break; 639 } 640 if (s->ext & MTA_EXT_AUTH_LOGIN) { 641 mta_enter_state(s, MTA_AUTH_LOGIN); 642 break; 643 } 644 log_debug("debug: mta: %p: no supported AUTH method on session", s); 645 mta_error(s, "no supported AUTH method"); 646 } 647 else { 648 log_debug("debug: mta: %p: AUTH not advertised on session", s); 649 mta_error(s, "AUTH not advertised"); 650 } 651 } 652 else if (s->relay->secret) { 653 log_debug("debug: mta: %p: not using AUTH on non-TLS " 654 "session", s); 655 mta_error(s, "Refuse to AUTH over unsecure channel"); 656 mta_connect(s); 657 } else { 658 mta_enter_state(s, MTA_READY); 659 } 660 break; 661 662 case MTA_AUTH_PLAIN: 663 memset(ibuf, 0, sizeof ibuf); 664 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 665 sizeof(ibuf)-1) == -1) { 666 log_debug("debug: mta: %p: credentials too large on session", s); 667 mta_error(s, "Credentials too large"); 668 break; 669 } 670 s->username = xstrdup(ibuf+1); 671 mta_send(s, "AUTH PLAIN %s", s->relay->secret); 672 break; 673 674 case MTA_AUTH_LOGIN: 675 mta_send(s, "AUTH LOGIN"); 676 break; 677 678 case MTA_AUTH_LOGIN_USER: 679 memset(ibuf, 0, sizeof ibuf); 680 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 681 sizeof(ibuf)-1) == -1) { 682 log_debug("debug: mta: %p: credentials too large on session", s); 683 mta_error(s, "Credentials too large"); 684 break; 685 } 686 s->username = xstrdup(ibuf+1); 687 688 memset(obuf, 0, sizeof obuf); 689 base64_encode((unsigned char *)ibuf + 1, strlen(ibuf + 1), obuf, sizeof obuf); 690 mta_send(s, "%s", obuf); 691 692 memset(ibuf, 0, sizeof ibuf); 693 memset(obuf, 0, sizeof obuf); 694 break; 695 696 case MTA_AUTH_LOGIN_PASS: 697 memset(ibuf, 0, sizeof ibuf); 698 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 699 sizeof(ibuf)-1) == -1) { 700 log_debug("debug: mta: %p: credentials too large on session", s); 701 mta_error(s, "Credentials too large"); 702 break; 703 } 704 705 offset = strlen(ibuf+1)+2; 706 memset(obuf, 0, sizeof obuf); 707 base64_encode((unsigned char *)ibuf + offset, strlen(ibuf + offset), obuf, sizeof obuf); 708 mta_send(s, "%s", obuf); 709 710 memset(ibuf, 0, sizeof ibuf); 711 memset(obuf, 0, sizeof obuf); 712 break; 713 714 case MTA_READY: 715 /* Ready to send a new mail */ 716 if (s->ready == 0) { 717 s->ready = 1; 718 s->relay->nconn_ready += 1; 719 mta_route_ok(s->relay, s->route); 720 } 721 722 if (s->msgtried >= MAX_TRYBEFOREDISABLE) { 723 log_info("%016"PRIx64" mta host-rejects-all-mails", 724 s->id); 725 mta_route_down(s->relay, s->route); 726 mta_enter_state(s, MTA_QUIT); 727 break; 728 } 729 730 if (s->msgcount >= s->relay->limits->max_mail_per_session) { 731 log_debug("debug: mta: " 732 "%p: cannot send more message to relay %s", s, 733 mta_relay_to_text(s->relay)); 734 mta_enter_state(s, MTA_QUIT); 735 break; 736 } 737 738 /* 739 * When downgrading from opportunistic TLS, clear flag and 740 * possibly reuse the same task (forbidden in other cases). 741 */ 742 if (s->flags & MTA_DOWNGRADE_PLAIN) 743 s->flags &= ~MTA_DOWNGRADE_PLAIN; 744 else if (s->task) 745 fatalx("task should be NULL at this point"); 746 747 if (s->task == NULL) 748 s->task = mta_route_next_task(s->relay, s->route); 749 if (s->task == NULL) { 750 log_debug("debug: mta: %p: no task for relay %s", 751 s, mta_relay_to_text(s->relay)); 752 753 if (s->relay->nconn > 1 || 754 s->hangon >= s->relay->limits->sessdelay_keepalive) { 755 mta_enter_state(s, MTA_QUIT); 756 break; 757 } 758 759 log_debug("mta: debug: last connection: hanging on for %llds", 760 (long long)(s->relay->limits->sessdelay_keepalive - 761 s->hangon)); 762 s->flags |= MTA_HANGON; 763 runq_schedule(hangon, 1, s); 764 break; 765 } 766 767 log_debug("debug: mta: %p: handling next task for relay %s", s, 768 mta_relay_to_text(s->relay)); 769 770 stat_increment("mta.task.running", 1); 771 772 m_create(p_queue, IMSG_MTA_OPEN_MESSAGE, 0, 0, -1); 773 m_add_id(p_queue, s->id); 774 m_add_msgid(p_queue, s->task->msgid); 775 m_close(p_queue); 776 777 tree_xset(&wait_fd, s->id, s); 778 s->flags |= MTA_WAIT; 779 break; 780 781 case MTA_MAIL: 782 s->currevp = TAILQ_FIRST(&s->task->envelopes); 783 784 e = s->currevp; 785 s->hangon = 0; 786 s->msgtried++; 787 envid_sz = strlen(e->dsn_envid); 788 789 /* SRS-encode if requested for the relay action, AND we're not 790 * bouncing, AND we have an RCPT which means we are forwarded, 791 * AND the RCPT has a '@' just for sanity check (will always). 792 */ 793 if (env->sc_srs_key != NULL && 794 s->relay->srs && 795 strchr(s->task->sender, '@') && 796 e->rcpt && 797 strchr(e->rcpt, '@')) { 798 /* encode and replace task sender with new SRS-sender */ 799 srs_sender = srs_encode(s->task->sender, 800 strchr(e->rcpt, '@') + 1); 801 if (srs_sender) { 802 free(s->task->sender); 803 s->task->sender = xstrdup(srs_sender); 804 } 805 } 806 807 if (s->ext & MTA_EXT_DSN) { 808 mta_send(s, "MAIL FROM:<%s>%s%s%s%s", 809 s->task->sender, 810 e->dsn_ret ? " RET=" : "", 811 e->dsn_ret ? dsn_strret(e->dsn_ret) : "", 812 envid_sz ? " ENVID=" : "", 813 envid_sz ? e->dsn_envid : ""); 814 } else 815 mta_send(s, "MAIL FROM:<%s>", s->task->sender); 816 break; 817 818 case MTA_RCPT: 819 if (s->currevp == NULL) 820 s->currevp = TAILQ_FIRST(&s->task->envelopes); 821 822 e = s->currevp; 823 if (s->ext & MTA_EXT_DSN) { 824 mta_send(s, "RCPT TO:<%s>%s%s%s%s", 825 e->dest, 826 e->dsn_notify ? " NOTIFY=" : "", 827 e->dsn_notify ? dsn_strnotify(e->dsn_notify) : "", 828 e->dsn_orcpt ? " ORCPT=rfc822;" : "", 829 e->dsn_orcpt ? e->dsn_orcpt : ""); 830 } else 831 mta_send(s, "RCPT TO:<%s>", e->dest); 832 833 mta_report_tx_envelope(s, s->task->msgid, e->id); 834 s->rcptcount++; 835 break; 836 837 case MTA_DATA: 838 fseek(s->datafp, 0, SEEK_SET); 839 mta_send(s, "DATA"); 840 break; 841 842 case MTA_BODY: 843 if (s->datafp == NULL) { 844 log_trace(TRACE_MTA, "mta: %p: end-of-file", s); 845 mta_enter_state(s, MTA_EOM); 846 break; 847 } 848 849 if ((q = mta_queue_data(s)) == -1) { 850 s->flags |= MTA_FREE; 851 break; 852 } 853 if (q == 0) { 854 mta_enter_state(s, MTA_BODY); 855 break; 856 } 857 858 log_trace(TRACE_MTA, "mta: %p: >>> [...%zd bytes...]", s, q); 859 break; 860 861 case MTA_EOM: 862 mta_send(s, "."); 863 break; 864 865 case MTA_LMTP_EOM: 866 /* LMTP reports status of each delivery, so enable read */ 867 io_set_read(s->io); 868 break; 869 870 case MTA_RSET: 871 if (s->datafp) { 872 fclose(s->datafp); 873 s->datafp = NULL; 874 s->datalen = 0; 875 } 876 mta_send(s, "RSET"); 877 break; 878 879 case MTA_QUIT: 880 mta_send(s, "QUIT"); 881 break; 882 883 default: 884 fatalx("mta_enter_state: unknown state"); 885 } 886 #undef mta_enter_state 887 } 888 889 /* 890 * Handle a response to an SMTP command 891 */ 892 static void 893 mta_response(struct mta_session *s, char *line) 894 { 895 struct mta_envelope *e; 896 struct sockaddr_storage ss; 897 struct sockaddr *sa; 898 const char *domain; 899 char *pbuf; 900 socklen_t sa_len; 901 char buf[LINE_MAX]; 902 int delivery; 903 904 switch (s->state) { 905 906 case MTA_BANNER: 907 if (line[0] != '2') { 908 mta_error(s, "BANNER rejected: %s", line); 909 s->flags |= MTA_FREE; 910 return; 911 } 912 913 pbuf = ""; 914 if (strlen(line) > 4) { 915 (void)strlcpy(buf, line + 4, sizeof buf); 916 if ((pbuf = strchr(buf, ' '))) 917 *pbuf = '\0'; 918 pbuf = valid_domainpart(buf) ? buf : ""; 919 } 920 mta_report_link_greeting(s, pbuf); 921 922 if (s->flags & MTA_LMTP) 923 mta_enter_state(s, MTA_LHLO); 924 else 925 mta_enter_state(s, MTA_EHLO); 926 break; 927 928 case MTA_EHLO: 929 if (line[0] != '2') { 930 /* rejected at ehlo state */ 931 if ((s->relay->flags & RELAY_AUTH) || 932 (s->flags & MTA_WANT_SECURE)) { 933 mta_error(s, "EHLO rejected: %s", line); 934 s->flags |= MTA_FREE; 935 return; 936 } 937 mta_enter_state(s, MTA_HELO); 938 return; 939 } 940 if (!(s->flags & MTA_FORCE_PLAIN)) 941 mta_enter_state(s, MTA_STARTTLS); 942 else 943 mta_enter_state(s, MTA_READY); 944 break; 945 946 case MTA_HELO: 947 if (line[0] != '2') { 948 mta_error(s, "HELO rejected: %s", line); 949 s->flags |= MTA_FREE; 950 return; 951 } 952 mta_enter_state(s, MTA_READY); 953 break; 954 955 case MTA_LHLO: 956 if (line[0] != '2') { 957 mta_error(s, "LHLO rejected: %s", line); 958 s->flags |= MTA_FREE; 959 return; 960 } 961 mta_enter_state(s, MTA_READY); 962 break; 963 964 case MTA_STARTTLS: 965 if (line[0] != '2') { 966 if (!(s->flags & MTA_WANT_SECURE)) { 967 mta_enter_state(s, MTA_AUTH); 968 return; 969 } 970 /* XXX mark that the MX doesn't support STARTTLS */ 971 mta_error(s, "STARTTLS rejected: %s", line); 972 s->flags |= MTA_FREE; 973 return; 974 } 975 976 mta_cert_init(s); 977 break; 978 979 case MTA_AUTH_PLAIN: 980 if (line[0] != '2') { 981 mta_error(s, "AUTH rejected: %s", line); 982 mta_report_link_auth(s, s->username, "fail"); 983 s->flags |= MTA_FREE; 984 return; 985 } 986 mta_report_link_auth(s, s->username, "pass"); 987 mta_enter_state(s, MTA_READY); 988 break; 989 990 case MTA_AUTH_LOGIN: 991 if (strncmp(line, "334 ", 4) != 0) { 992 mta_error(s, "AUTH rejected: %s", line); 993 mta_report_link_auth(s, s->username, "fail"); 994 s->flags |= MTA_FREE; 995 return; 996 } 997 mta_enter_state(s, MTA_AUTH_LOGIN_USER); 998 break; 999 1000 case MTA_AUTH_LOGIN_USER: 1001 if (strncmp(line, "334 ", 4) != 0) { 1002 mta_error(s, "AUTH rejected: %s", line); 1003 mta_report_link_auth(s, s->username, "fail"); 1004 s->flags |= MTA_FREE; 1005 return; 1006 } 1007 mta_enter_state(s, MTA_AUTH_LOGIN_PASS); 1008 break; 1009 1010 case MTA_AUTH_LOGIN_PASS: 1011 if (line[0] != '2') { 1012 mta_error(s, "AUTH rejected: %s", line); 1013 mta_report_link_auth(s, s->username, "fail"); 1014 s->flags |= MTA_FREE; 1015 return; 1016 } 1017 mta_report_link_auth(s, s->username, "pass"); 1018 mta_enter_state(s, MTA_READY); 1019 break; 1020 1021 case MTA_MAIL: 1022 if (line[0] != '2') { 1023 if (line[0] == '5') 1024 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1025 else 1026 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1027 1028 mta_flush_task(s, delivery, line, 0, 0); 1029 mta_enter_state(s, MTA_RSET); 1030 return; 1031 } 1032 mta_report_tx_begin(s, s->task->msgid); 1033 mta_report_tx_mail(s, s->task->msgid, s->task->sender, 1); 1034 mta_enter_state(s, MTA_RCPT); 1035 break; 1036 1037 case MTA_RCPT: 1038 e = s->currevp; 1039 1040 /* remove envelope from hosttat cache if there */ 1041 if ((domain = strchr(e->dest, '@')) != NULL) { 1042 domain++; 1043 mta_hoststat_uncache(domain, e->id); 1044 } 1045 1046 s->currevp = TAILQ_NEXT(s->currevp, entry); 1047 if (line[0] == '2') { 1048 s->failures = 0; 1049 /* 1050 * this host is up, reschedule envelopes that 1051 * were cached for reschedule. 1052 */ 1053 if (domain) 1054 mta_hoststat_reschedule(domain); 1055 } 1056 else { 1057 mta_report_tx_rollback(s, s->task->msgid); 1058 mta_report_tx_reset(s, s->task->msgid); 1059 if (line[0] == '5') 1060 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1061 else 1062 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1063 s->failures++; 1064 1065 /* remove failed envelope from task list */ 1066 TAILQ_REMOVE(&s->task->envelopes, e, entry); 1067 stat_decrement("mta.envelope", 1); 1068 1069 /* log right away */ 1070 (void)snprintf(buf, sizeof(buf), "%s", 1071 mta_host_to_text(s->route->dst)); 1072 1073 e->session = s->id; 1074 /* XXX */ 1075 /* 1076 * getsockname() can only fail with ENOBUFS here 1077 * best effort, don't log source ... 1078 */ 1079 sa_len = sizeof(ss); 1080 sa = (struct sockaddr *)&ss; 1081 if (getsockname(io_fileno(s->io), sa, &sa_len) == -1) 1082 mta_delivery_log(e, NULL, buf, delivery, line); 1083 else 1084 mta_delivery_log(e, sa_to_text(sa), 1085 buf, delivery, line); 1086 1087 if (domain) 1088 mta_hoststat_update(domain, e->status); 1089 mta_delivery_notify(e); 1090 1091 if (s->relay->limits->max_failures_per_session && 1092 s->failures == s->relay->limits->max_failures_per_session) { 1093 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 1094 "Too many consecutive errors, closing connection", 0, 1); 1095 mta_enter_state(s, MTA_QUIT); 1096 break; 1097 } 1098 1099 /* 1100 * if no more envelopes, flush failed queue 1101 */ 1102 if (TAILQ_EMPTY(&s->task->envelopes)) { 1103 mta_flush_task(s, IMSG_MTA_DELIVERY_OK, 1104 "No envelope", 0, 0); 1105 mta_enter_state(s, MTA_RSET); 1106 break; 1107 } 1108 } 1109 1110 switch (line[0]) { 1111 case '2': 1112 mta_report_tx_rcpt(s, 1113 s->task->msgid, e->dest, 1); 1114 break; 1115 case '4': 1116 mta_report_tx_rcpt(s, 1117 s->task->msgid, e->dest, -1); 1118 break; 1119 case '5': 1120 mta_report_tx_rcpt(s, 1121 s->task->msgid, e->dest, 0); 1122 break; 1123 } 1124 1125 if (s->currevp == NULL) 1126 mta_enter_state(s, MTA_DATA); 1127 else 1128 mta_enter_state(s, MTA_RCPT); 1129 break; 1130 1131 case MTA_DATA: 1132 if (line[0] == '2' || line[0] == '3') { 1133 mta_report_tx_data(s, s->task->msgid, 1); 1134 mta_enter_state(s, MTA_BODY); 1135 break; 1136 } 1137 1138 if (line[0] == '5') 1139 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1140 else 1141 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1142 mta_report_tx_data(s, s->task->msgid, 1143 delivery == IMSG_MTA_DELIVERY_TEMPFAIL ? -1 : 0); 1144 mta_report_tx_rollback(s, s->task->msgid); 1145 mta_report_tx_reset(s, s->task->msgid); 1146 mta_flush_task(s, delivery, line, 0, 0); 1147 mta_enter_state(s, MTA_RSET); 1148 break; 1149 1150 case MTA_LMTP_EOM: 1151 case MTA_EOM: 1152 if (line[0] == '2') { 1153 delivery = IMSG_MTA_DELIVERY_OK; 1154 s->msgtried = 0; 1155 s->msgcount++; 1156 } 1157 else if (line[0] == '5') 1158 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1159 else 1160 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1161 if (delivery != IMSG_MTA_DELIVERY_OK) { 1162 mta_report_tx_rollback(s, s->task->msgid); 1163 mta_report_tx_reset(s, s->task->msgid); 1164 } 1165 else { 1166 mta_report_tx_commit(s, s->task->msgid, s->datalen); 1167 mta_report_tx_reset(s, s->task->msgid); 1168 } 1169 mta_flush_task(s, delivery, line, (s->flags & MTA_LMTP) ? 1 : 0, 0); 1170 if (s->task) { 1171 s->rcptcount--; 1172 mta_enter_state(s, MTA_LMTP_EOM); 1173 } else { 1174 s->rcptcount = 0; 1175 if (s->relay->limits->sessdelay_transaction) { 1176 log_debug("debug: mta: waiting for %llds before next transaction", 1177 (long long int)s->relay->limits->sessdelay_transaction); 1178 s->hangon = s->relay->limits->sessdelay_transaction -1; 1179 s->flags |= MTA_HANGON; 1180 runq_schedule(hangon, 1181 s->relay->limits->sessdelay_transaction, s); 1182 } 1183 else 1184 mta_enter_state(s, MTA_READY); 1185 } 1186 break; 1187 1188 case MTA_RSET: 1189 s->rcptcount = 0; 1190 1191 if (s->task) { 1192 mta_report_tx_rollback(s, s->task->msgid); 1193 mta_report_tx_reset(s, s->task->msgid); 1194 } 1195 if (s->relay->limits->sessdelay_transaction) { 1196 log_debug("debug: mta: waiting for %llds after reset", 1197 (long long int)s->relay->limits->sessdelay_transaction); 1198 s->hangon = s->relay->limits->sessdelay_transaction -1; 1199 s->flags |= MTA_HANGON; 1200 runq_schedule(hangon, 1201 s->relay->limits->sessdelay_transaction, s); 1202 } 1203 else 1204 mta_enter_state(s, MTA_READY); 1205 break; 1206 1207 default: 1208 fatalx("mta_response() bad state"); 1209 } 1210 } 1211 1212 static void 1213 mta_io(struct io *io, int evt, void *arg) 1214 { 1215 struct mta_session *s = arg; 1216 char *line, *msg, *p; 1217 size_t len; 1218 const char *error; 1219 int cont; 1220 1221 log_trace(TRACE_IO, "mta: %p: %s %s", s, io_strevent(evt), 1222 io_strio(io)); 1223 1224 switch (evt) { 1225 1226 case IO_CONNECTED: 1227 mta_connected(s); 1228 1229 if (s->use_smtps) { 1230 io_set_write(io); 1231 mta_cert_init(s); 1232 } 1233 else { 1234 mta_enter_state(s, MTA_BANNER); 1235 io_set_read(io); 1236 } 1237 break; 1238 1239 case IO_TLSREADY: 1240 log_info("%016"PRIx64" mta tls ciphers=%s", 1241 s->id, ssl_to_text(io_tls(s->io))); 1242 s->flags |= MTA_TLS; 1243 1244 mta_report_link_tls(s, 1245 ssl_to_text(io_tls(s->io))); 1246 1247 mta_cert_verify(s); 1248 break; 1249 1250 case IO_DATAIN: 1251 nextline: 1252 line = io_getline(s->io, &len); 1253 if (line == NULL) { 1254 if (io_datalen(s->io) >= LINE_MAX) { 1255 mta_error(s, "Input too long"); 1256 mta_free(s); 1257 } 1258 return; 1259 } 1260 1261 /* Strip trailing '\r' */ 1262 if (len && line[len - 1] == '\r') 1263 line[--len] = '\0'; 1264 1265 log_trace(TRACE_MTA, "mta: %p: <<< %s", s, line); 1266 mta_report_protocol_server(s, line); 1267 1268 if ((error = parse_smtp_response(line, len, &msg, &cont))) { 1269 mta_error(s, "Bad response: %s", error); 1270 mta_free(s); 1271 return; 1272 } 1273 1274 /* read extensions */ 1275 if (s->state == MTA_EHLO) { 1276 if (strcmp(msg, "STARTTLS") == 0) 1277 s->ext |= MTA_EXT_STARTTLS; 1278 else if (strncmp(msg, "AUTH ", 5) == 0) { 1279 s->ext |= MTA_EXT_AUTH; 1280 if ((p = strstr(msg, " PLAIN")) && 1281 (*(p+6) == '\0' || *(p+6) == ' ')) 1282 s->ext |= MTA_EXT_AUTH_PLAIN; 1283 if ((p = strstr(msg, " LOGIN")) && 1284 (*(p+6) == '\0' || *(p+6) == ' ')) 1285 s->ext |= MTA_EXT_AUTH_LOGIN; 1286 } 1287 else if (strcmp(msg, "PIPELINING") == 0) 1288 s->ext |= MTA_EXT_PIPELINING; 1289 else if (strcmp(msg, "DSN") == 0) 1290 s->ext |= MTA_EXT_DSN; 1291 else if (strncmp(msg, "SIZE ", 5) == 0) { 1292 s->ext_size = strtonum(msg+5, 0, UINT32_MAX, &error); 1293 if (error == NULL) 1294 s->ext |= MTA_EXT_SIZE; 1295 } 1296 } 1297 1298 /* continuation reply, we parse out the repeating statuses and ESC */ 1299 if (cont) { 1300 if (s->replybuf[0] == '\0') 1301 (void)strlcat(s->replybuf, line, sizeof s->replybuf); 1302 else if (len > 4) { 1303 p = line + 4; 1304 if (isdigit((unsigned char)p[0]) && p[1] == '.' && 1305 isdigit((unsigned char)p[2]) && p[3] == '.' && 1306 isdigit((unsigned char)p[4]) && isspace((unsigned char)p[5])) 1307 p += 5; 1308 (void)strlcat(s->replybuf, p, sizeof s->replybuf); 1309 } 1310 goto nextline; 1311 } 1312 1313 /* last line of a reply, check if we're on a continuation to parse out status and ESC. 1314 * if we overflow reply buffer or are not on continuation, log entire last line. 1315 */ 1316 if (s->replybuf[0] == '\0') 1317 (void)strlcat(s->replybuf, line, sizeof s->replybuf); 1318 else if (len > 4) { 1319 p = line + 4; 1320 if (isdigit((unsigned char)p[0]) && p[1] == '.' && 1321 isdigit((unsigned char)p[2]) && p[3] == '.' && 1322 isdigit((unsigned char)p[4]) && isspace((unsigned char)p[5])) 1323 p += 5; 1324 if (strlcat(s->replybuf, p, sizeof s->replybuf) >= sizeof s->replybuf) 1325 (void)strlcpy(s->replybuf, line, sizeof s->replybuf); 1326 } 1327 1328 if (s->state == MTA_QUIT) { 1329 log_info("%016"PRIx64" mta disconnected reason=quit messages=%zu", 1330 s->id, s->msgcount); 1331 mta_free(s); 1332 return; 1333 } 1334 io_set_write(io); 1335 mta_response(s, s->replybuf); 1336 if (s->flags & MTA_FREE) { 1337 mta_free(s); 1338 return; 1339 } 1340 if (s->flags & MTA_RECONN) { 1341 s->flags &= ~MTA_RECONN; 1342 mta_connect(s); 1343 return; 1344 } 1345 1346 if (io_datalen(s->io)) { 1347 log_debug("debug: mta: remaining data in input buffer"); 1348 mta_error(s, "Remote host sent too much data"); 1349 if (s->flags & MTA_WAIT) 1350 s->flags |= MTA_FREE; 1351 else 1352 mta_free(s); 1353 } 1354 break; 1355 1356 case IO_LOWAT: 1357 if (s->state == MTA_BODY) { 1358 mta_enter_state(s, MTA_BODY); 1359 if (s->flags & MTA_FREE) { 1360 mta_free(s); 1361 return; 1362 } 1363 } 1364 1365 if (io_queued(s->io) == 0) 1366 io_set_read(io); 1367 break; 1368 1369 case IO_TIMEOUT: 1370 log_debug("debug: mta: %p: connection timeout", s); 1371 mta_error(s, "Connection timeout"); 1372 mta_report_timeout(s); 1373 if (!s->ready) 1374 mta_connect(s); 1375 else 1376 mta_free(s); 1377 break; 1378 1379 case IO_ERROR: 1380 case IO_TLSERROR: 1381 log_debug("debug: mta: %p: IO error: %s", s, io_error(io)); 1382 1383 if (s->state == MTA_STARTTLS && s->use_smtp_tls) { 1384 /* error in non-strict SSL negotiation, downgrade to plain */ 1385 log_info("smtp-out: Error on session %016"PRIx64 1386 ": opportunistic TLS failed, " 1387 "downgrading to plain", s->id); 1388 s->flags &= ~MTA_TLS; 1389 s->flags |= MTA_DOWNGRADE_PLAIN; 1390 mta_connect(s); 1391 break; 1392 } 1393 1394 mta_error(s, "IO Error: %s", io_error(io)); 1395 mta_free(s); 1396 break; 1397 1398 case IO_DISCONNECTED: 1399 log_debug("debug: mta: %p: disconnected in state %s", 1400 s, mta_strstate(s->state)); 1401 mta_error(s, "Connection closed unexpectedly"); 1402 if (!s->ready) 1403 mta_connect(s); 1404 else 1405 mta_free(s); 1406 break; 1407 1408 default: 1409 fatalx("mta_io() bad event"); 1410 } 1411 } 1412 1413 static void 1414 mta_send(struct mta_session *s, char *fmt, ...) 1415 { 1416 va_list ap; 1417 char *p; 1418 int len; 1419 1420 va_start(ap, fmt); 1421 if ((len = vasprintf(&p, fmt, ap)) == -1) 1422 fatal("mta: vasprintf"); 1423 va_end(ap); 1424 1425 log_trace(TRACE_MTA, "mta: %p: >>> %s", s, p); 1426 1427 if (strncasecmp(p, "AUTH PLAIN ", 11) == 0) 1428 mta_report_protocol_client(s, "AUTH PLAIN ********"); 1429 else if (s->state == MTA_AUTH_LOGIN_USER || s->state == MTA_AUTH_LOGIN_PASS) 1430 mta_report_protocol_client(s, "********"); 1431 else 1432 mta_report_protocol_client(s, p); 1433 1434 io_xprintf(s->io, "%s\r\n", p); 1435 1436 free(p); 1437 } 1438 1439 /* 1440 * Queue some data into the input buffer 1441 */ 1442 static ssize_t 1443 mta_queue_data(struct mta_session *s) 1444 { 1445 char *ln = NULL; 1446 size_t sz = 0, q; 1447 ssize_t len; 1448 1449 q = io_queued(s->io); 1450 1451 while (io_queued(s->io) < MTA_HIWAT) { 1452 if ((len = getline(&ln, &sz, s->datafp)) == -1) 1453 break; 1454 if (ln[len - 1] == '\n') 1455 ln[len - 1] = '\0'; 1456 s->datalen += io_xprintf(s->io, "%s%s\r\n", *ln == '.' ? "." : "", ln); 1457 } 1458 1459 free(ln); 1460 if (ferror(s->datafp)) { 1461 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 1462 "Error reading content file", 0, 0); 1463 return (-1); 1464 } 1465 1466 if (feof(s->datafp)) { 1467 fclose(s->datafp); 1468 s->datafp = NULL; 1469 } 1470 1471 return (io_queued(s->io) - q); 1472 } 1473 1474 static void 1475 mta_flush_task(struct mta_session *s, int delivery, const char *error, size_t count, 1476 int cache) 1477 { 1478 struct mta_envelope *e; 1479 char relay[LINE_MAX]; 1480 size_t n; 1481 struct sockaddr_storage ss; 1482 struct sockaddr *sa; 1483 socklen_t sa_len; 1484 const char *domain; 1485 1486 (void)snprintf(relay, sizeof relay, "%s", mta_host_to_text(s->route->dst)); 1487 n = 0; 1488 while ((e = TAILQ_FIRST(&s->task->envelopes))) { 1489 1490 if (count && n == count) { 1491 stat_decrement("mta.envelope", n); 1492 return; 1493 } 1494 1495 TAILQ_REMOVE(&s->task->envelopes, e, entry); 1496 1497 /* we're about to log, associate session to envelope */ 1498 e->session = s->id; 1499 e->ext = s->ext; 1500 1501 /* XXX */ 1502 /* 1503 * getsockname() can only fail with ENOBUFS here 1504 * best effort, don't log source ... 1505 */ 1506 sa = (struct sockaddr *)&ss; 1507 sa_len = sizeof(ss); 1508 if (getsockname(io_fileno(s->io), sa, &sa_len) == -1) 1509 mta_delivery_log(e, NULL, relay, delivery, error); 1510 else 1511 mta_delivery_log(e, sa_to_text(sa), 1512 relay, delivery, error); 1513 1514 mta_delivery_notify(e); 1515 1516 domain = strchr(e->dest, '@'); 1517 if (domain) { 1518 domain++; 1519 mta_hoststat_update(domain, error); 1520 if (cache) 1521 mta_hoststat_cache(domain, e->id); 1522 } 1523 1524 n++; 1525 } 1526 1527 free(s->task->sender); 1528 free(s->task); 1529 s->task = NULL; 1530 1531 if (s->datafp) { 1532 fclose(s->datafp); 1533 s->datafp = NULL; 1534 } 1535 1536 stat_decrement("mta.envelope", n); 1537 stat_decrement("mta.task.running", 1); 1538 stat_decrement("mta.task", 1); 1539 } 1540 1541 static void 1542 mta_error(struct mta_session *s, const char *fmt, ...) 1543 { 1544 va_list ap; 1545 char *error; 1546 int len; 1547 1548 va_start(ap, fmt); 1549 if ((len = vasprintf(&error, fmt, ap)) == -1) 1550 fatal("mta: vasprintf"); 1551 va_end(ap); 1552 1553 if (s->msgcount) 1554 log_info("smtp-out: Error on session %016"PRIx64 1555 " after %zu message%s sent: %s", s->id, s->msgcount, 1556 (s->msgcount > 1) ? "s" : "", error); 1557 else 1558 log_info("%016"PRIx64" mta error reason=%s", 1559 s->id, error); 1560 1561 /* 1562 * If not connected yet, and the error is not local, just ignore it 1563 * and try to reconnect. 1564 */ 1565 if (s->state == MTA_INIT && 1566 (errno == ETIMEDOUT || errno == ECONNREFUSED)) { 1567 log_debug("debug: mta: not reporting route error yet"); 1568 free(error); 1569 return; 1570 } 1571 1572 mta_route_error(s->relay, s->route); 1573 1574 if (s->task) 1575 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, error, 0, 0); 1576 1577 free(error); 1578 } 1579 1580 static void 1581 mta_cert_init(struct mta_session *s) 1582 { 1583 const char *name; 1584 int fallback; 1585 1586 if (s->relay->pki_name) { 1587 name = s->relay->pki_name; 1588 fallback = 0; 1589 } 1590 else { 1591 name = s->helo; 1592 fallback = 1; 1593 } 1594 1595 if (cert_init(name, fallback, mta_cert_init_cb, s)) { 1596 tree_xset(&wait_tls_init, s->id, s); 1597 s->flags |= MTA_WAIT; 1598 } 1599 } 1600 1601 static void 1602 mta_cert_init_cb(void *arg, int status, const char *name, const void *cert, 1603 size_t cert_len) 1604 { 1605 struct mta_session *s = arg; 1606 void *ssl; 1607 char *xname = NULL, *xcert = NULL; 1608 union { 1609 struct in_addr in4; 1610 struct in6_addr in6; 1611 } addrbuf; 1612 1613 if (s->flags & MTA_WAIT) 1614 mta_tree_pop(&wait_tls_init, s->id); 1615 1616 if (status == CA_FAIL && s->relay->pki_name) { 1617 log_info("%016"PRIx64" mta closing reason=ca-failure", s->id); 1618 mta_free(s); 1619 return; 1620 } 1621 1622 if (name) 1623 xname = xstrdup(name); 1624 if (cert) 1625 xcert = xmemdup(cert, cert_len); 1626 ssl = ssl_mta_init(xname, xcert, cert_len, env->sc_tls_ciphers); 1627 free(xname); 1628 free(xcert); 1629 if (ssl == NULL) 1630 fatal("mta: ssl_mta_init"); 1631 1632 /* 1633 * RFC4366 (SNI): Literal IPv4 and IPv6 addresses are not 1634 * permitted in "HostName". 1635 */ 1636 if (s->relay->domain->as_host == 1) { 1637 if (inet_pton(AF_INET, s->relay->domain->name, &addrbuf) != 1 && 1638 inet_pton(AF_INET6, s->relay->domain->name, &addrbuf) != 1) { 1639 log_debug("%016"PRIx64" mta tls setting SNI name=%s", 1640 s->id, s->relay->domain->name); 1641 if (SSL_set_tlsext_host_name(ssl, s->relay->domain->name) == 0) 1642 log_warnx("%016"PRIx64" mta tls setting SNI failed", 1643 s->id); 1644 } 1645 } 1646 1647 io_start_tls(s->io, ssl); 1648 } 1649 1650 static void 1651 mta_cert_verify(struct mta_session *s) 1652 { 1653 const char *name; 1654 int fallback; 1655 1656 if (s->relay->ca_name) { 1657 name = s->relay->ca_name; 1658 fallback = 0; 1659 } 1660 else { 1661 name = s->helo; 1662 fallback = 1; 1663 } 1664 1665 if (cert_verify(io_tls(s->io), name, fallback, mta_cert_verify_cb, s)) { 1666 tree_xset(&wait_tls_verify, s->id, s); 1667 io_pause(s->io, IO_IN); 1668 s->flags |= MTA_WAIT; 1669 } 1670 } 1671 1672 static void 1673 mta_cert_verify_cb(void *arg, int status) 1674 { 1675 struct mta_session *s = arg; 1676 int match, resume = 0; 1677 X509 *cert; 1678 1679 if (s->flags & MTA_WAIT) { 1680 mta_tree_pop(&wait_tls_verify, s->id); 1681 resume = 1; 1682 } 1683 1684 if (status == CERT_OK) { 1685 cert = SSL_get_peer_certificate(io_tls(s->io)); 1686 if (!cert) 1687 status = CERT_NOCERT; 1688 else { 1689 match = 0; 1690 (void)ssl_check_name(cert, s->mxname, &match); 1691 X509_free(cert); 1692 if (!match) { 1693 log_info("%016"PRIx64" mta " 1694 "ssl_check_name: no match for '%s' in cert", 1695 s->id, s->mxname); 1696 status = CERT_INVALID; 1697 } 1698 } 1699 } 1700 1701 if (status == CERT_OK) 1702 s->flags |= MTA_TLS_VERIFIED; 1703 else if (s->relay->flags & RELAY_TLS_VERIFY) { 1704 errno = 0; 1705 mta_error(s, "SSL certificate check failed"); 1706 mta_free(s); 1707 return; 1708 } 1709 1710 mta_tls_verified(s); 1711 if (resume) 1712 io_resume(s->io, IO_IN); 1713 } 1714 1715 static void 1716 mta_tls_verified(struct mta_session *s) 1717 { 1718 X509 *x; 1719 1720 x = SSL_get_peer_certificate(io_tls(s->io)); 1721 if (x) { 1722 log_info("%016"PRIx64" mta " 1723 "server-cert-check result=\"%s\"", 1724 s->id, 1725 (s->flags & MTA_TLS_VERIFIED) ? "success" : "failure"); 1726 X509_free(x); 1727 } 1728 1729 if (s->use_smtps) { 1730 mta_enter_state(s, MTA_BANNER); 1731 io_set_read(s->io); 1732 } 1733 else 1734 mta_enter_state(s, MTA_EHLO); 1735 } 1736 1737 static const char * 1738 dsn_strret(enum dsn_ret ret) 1739 { 1740 if (ret == DSN_RETHDRS) 1741 return "HDRS"; 1742 else if (ret == DSN_RETFULL) 1743 return "FULL"; 1744 else { 1745 log_debug("mta: invalid ret %d", ret); 1746 return "???"; 1747 } 1748 } 1749 1750 static const char * 1751 dsn_strnotify(uint8_t arg) 1752 { 1753 static char buf[32]; 1754 size_t sz; 1755 1756 buf[0] = '\0'; 1757 if (arg & DSN_SUCCESS) 1758 (void)strlcat(buf, "SUCCESS,", sizeof(buf)); 1759 1760 if (arg & DSN_FAILURE) 1761 (void)strlcat(buf, "FAILURE,", sizeof(buf)); 1762 1763 if (arg & DSN_DELAY) 1764 (void)strlcat(buf, "DELAY,", sizeof(buf)); 1765 1766 if (arg & DSN_NEVER) 1767 (void)strlcat(buf, "NEVER,", sizeof(buf)); 1768 1769 /* trim trailing comma */ 1770 sz = strlen(buf); 1771 if (sz) 1772 buf[sz - 1] = '\0'; 1773 1774 return (buf); 1775 } 1776 1777 #define CASE(x) case x : return #x 1778 1779 static const char * 1780 mta_strstate(int state) 1781 { 1782 switch (state) { 1783 CASE(MTA_INIT); 1784 CASE(MTA_BANNER); 1785 CASE(MTA_EHLO); 1786 CASE(MTA_HELO); 1787 CASE(MTA_STARTTLS); 1788 CASE(MTA_AUTH); 1789 CASE(MTA_AUTH_PLAIN); 1790 CASE(MTA_AUTH_LOGIN); 1791 CASE(MTA_AUTH_LOGIN_USER); 1792 CASE(MTA_AUTH_LOGIN_PASS); 1793 CASE(MTA_READY); 1794 CASE(MTA_MAIL); 1795 CASE(MTA_RCPT); 1796 CASE(MTA_DATA); 1797 CASE(MTA_BODY); 1798 CASE(MTA_EOM); 1799 CASE(MTA_LMTP_EOM); 1800 CASE(MTA_RSET); 1801 CASE(MTA_QUIT); 1802 default: 1803 return "MTA_???"; 1804 } 1805 } 1806 1807 static void 1808 mta_filter_begin(struct mta_session *s) 1809 { 1810 if (!SESSION_FILTERED(s)) 1811 return; 1812 1813 m_create(p_lka, IMSG_FILTER_SMTP_BEGIN, 0, 0, -1); 1814 m_add_id(p_lka, s->id); 1815 m_add_string(p_lka, s->relay->dispatcher->u.remote.filtername); 1816 m_close(p_lka); 1817 } 1818 1819 static void 1820 mta_filter_end(struct mta_session *s) 1821 { 1822 if (!SESSION_FILTERED(s)) 1823 return; 1824 1825 m_create(p_lka, IMSG_FILTER_SMTP_END, 0, 0, -1); 1826 m_add_id(p_lka, s->id); 1827 m_close(p_lka); 1828 } 1829 1830 static void 1831 mta_connected(struct mta_session *s) 1832 { 1833 struct sockaddr_storage sa_src; 1834 struct sockaddr_storage sa_dest; 1835 int sa_len; 1836 1837 log_info("%016"PRIx64" mta connected", s->id); 1838 1839 sa_len = sizeof sa_src; 1840 if (getsockname(io_fileno(s->io), 1841 (struct sockaddr *)&sa_src, &sa_len) == -1) 1842 bzero(&sa_src, sizeof sa_src); 1843 sa_len = sizeof sa_dest; 1844 if (getpeername(io_fileno(s->io), 1845 (struct sockaddr *)&sa_dest, &sa_len) == -1) 1846 bzero(&sa_dest, sizeof sa_dest); 1847 1848 mta_report_link_connect(s, 1849 s->route->dst->ptrname, 1, 1850 &sa_src, 1851 &sa_dest); 1852 } 1853 1854 static void 1855 mta_disconnected(struct mta_session *s) 1856 { 1857 mta_report_link_disconnect(s); 1858 mta_filter_end(s); 1859 } 1860 1861 1862 static void 1863 mta_report_link_connect(struct mta_session *s, const char *rdns, int fcrdns, 1864 const struct sockaddr_storage *ss_src, 1865 const struct sockaddr_storage *ss_dest) 1866 { 1867 if (! SESSION_FILTERED(s)) 1868 return; 1869 1870 report_smtp_link_connect("smtp-out", s->id, rdns, fcrdns, ss_src, ss_dest); 1871 } 1872 1873 static void 1874 mta_report_link_greeting(struct mta_session *s, 1875 const char *domain) 1876 { 1877 if (! SESSION_FILTERED(s)) 1878 return; 1879 1880 report_smtp_link_greeting("smtp-out", s->id, domain); 1881 } 1882 1883 static void 1884 mta_report_link_identify(struct mta_session *s, const char *method, const char *identity) 1885 { 1886 if (! SESSION_FILTERED(s)) 1887 return; 1888 1889 report_smtp_link_identify("smtp-out", s->id, method, identity); 1890 } 1891 1892 static void 1893 mta_report_link_tls(struct mta_session *s, const char *ssl) 1894 { 1895 if (! SESSION_FILTERED(s)) 1896 return; 1897 1898 report_smtp_link_tls("smtp-out", s->id, ssl); 1899 } 1900 1901 static void 1902 mta_report_link_disconnect(struct mta_session *s) 1903 { 1904 if (! SESSION_FILTERED(s)) 1905 return; 1906 1907 report_smtp_link_disconnect("smtp-out", s->id); 1908 } 1909 1910 static void 1911 mta_report_link_auth(struct mta_session *s, const char *user, const char *result) 1912 { 1913 if (! SESSION_FILTERED(s)) 1914 return; 1915 1916 report_smtp_link_auth("smtp-out", s->id, user, result); 1917 } 1918 1919 static void 1920 mta_report_tx_reset(struct mta_session *s, uint32_t msgid) 1921 { 1922 if (! SESSION_FILTERED(s)) 1923 return; 1924 1925 report_smtp_tx_reset("smtp-out", s->id, msgid); 1926 } 1927 1928 static void 1929 mta_report_tx_begin(struct mta_session *s, uint32_t msgid) 1930 { 1931 if (! SESSION_FILTERED(s)) 1932 return; 1933 1934 report_smtp_tx_begin("smtp-out", s->id, msgid); 1935 } 1936 1937 static void 1938 mta_report_tx_mail(struct mta_session *s, uint32_t msgid, const char *address, int ok) 1939 { 1940 if (! SESSION_FILTERED(s)) 1941 return; 1942 1943 report_smtp_tx_mail("smtp-out", s->id, msgid, address, ok); 1944 } 1945 1946 static void 1947 mta_report_tx_rcpt(struct mta_session *s, uint32_t msgid, const char *address, int ok) 1948 { 1949 if (! SESSION_FILTERED(s)) 1950 return; 1951 1952 report_smtp_tx_rcpt("smtp-out", s->id, msgid, address, ok); 1953 } 1954 1955 static void 1956 mta_report_tx_envelope(struct mta_session *s, uint32_t msgid, uint64_t evpid) 1957 { 1958 if (! SESSION_FILTERED(s)) 1959 return; 1960 1961 report_smtp_tx_envelope("smtp-out", s->id, msgid, evpid); 1962 } 1963 1964 static void 1965 mta_report_tx_data(struct mta_session *s, uint32_t msgid, int ok) 1966 { 1967 if (! SESSION_FILTERED(s)) 1968 return; 1969 1970 report_smtp_tx_data("smtp-out", s->id, msgid, ok); 1971 } 1972 1973 static void 1974 mta_report_tx_commit(struct mta_session *s, uint32_t msgid, size_t msgsz) 1975 { 1976 if (! SESSION_FILTERED(s)) 1977 return; 1978 1979 report_smtp_tx_commit("smtp-out", s->id, msgid, msgsz); 1980 } 1981 1982 static void 1983 mta_report_tx_rollback(struct mta_session *s, uint32_t msgid) 1984 { 1985 if (! SESSION_FILTERED(s)) 1986 return; 1987 1988 report_smtp_tx_rollback("smtp-out", s->id, msgid); 1989 } 1990 1991 static void 1992 mta_report_protocol_client(struct mta_session *s, const char *command) 1993 { 1994 if (! SESSION_FILTERED(s)) 1995 return; 1996 1997 report_smtp_protocol_client("smtp-out", s->id, command); 1998 } 1999 2000 static void 2001 mta_report_protocol_server(struct mta_session *s, const char *response) 2002 { 2003 if (! SESSION_FILTERED(s)) 2004 return; 2005 2006 report_smtp_protocol_server("smtp-out", s->id, response); 2007 } 2008 2009 #if 0 2010 static void 2011 mta_report_filter_response(struct mta_session *s, int phase, int response, const char *param) 2012 { 2013 if (! SESSION_FILTERED(s)) 2014 return; 2015 2016 report_smtp_filter_response("smtp-out", s->id, phase, response, param); 2017 } 2018 #endif 2019 2020 static void 2021 mta_report_timeout(struct mta_session *s) 2022 { 2023 if (! SESSION_FILTERED(s)) 2024 return; 2025 2026 report_smtp_timeout("smtp-out", s->id); 2027 } 2028