1 /* $OpenBSD: mta_session.c,v 1.68 2014/07/04 15:24:46 eric Exp $ */ 2 3 /* 4 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> 5 * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> 6 * Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net> 7 * Copyright (c) 2012 Eric Faurot <eric@openbsd.org> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 #include <sys/types.h> 23 #include <sys/queue.h> 24 #include <sys/tree.h> 25 #include <sys/socket.h> 26 #include <sys/uio.h> 27 28 #include <ctype.h> 29 #include <err.h> 30 #include <errno.h> 31 #include <event.h> 32 #include <imsg.h> 33 #include <inttypes.h> 34 #include <netdb.h> 35 #include <openssl/ssl.h> 36 #include <pwd.h> 37 #include <resolv.h> 38 #include <signal.h> 39 #include <stdio.h> 40 #include <stdlib.h> 41 #include <string.h> 42 #include <time.h> 43 #include <unistd.h> 44 45 #include "smtpd.h" 46 #include "log.h" 47 #include "ssl.h" 48 49 #define MAX_TRYBEFOREDISABLE 10 50 51 #define MTA_HIWAT 65535 52 53 enum mta_state { 54 MTA_INIT, 55 MTA_BANNER, 56 MTA_EHLO, 57 MTA_HELO, 58 MTA_LHLO, 59 MTA_STARTTLS, 60 MTA_AUTH, 61 MTA_AUTH_PLAIN, 62 MTA_AUTH_LOGIN, 63 MTA_AUTH_LOGIN_USER, 64 MTA_AUTH_LOGIN_PASS, 65 MTA_READY, 66 MTA_MAIL, 67 MTA_RCPT, 68 MTA_DATA, 69 MTA_BODY, 70 MTA_EOM, 71 MTA_LMTP_EOM, 72 MTA_RSET, 73 MTA_QUIT, 74 }; 75 76 #define MTA_FORCE_ANYSSL 0x0001 77 #define MTA_FORCE_SMTPS 0x0002 78 #define MTA_FORCE_TLS 0x0004 79 #define MTA_FORCE_PLAIN 0x0008 80 #define MTA_WANT_SECURE 0x0010 81 #define MTA_USE_AUTH 0x0020 82 #define MTA_USE_CERT 0x0040 83 #define MTA_DOWNGRADE_PLAIN 0x0080 84 85 #define MTA_TLS_TRIED 0x0080 86 87 #define MTA_TLS 0x0100 88 #define MTA_VERIFIED 0x0200 89 90 #define MTA_FREE 0x0400 91 #define MTA_LMTP 0x0800 92 #define MTA_WAIT 0x1000 93 #define MTA_HANGON 0x2000 94 #define MTA_RECONN 0x4000 95 96 #define MTA_EXT_STARTTLS 0x01 97 #define MTA_EXT_PIPELINING 0x02 98 #define MTA_EXT_AUTH 0x04 99 #define MTA_EXT_AUTH_PLAIN 0x08 100 #define MTA_EXT_AUTH_LOGIN 0x10 101 102 struct mta_session { 103 uint64_t id; 104 struct mta_relay *relay; 105 struct mta_route *route; 106 char *helo; 107 108 int flags; 109 110 int attempt; 111 int use_smtps; 112 int use_starttls; 113 int use_smtp_tls; 114 int ready; 115 116 struct iobuf iobuf; 117 struct io io; 118 int ext; 119 120 size_t msgtried; 121 size_t msgcount; 122 size_t rcptcount; 123 int hangon; 124 125 enum mta_state state; 126 struct mta_task *task; 127 struct mta_envelope *currevp; 128 FILE *datafp; 129 130 size_t failures; 131 }; 132 133 static void mta_session_init(void); 134 static void mta_start(int fd, short ev, void *arg); 135 static void mta_io(struct io *, int); 136 static void mta_free(struct mta_session *); 137 static void mta_on_ptr(void *, void *, void *); 138 static void mta_on_timeout(struct runq *, void *); 139 static void mta_connect(struct mta_session *); 140 static void mta_enter_state(struct mta_session *, int); 141 static void mta_flush_task(struct mta_session *, int, const char *, size_t, int); 142 static void mta_error(struct mta_session *, const char *, ...); 143 static void mta_send(struct mta_session *, char *, ...); 144 static ssize_t mta_queue_data(struct mta_session *); 145 static void mta_response(struct mta_session *, char *); 146 static const char * mta_strstate(int); 147 static void mta_start_tls(struct mta_session *); 148 static int mta_verify_certificate(struct mta_session *); 149 static struct mta_session *mta_tree_pop(struct tree *, uint64_t); 150 static const char * dsn_strret(enum dsn_ret); 151 static const char * dsn_strnotify(uint8_t); 152 153 void mta_hoststat_update(const char *, const char *); 154 void mta_hoststat_reschedule(const char *); 155 void mta_hoststat_cache(const char *, uint64_t); 156 void mta_hoststat_uncache(const char *, uint64_t); 157 158 static struct tree wait_helo; 159 static struct tree wait_ptr; 160 static struct tree wait_fd; 161 static struct tree wait_ssl_init; 162 static struct tree wait_ssl_verify; 163 164 static struct runq *hangon; 165 166 static void 167 mta_session_init(void) 168 { 169 static int init = 0; 170 171 if (!init) { 172 tree_init(&wait_helo); 173 tree_init(&wait_ptr); 174 tree_init(&wait_fd); 175 tree_init(&wait_ssl_init); 176 tree_init(&wait_ssl_verify); 177 runq_init(&hangon, mta_on_timeout); 178 init = 1; 179 } 180 } 181 182 void 183 mta_session(struct mta_relay *relay, struct mta_route *route) 184 { 185 struct mta_session *s; 186 struct timeval tv; 187 188 mta_session_init(); 189 190 s = xcalloc(1, sizeof *s, "mta_session"); 191 s->id = generate_uid(); 192 s->relay = relay; 193 s->route = route; 194 s->io.sock = -1; 195 196 if (relay->flags & RELAY_SSL && relay->flags & RELAY_AUTH) 197 s->flags |= MTA_USE_AUTH; 198 if (relay->pki_name) 199 s->flags |= MTA_USE_CERT; 200 if (relay->flags & RELAY_LMTP) 201 s->flags |= MTA_LMTP; 202 switch (relay->flags & (RELAY_SSL|RELAY_TLS_OPTIONAL)) { 203 case RELAY_SSL: 204 s->flags |= MTA_FORCE_ANYSSL; 205 s->flags |= MTA_WANT_SECURE; 206 break; 207 case RELAY_SMTPS: 208 s->flags |= MTA_FORCE_SMTPS; 209 s->flags |= MTA_WANT_SECURE; 210 break; 211 case RELAY_STARTTLS: 212 s->flags |= MTA_FORCE_TLS; 213 s->flags |= MTA_WANT_SECURE; 214 break; 215 case RELAY_TLS_OPTIONAL: 216 /* do not force anything, try tls then smtp */ 217 break; 218 default: 219 s->flags |= MTA_FORCE_PLAIN; 220 } 221 222 if (relay->flags & RELAY_BACKUP) 223 s->flags &= ~MTA_FORCE_PLAIN; 224 225 log_debug("debug: mta: %p: spawned for relay %s", s, 226 mta_relay_to_text(relay)); 227 stat_increment("mta.session", 1); 228 229 if (route->dst->ptrname || route->dst->lastptrquery) { 230 /* We want to delay the connection since to always notify 231 * the relay asynchronously. 232 */ 233 tv.tv_sec = 0; 234 tv.tv_usec = 0; 235 evtimer_set(&s->io.ev, mta_start, s); 236 evtimer_add(&s->io.ev, &tv); 237 } else if (waitq_wait(&route->dst->ptrname, mta_on_ptr, s)) { 238 m_create(p_lka, IMSG_MTA_DNS_PTR, 0, 0, -1); 239 m_add_id(p_lka, s->id); 240 m_add_sockaddr(p_lka, s->route->dst->sa); 241 m_close(p_lka); 242 tree_xset(&wait_ptr, s->id, s); 243 s->flags |= MTA_WAIT; 244 } 245 } 246 247 void 248 mta_session_imsg(struct mproc *p, struct imsg *imsg) 249 { 250 struct ca_vrfy_resp_msg *resp_ca_vrfy; 251 struct ca_cert_resp_msg *resp_ca_cert; 252 struct mta_session *s; 253 struct mta_host *h; 254 struct msg m; 255 uint64_t reqid; 256 const char *name; 257 void *ssl; 258 int dnserror, status; 259 char *pkiname; 260 261 switch (imsg->hdr.type) { 262 263 case IMSG_MTA_OPEN_MESSAGE: 264 m_msg(&m, imsg); 265 m_get_id(&m, &reqid); 266 m_end(&m); 267 268 s = mta_tree_pop(&wait_fd, reqid); 269 if (s == NULL) { 270 if (imsg->fd != -1) 271 close(imsg->fd); 272 return; 273 } 274 275 if (imsg->fd == -1) { 276 log_debug("debug: mta: failed to obtain msg fd"); 277 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 278 "Could not get message fd", 0, 0); 279 mta_enter_state(s, MTA_READY); 280 io_reload(&s->io); 281 return; 282 } 283 284 s->datafp = fdopen(imsg->fd, "r"); 285 if (s->datafp == NULL) 286 fatal("mta: fdopen"); 287 288 mta_enter_state(s, MTA_MAIL); 289 io_reload(&s->io); 290 return; 291 292 case IMSG_MTA_DNS_PTR: 293 m_msg(&m, imsg); 294 m_get_id(&m, &reqid); 295 m_get_int(&m, &dnserror); 296 if (dnserror) 297 name = NULL; 298 else 299 m_get_string(&m, &name); 300 m_end(&m); 301 s = mta_tree_pop(&wait_ptr, reqid); 302 if (s == NULL) 303 return; 304 305 h = s->route->dst; 306 h->lastptrquery = time(NULL); 307 if (name) 308 h->ptrname = xstrdup(name, "mta: ptr"); 309 waitq_run(&h->ptrname, h->ptrname); 310 return; 311 312 case IMSG_MTA_SSL_INIT: 313 resp_ca_cert = imsg->data; 314 s = mta_tree_pop(&wait_ssl_init, resp_ca_cert->reqid); 315 if (s == NULL) 316 return; 317 318 if (resp_ca_cert->status == CA_FAIL) { 319 if (s->relay->pki_name) { 320 log_info("smtp-out: Disconnecting session %016"PRIx64 321 ": CA failure", s->id); 322 mta_free(s); 323 return; 324 } 325 else { 326 ssl = ssl_mta_init(NULL, NULL, 0); 327 if (ssl == NULL) 328 fatal("mta: ssl_mta_init"); 329 io_start_tls(&s->io, ssl); 330 return; 331 } 332 } 333 334 resp_ca_cert = xmemdup(imsg->data, sizeof *resp_ca_cert, "mta:ca_cert"); 335 resp_ca_cert->cert = xstrdup((char *)imsg->data + 336 sizeof *resp_ca_cert, "mta:ca_cert"); 337 if (s->relay->pki_name) 338 pkiname = s->relay->pki_name; 339 else 340 pkiname = s->helo; 341 ssl = ssl_mta_init(pkiname, 342 resp_ca_cert->cert, resp_ca_cert->cert_len); 343 if (ssl == NULL) 344 fatal("mta: ssl_mta_init"); 345 io_start_tls(&s->io, ssl); 346 347 explicit_bzero(resp_ca_cert->cert, resp_ca_cert->cert_len); 348 free(resp_ca_cert->cert); 349 free(resp_ca_cert); 350 return; 351 352 case IMSG_MTA_SSL_VERIFY: 353 resp_ca_vrfy = imsg->data; 354 s = mta_tree_pop(&wait_ssl_verify, resp_ca_vrfy->reqid); 355 if (s == NULL) 356 return; 357 358 if (resp_ca_vrfy->status == CA_OK) 359 s->flags |= MTA_VERIFIED; 360 else if (s->relay->flags & F_TLS_VERIFY) { 361 errno = 0; 362 mta_error(s, "SSL certificate check failed"); 363 mta_free(s); 364 return; 365 } 366 367 mta_io(&s->io, IO_TLSVERIFIED); 368 io_resume(&s->io, IO_PAUSE_IN); 369 io_reload(&s->io); 370 return; 371 372 case IMSG_MTA_LOOKUP_HELO: 373 m_msg(&m, imsg); 374 m_get_id(&m, &reqid); 375 m_get_int(&m, &status); 376 if (status == LKA_OK) 377 m_get_string(&m, &name); 378 m_end(&m); 379 380 s = mta_tree_pop(&wait_helo, reqid); 381 if (s == NULL) 382 return; 383 384 if (status == LKA_OK) { 385 s->helo = xstrdup(name, "mta_session_imsg"); 386 mta_connect(s); 387 } else { 388 mta_source_error(s->relay, s->route, 389 "Failed to retrieve helo string"); 390 mta_free(s); 391 } 392 return; 393 394 default: 395 errx(1, "mta_session_imsg: unexpected %s imsg", 396 imsg_to_str(imsg->hdr.type)); 397 } 398 } 399 400 static struct mta_session * 401 mta_tree_pop(struct tree *wait, uint64_t reqid) 402 { 403 struct mta_session *s; 404 405 s = tree_xpop(wait, reqid); 406 if (s->flags & MTA_FREE) { 407 log_debug("debug: mta: %p: zombie session", s); 408 mta_free(s); 409 return (NULL); 410 } 411 s->flags &= ~MTA_WAIT; 412 413 return (s); 414 } 415 416 static void 417 mta_free(struct mta_session *s) 418 { 419 struct mta_relay *relay; 420 struct mta_route *route; 421 422 log_debug("debug: mta: %p: session done", s); 423 424 if (s->ready) 425 s->relay->nconn_ready -= 1; 426 427 if (s->flags & MTA_HANGON) { 428 log_debug("debug: mta: %p: cancelling hangon timer", s); 429 runq_cancel(hangon, NULL, s); 430 } 431 432 io_clear(&s->io); 433 iobuf_clear(&s->iobuf); 434 435 if (s->task) 436 fatalx("current task should have been deleted already"); 437 if (s->datafp) 438 fclose(s->datafp); 439 if (s->helo) 440 free(s->helo); 441 442 relay = s->relay; 443 route = s->route; 444 free(s); 445 stat_decrement("mta.session", 1); 446 mta_route_collect(relay, route); 447 } 448 449 static void 450 mta_on_timeout(struct runq *runq, void *arg) 451 { 452 struct mta_session *s = arg; 453 454 log_debug("mta: timeout for session hangon"); 455 456 s->flags &= ~MTA_HANGON; 457 s->hangon++; 458 459 mta_enter_state(s, MTA_READY); 460 io_reload(&s->io); 461 } 462 463 static void 464 mta_on_ptr(void *tag, void *arg, void *data) 465 { 466 struct mta_session *s = arg; 467 468 mta_connect(s); 469 } 470 471 static void 472 mta_start(int fd, short ev, void *arg) 473 { 474 struct mta_session *s = arg; 475 476 mta_connect(s); 477 } 478 479 static void 480 mta_connect(struct mta_session *s) 481 { 482 struct sockaddr_storage ss; 483 struct sockaddr *sa; 484 int portno; 485 const char *schema = "smtp+tls://"; 486 487 if (s->helo == NULL) { 488 if (s->relay->helotable && s->route->src->sa) { 489 m_create(p_lka, IMSG_MTA_LOOKUP_HELO, 0, 0, -1); 490 m_add_id(p_lka, s->id); 491 m_add_string(p_lka, s->relay->helotable); 492 m_add_sockaddr(p_lka, s->route->src->sa); 493 m_close(p_lka); 494 tree_xset(&wait_helo, s->id, s); 495 s->flags |= MTA_WAIT; 496 return; 497 } 498 else if (s->relay->heloname) 499 s->helo = xstrdup(s->relay->heloname, "mta_connect"); 500 else 501 s->helo = xstrdup(env->sc_hostname, "mta_connect"); 502 } 503 504 io_clear(&s->io); 505 iobuf_clear(&s->iobuf); 506 507 s->use_smtps = s->use_starttls = s->use_smtp_tls = 0; 508 509 switch (s->attempt) { 510 case 0: 511 if (s->flags & MTA_FORCE_SMTPS) 512 s->use_smtps = 1; /* smtps */ 513 else if (s->flags & (MTA_FORCE_TLS|MTA_FORCE_ANYSSL)) 514 s->use_starttls = 1; /* tls, tls+smtps */ 515 else if (!(s->flags & MTA_FORCE_PLAIN)) 516 s->use_smtp_tls = 1; 517 break; 518 case 1: 519 if (s->flags & MTA_FORCE_ANYSSL) { 520 s->use_smtps = 1; /* tls+smtps */ 521 break; 522 } 523 else if (s->flags & MTA_DOWNGRADE_PLAIN) { 524 /* smtp+tls, with tls failure */ 525 break; 526 } 527 default: 528 mta_free(s); 529 return; 530 } 531 portno = s->use_smtps ? 465 : 25; 532 533 /* Override with relay-specified port */ 534 if (s->relay->port) 535 portno = s->relay->port; 536 537 memmove(&ss, s->route->dst->sa, s->route->dst->sa->sa_len); 538 sa = (struct sockaddr *)&ss; 539 540 if (sa->sa_family == AF_INET) 541 ((struct sockaddr_in *)sa)->sin_port = htons(portno); 542 else if (sa->sa_family == AF_INET6) 543 ((struct sockaddr_in6 *)sa)->sin6_port = htons(portno); 544 545 s->attempt += 1; 546 if (s->use_smtp_tls) 547 schema = "smtp+tls://"; 548 else if (s->use_starttls) 549 schema = "tls://"; 550 else if (s->use_smtps) 551 schema = "smtps://"; 552 else if (s->flags & MTA_LMTP) 553 schema = "lmtp://"; 554 else 555 schema = "smtp://"; 556 557 log_info("smtp-out: Connecting to %s%s:%d (%s) on session" 558 " %016"PRIx64"...", schema, sa_to_text(s->route->dst->sa), 559 portno, s->route->dst->ptrname, s->id); 560 561 mta_enter_state(s, MTA_INIT); 562 iobuf_xinit(&s->iobuf, 0, 0, "mta_connect"); 563 io_init(&s->io, -1, s, mta_io, &s->iobuf); 564 io_set_timeout(&s->io, 300000); 565 if (io_connect(&s->io, sa, s->route->src->sa) == -1) { 566 /* 567 * This error is most likely a "no route", 568 * so there is no need to try again. 569 */ 570 log_debug("debug: mta: io_connect failed: %s", s->io.error); 571 if (errno == EADDRNOTAVAIL) 572 mta_source_error(s->relay, s->route, s->io.error); 573 else 574 mta_error(s, "Connection failed: %s", s->io.error); 575 mta_free(s); 576 } 577 } 578 579 static void 580 mta_enter_state(struct mta_session *s, int newstate) 581 { 582 struct mta_envelope *e; 583 size_t envid_sz; 584 int oldstate; 585 ssize_t q; 586 char ibuf[SMTPD_MAXLINESIZE]; 587 char obuf[SMTPD_MAXLINESIZE]; 588 int offset; 589 590 again: 591 oldstate = s->state; 592 593 log_trace(TRACE_MTA, "mta: %p: %s -> %s", s, 594 mta_strstate(oldstate), 595 mta_strstate(newstate)); 596 597 s->state = newstate; 598 599 /* don't try this at home! */ 600 #define mta_enter_state(_s, _st) do { newstate = _st; goto again; } while (0) 601 602 switch (s->state) { 603 case MTA_INIT: 604 case MTA_BANNER: 605 break; 606 607 case MTA_EHLO: 608 s->ext = 0; 609 mta_send(s, "EHLO %s", s->helo); 610 break; 611 612 case MTA_HELO: 613 s->ext = 0; 614 mta_send(s, "HELO %s", s->helo); 615 break; 616 617 case MTA_LHLO: 618 s->ext = 0; 619 mta_send(s, "LHLO %s", s->helo); 620 break; 621 622 case MTA_STARTTLS: 623 if (s->flags & MTA_DOWNGRADE_PLAIN) 624 mta_enter_state(s, MTA_AUTH); 625 if (s->flags & MTA_TLS) /* already started */ 626 mta_enter_state(s, MTA_AUTH); 627 else if ((s->ext & MTA_EXT_STARTTLS) == 0) { 628 if (s->flags & MTA_FORCE_TLS || s->flags & MTA_WANT_SECURE) { 629 mta_error(s, "TLS required but not supported by remote host"); 630 s->flags |= MTA_RECONN; 631 } 632 else 633 /* server doesn't support starttls, do not use it */ 634 mta_enter_state(s, MTA_AUTH); 635 } 636 else 637 mta_send(s, "STARTTLS"); 638 break; 639 640 case MTA_AUTH: 641 if (s->relay->secret && s->flags & MTA_TLS) { 642 if (s->ext & MTA_EXT_AUTH) { 643 if (s->ext & MTA_EXT_AUTH_PLAIN) { 644 mta_enter_state(s, MTA_AUTH_PLAIN); 645 break; 646 } 647 if (s->ext & MTA_EXT_AUTH_LOGIN) { 648 mta_enter_state(s, MTA_AUTH_LOGIN); 649 break; 650 } 651 log_debug("debug: mta: %p: no supported AUTH method on session", s); 652 mta_error(s, "no supported AUTH method"); 653 } 654 else { 655 log_debug("debug: mta: %p: AUTH not advertised on session", s); 656 mta_error(s, "AUTH not advertised"); 657 } 658 } 659 else if (s->relay->secret) { 660 log_debug("debug: mta: %p: not using AUTH on non-TLS " 661 "session", s); 662 mta_error(s, "Refuse to AUTH over unsecure channel"); 663 mta_connect(s); 664 } else { 665 mta_enter_state(s, MTA_READY); 666 } 667 break; 668 669 case MTA_AUTH_PLAIN: 670 mta_send(s, "AUTH PLAIN %s", s->relay->secret); 671 break; 672 673 case MTA_AUTH_LOGIN: 674 mta_send(s, "AUTH LOGIN"); 675 break; 676 677 case MTA_AUTH_LOGIN_USER: 678 memset(ibuf, 0, sizeof ibuf); 679 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 680 sizeof(ibuf)-1) == -1) { 681 log_debug("debug: mta: %p: credentials too large on session", s); 682 mta_error(s, "Credentials too large"); 683 break; 684 } 685 686 memset(obuf, 0, sizeof obuf); 687 base64_encode((unsigned char *)ibuf + 1, strlen(ibuf + 1), obuf, sizeof obuf); 688 mta_send(s, "%s", obuf); 689 690 memset(ibuf, 0, sizeof ibuf); 691 memset(obuf, 0, sizeof obuf); 692 break; 693 694 case MTA_AUTH_LOGIN_PASS: 695 memset(ibuf, 0, sizeof ibuf); 696 if (base64_decode(s->relay->secret, (unsigned char *)ibuf, 697 sizeof(ibuf)-1) == -1) { 698 log_debug("debug: mta: %p: credentials too large on session", s); 699 mta_error(s, "Credentials too large"); 700 break; 701 } 702 703 offset = strlen(ibuf+1)+2; 704 memset(obuf, 0, sizeof obuf); 705 base64_encode((unsigned char *)ibuf + offset, strlen(ibuf + offset), obuf, sizeof obuf); 706 mta_send(s, "%s", obuf); 707 708 memset(ibuf, 0, sizeof ibuf); 709 memset(obuf, 0, sizeof obuf); 710 break; 711 712 case MTA_READY: 713 /* Ready to send a new mail */ 714 if (s->ready == 0) { 715 s->ready = 1; 716 s->relay->nconn_ready += 1; 717 mta_route_ok(s->relay, s->route); 718 } 719 720 if (s->msgtried >= MAX_TRYBEFOREDISABLE) { 721 log_info("smtp-out: Remote host seems to reject all mails on session %016"PRIx64, 722 s->id); 723 mta_route_down(s->relay, s->route); 724 mta_enter_state(s, MTA_QUIT); 725 break; 726 } 727 728 if (s->msgcount >= s->relay->limits->max_mail_per_session) { 729 log_debug("debug: mta: " 730 "%p: cannot send more message to relay %s", s, 731 mta_relay_to_text(s->relay)); 732 mta_enter_state(s, MTA_QUIT); 733 break; 734 } 735 736 /* 737 * When downgrading from opportunistic TLS, clear flag and 738 * possibly reuse the same task (forbidden in other cases). 739 */ 740 if (s->flags & MTA_DOWNGRADE_PLAIN) 741 s->flags &= ~MTA_DOWNGRADE_PLAIN; 742 else if (s->task) 743 fatalx("task should be NULL at this point"); 744 745 if (s->task == NULL) 746 s->task = mta_route_next_task(s->relay, s->route); 747 if (s->task == NULL) { 748 log_debug("debug: mta: %p: no task for relay %s", 749 s, mta_relay_to_text(s->relay)); 750 751 if (s->relay->nconn > 1 || 752 s->hangon >= s->relay->limits->sessdelay_keepalive) { 753 mta_enter_state(s, MTA_QUIT); 754 break; 755 } 756 757 log_debug("mta: debug: last connection: hanging on for %llds", 758 (long long)(s->relay->limits->sessdelay_keepalive - 759 s->hangon)); 760 s->flags |= MTA_HANGON; 761 runq_schedule(hangon, time(NULL) + 1, NULL, s); 762 break; 763 } 764 765 log_debug("debug: mta: %p: handling next task for relay %s", s, 766 mta_relay_to_text(s->relay)); 767 768 stat_increment("mta.task.running", 1); 769 770 m_create(p_queue, IMSG_MTA_OPEN_MESSAGE, 0, 0, -1); 771 m_add_id(p_queue, s->id); 772 m_add_msgid(p_queue, s->task->msgid); 773 m_close(p_queue); 774 775 tree_xset(&wait_fd, s->id, s); 776 s->flags |= MTA_WAIT; 777 break; 778 779 case MTA_MAIL: 780 s->currevp = TAILQ_FIRST(&s->task->envelopes); 781 782 e = s->currevp; 783 s->hangon = 0; 784 s->msgtried++; 785 envid_sz = strlen(e->dsn_envid); 786 if (s->ext & MTA_EXT_DSN) { 787 mta_send(s, "MAIL FROM:<%s>%s%s%s%s", 788 s->task->sender, 789 e->dsn_ret ? " RET=" : "", 790 e->dsn_ret ? dsn_strret(e->dsn_ret) : "", 791 envid_sz ? " ENVID=" : "", 792 envid_sz ? e->dsn_envid : ""); 793 } else 794 mta_send(s, "MAIL FROM:<%s>", s->task->sender); 795 break; 796 797 case MTA_RCPT: 798 if (s->currevp == NULL) 799 s->currevp = TAILQ_FIRST(&s->task->envelopes); 800 801 e = s->currevp; 802 if (s->ext & MTA_EXT_DSN) { 803 mta_send(s, "RCPT TO:<%s>%s%s%s%s", 804 e->dest, 805 e->dsn_notify ? " NOTIFY=" : "", 806 e->dsn_notify ? dsn_strnotify(e->dsn_notify) : "", 807 e->dsn_orcpt ? " ORCPT=" : "", 808 e->dsn_orcpt ? e->dsn_orcpt : ""); 809 } else 810 mta_send(s, "RCPT TO:<%s>", e->dest); 811 812 s->rcptcount++; 813 break; 814 815 case MTA_DATA: 816 fseek(s->datafp, 0, SEEK_SET); 817 mta_send(s, "DATA"); 818 break; 819 820 case MTA_BODY: 821 if (s->datafp == NULL) { 822 log_trace(TRACE_MTA, "mta: %p: end-of-file", s); 823 mta_enter_state(s, MTA_EOM); 824 break; 825 } 826 827 if ((q = mta_queue_data(s)) == -1) { 828 s->flags |= MTA_FREE; 829 break; 830 } 831 if (q == 0) { 832 mta_enter_state(s, MTA_BODY); 833 break; 834 } 835 836 log_trace(TRACE_MTA, "mta: %p: >>> [...%zd bytes...]", s, q); 837 break; 838 839 case MTA_EOM: 840 mta_send(s, "."); 841 break; 842 843 case MTA_LMTP_EOM: 844 /* LMTP reports status of each delivery, so enable read */ 845 io_set_read(&s->io); 846 break; 847 848 case MTA_RSET: 849 if (s->datafp) { 850 fclose(s->datafp); 851 s->datafp = NULL; 852 } 853 mta_send(s, "RSET"); 854 break; 855 856 case MTA_QUIT: 857 mta_send(s, "QUIT"); 858 break; 859 860 default: 861 fatalx("mta_enter_state: unknown state"); 862 } 863 #undef mta_enter_state 864 } 865 866 /* 867 * Handle a response to an SMTP command 868 */ 869 static void 870 mta_response(struct mta_session *s, char *line) 871 { 872 struct mta_envelope *e; 873 struct sockaddr_storage ss; 874 struct sockaddr *sa; 875 const char *domain; 876 socklen_t sa_len; 877 char buf[SMTPD_MAXLINESIZE]; 878 int delivery; 879 880 switch (s->state) { 881 882 case MTA_BANNER: 883 if (line[0] != '2') { 884 mta_error(s, "BANNER rejected: %s", line); 885 s->flags |= MTA_FREE; 886 return; 887 } 888 if (s->flags & MTA_LMTP) 889 mta_enter_state(s, MTA_LHLO); 890 else 891 mta_enter_state(s, MTA_EHLO); 892 break; 893 894 case MTA_EHLO: 895 if (line[0] != '2') { 896 /* rejected at ehlo state */ 897 if ((s->flags & MTA_USE_AUTH) || 898 (s->flags & MTA_WANT_SECURE)) { 899 mta_error(s, "EHLO rejected: %s", line); 900 s->flags |= MTA_FREE; 901 return; 902 } 903 mta_enter_state(s, MTA_HELO); 904 return; 905 } 906 if (!(s->flags & MTA_FORCE_PLAIN)) 907 mta_enter_state(s, MTA_STARTTLS); 908 else 909 mta_enter_state(s, MTA_READY); 910 break; 911 912 case MTA_HELO: 913 if (line[0] != '2') { 914 mta_error(s, "HELO rejected: %s", line); 915 s->flags |= MTA_FREE; 916 return; 917 } 918 mta_enter_state(s, MTA_READY); 919 break; 920 921 case MTA_LHLO: 922 if (line[0] != '2') { 923 mta_error(s, "LHLO rejected: %s", line); 924 s->flags |= MTA_FREE; 925 return; 926 } 927 mta_enter_state(s, MTA_READY); 928 break; 929 930 case MTA_STARTTLS: 931 if (line[0] != '2') { 932 if (!(s->flags & MTA_WANT_SECURE)) { 933 mta_enter_state(s, MTA_AUTH); 934 return; 935 } 936 /* XXX mark that the MX doesn't support STARTTLS */ 937 mta_error(s, "STARTTLS rejected: %s", line); 938 s->flags |= MTA_FREE; 939 return; 940 } 941 942 mta_start_tls(s); 943 break; 944 945 case MTA_AUTH_PLAIN: 946 if (line[0] != '2') { 947 mta_error(s, "AUTH rejected: %s", line); 948 s->flags |= MTA_FREE; 949 return; 950 } 951 mta_enter_state(s, MTA_READY); 952 break; 953 954 case MTA_AUTH_LOGIN: 955 if (strncmp(line, "334 ", 4) != 0) { 956 mta_error(s, "AUTH rejected: %s", line); 957 s->flags |= MTA_FREE; 958 return; 959 } 960 mta_enter_state(s, MTA_AUTH_LOGIN_USER); 961 break; 962 963 case MTA_AUTH_LOGIN_USER: 964 if (strncmp(line, "334 ", 4) != 0) { 965 mta_error(s, "AUTH rejected: %s", line); 966 s->flags |= MTA_FREE; 967 return; 968 } 969 mta_enter_state(s, MTA_AUTH_LOGIN_PASS); 970 break; 971 972 case MTA_AUTH_LOGIN_PASS: 973 if (line[0] != '2') { 974 mta_error(s, "AUTH rejected: %s", line); 975 s->flags |= MTA_FREE; 976 return; 977 } 978 mta_enter_state(s, MTA_READY); 979 break; 980 981 case MTA_MAIL: 982 if (line[0] != '2') { 983 if (line[0] == '5') 984 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 985 else 986 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 987 mta_flush_task(s, delivery, line, 0, 0); 988 mta_enter_state(s, MTA_RSET); 989 return; 990 } 991 mta_enter_state(s, MTA_RCPT); 992 break; 993 994 case MTA_RCPT: 995 e = s->currevp; 996 997 /* remove envelope from hosttat cache if there */ 998 if ((domain = strchr(e->dest, '@')) != NULL) { 999 domain++; 1000 mta_hoststat_uncache(domain, e->id); 1001 } 1002 1003 s->currevp = TAILQ_NEXT(s->currevp, entry); 1004 if (line[0] == '2') { 1005 s->failures = 0; 1006 /* 1007 * this host is up, reschedule envelopes that 1008 * were cached for reschedule. 1009 */ 1010 if (domain) 1011 mta_hoststat_reschedule(domain); 1012 } 1013 else { 1014 if (line[0] == '5') 1015 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1016 else 1017 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1018 s->failures++; 1019 1020 /* remove failed envelope from task list */ 1021 TAILQ_REMOVE(&s->task->envelopes, e, entry); 1022 stat_decrement("mta.envelope", 1); 1023 1024 /* log right away */ 1025 (void)snprintf(buf, sizeof(buf), "%s", 1026 mta_host_to_text(s->route->dst)); 1027 1028 e->session = s->id; 1029 /* XXX */ 1030 /* 1031 * getsockname() can only fail with ENOBUFS here 1032 * best effort, don't log source ... 1033 */ 1034 sa_len = sizeof(ss); 1035 sa = (struct sockaddr *)&ss; 1036 if (getsockname(s->io.sock, sa, &sa_len) < 0) 1037 mta_delivery_log(e, NULL, buf, delivery, line); 1038 else 1039 mta_delivery_log(e, sa_to_text(sa), 1040 buf, delivery, line); 1041 1042 if (domain) 1043 mta_hoststat_update(domain, e->status); 1044 mta_delivery_notify(e); 1045 1046 if (s->relay->limits->max_failures_per_session && 1047 s->failures == s->relay->limits->max_failures_per_session) { 1048 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 1049 "Too many consecutive errors, closing connection", 0, 1); 1050 mta_enter_state(s, MTA_QUIT); 1051 break; 1052 } 1053 1054 /* 1055 * if no more envelopes, flush failed queue 1056 */ 1057 if (TAILQ_EMPTY(&s->task->envelopes)) { 1058 mta_flush_task(s, IMSG_MTA_DELIVERY_OK, 1059 "No envelope", 0, 0); 1060 mta_enter_state(s, MTA_RSET); 1061 break; 1062 } 1063 } 1064 1065 if (s->currevp == NULL) 1066 mta_enter_state(s, MTA_DATA); 1067 else 1068 mta_enter_state(s, MTA_RCPT); 1069 break; 1070 1071 case MTA_DATA: 1072 if (line[0] == '2' || line[0] == '3') { 1073 mta_enter_state(s, MTA_BODY); 1074 break; 1075 } 1076 if (line[0] == '5') 1077 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1078 else 1079 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1080 mta_flush_task(s, delivery, line, 0, 0); 1081 mta_enter_state(s, MTA_RSET); 1082 break; 1083 1084 case MTA_LMTP_EOM: 1085 case MTA_EOM: 1086 if (line[0] == '2') { 1087 delivery = IMSG_MTA_DELIVERY_OK; 1088 s->msgtried = 0; 1089 s->msgcount++; 1090 } 1091 else if (line[0] == '5') 1092 delivery = IMSG_MTA_DELIVERY_PERMFAIL; 1093 else 1094 delivery = IMSG_MTA_DELIVERY_TEMPFAIL; 1095 mta_flush_task(s, delivery, line, (s->flags & MTA_LMTP) ? 1 : 0, 0); 1096 if (s->task) { 1097 s->rcptcount--; 1098 mta_enter_state(s, MTA_LMTP_EOM); 1099 } else { 1100 s->rcptcount = 0; 1101 if (s->relay->limits->sessdelay_transaction) { 1102 log_debug("debug: mta: waiting for %llds before next transaction", 1103 (long long int)s->relay->limits->sessdelay_transaction); 1104 s->hangon = s->relay->limits->sessdelay_transaction -1; 1105 s->flags |= MTA_HANGON; 1106 runq_schedule(hangon, time(NULL) 1107 + s->relay->limits->sessdelay_transaction, 1108 NULL, s); 1109 } 1110 else 1111 mta_enter_state(s, MTA_READY); 1112 } 1113 break; 1114 1115 case MTA_RSET: 1116 s->rcptcount = 0; 1117 if (s->relay->limits->sessdelay_transaction) { 1118 log_debug("debug: mta: waiting for %llds after reset", 1119 (long long int)s->relay->limits->sessdelay_transaction); 1120 s->hangon = s->relay->limits->sessdelay_transaction -1; 1121 s->flags |= MTA_HANGON; 1122 runq_schedule(hangon, time(NULL) 1123 + s->relay->limits->sessdelay_transaction, 1124 NULL, s); 1125 } 1126 else 1127 mta_enter_state(s, MTA_READY); 1128 break; 1129 1130 default: 1131 fatalx("mta_response() bad state"); 1132 } 1133 } 1134 1135 static void 1136 mta_io(struct io *io, int evt) 1137 { 1138 struct mta_session *s = io->arg; 1139 char *line, *msg, *p; 1140 size_t len; 1141 const char *error; 1142 int cont; 1143 X509 *x; 1144 1145 log_trace(TRACE_IO, "mta: %p: %s %s", s, io_strevent(evt), 1146 io_strio(io)); 1147 1148 switch (evt) { 1149 1150 case IO_CONNECTED: 1151 log_info("smtp-out: Connected on session %016"PRIx64, s->id); 1152 1153 if (s->use_smtps) { 1154 io_set_write(io); 1155 mta_start_tls(s); 1156 } 1157 else { 1158 mta_enter_state(s, MTA_BANNER); 1159 io_set_read(io); 1160 } 1161 break; 1162 1163 case IO_TLSREADY: 1164 log_info("smtp-out: Started TLS on session %016"PRIx64": %s", 1165 s->id, ssl_to_text(s->io.ssl)); 1166 s->flags |= MTA_TLS; 1167 1168 if (mta_verify_certificate(s)) { 1169 io_pause(&s->io, IO_PAUSE_IN); 1170 break; 1171 } 1172 1173 case IO_TLSVERIFIED: 1174 x = SSL_get_peer_certificate(s->io.ssl); 1175 if (x) { 1176 log_info("smtp-out: Server certificate verification %s " 1177 "on session %016"PRIx64, 1178 (s->flags & MTA_VERIFIED) ? "succeeded" : "failed", 1179 s->id); 1180 X509_free(x); 1181 } 1182 1183 if (s->use_smtps) { 1184 mta_enter_state(s, MTA_BANNER); 1185 io_set_read(io); 1186 } 1187 else 1188 mta_enter_state(s, MTA_EHLO); 1189 break; 1190 1191 case IO_DATAIN: 1192 nextline: 1193 line = iobuf_getline(&s->iobuf, &len); 1194 if (line == NULL) { 1195 if (iobuf_len(&s->iobuf) >= SMTPD_MAXLINESIZE) { 1196 mta_error(s, "Input too long"); 1197 mta_free(s); 1198 return; 1199 } 1200 iobuf_normalize(&s->iobuf); 1201 break; 1202 } 1203 1204 log_trace(TRACE_MTA, "mta: %p: <<< %s", s, line); 1205 1206 if ((error = parse_smtp_response(line, len, &msg, &cont))) { 1207 mta_error(s, "Bad response: %s", error); 1208 mta_free(s); 1209 return; 1210 } 1211 1212 /* read extensions */ 1213 if (s->state == MTA_EHLO) { 1214 if (strcmp(msg, "STARTTLS") == 0) 1215 s->ext |= MTA_EXT_STARTTLS; 1216 else if (strncmp(msg, "AUTH ", 5) == 0) { 1217 s->ext |= MTA_EXT_AUTH; 1218 if ((p = strstr(msg, " PLAIN")) && 1219 (*(p+6) == '\0' || *(p+6) == ' ')) 1220 s->ext |= MTA_EXT_AUTH_PLAIN; 1221 if ((p = strstr(msg, " LOGIN")) && 1222 (*(p+6) == '\0' || *(p+6) == ' ')) 1223 s->ext |= MTA_EXT_AUTH_LOGIN; 1224 } 1225 else if (strcmp(msg, "PIPELINING") == 0) 1226 s->ext |= MTA_EXT_PIPELINING; 1227 else if (strcmp(msg, "DSN") == 0) 1228 s->ext |= MTA_EXT_DSN; 1229 } 1230 1231 if (cont) 1232 goto nextline; 1233 1234 if (s->state == MTA_QUIT) { 1235 log_info("smtp-out: Closing session %016"PRIx64 1236 ": %zu message%s sent.", s->id, s->msgcount, 1237 (s->msgcount > 1) ? "s" : ""); 1238 mta_free(s); 1239 return; 1240 } 1241 io_set_write(io); 1242 mta_response(s, line); 1243 if (s->flags & MTA_FREE) { 1244 mta_free(s); 1245 return; 1246 } 1247 if (s->flags & MTA_RECONN) { 1248 s->flags &= ~MTA_RECONN; 1249 mta_connect(s); 1250 return; 1251 } 1252 1253 iobuf_normalize(&s->iobuf); 1254 1255 if (iobuf_len(&s->iobuf)) { 1256 log_debug("debug: mta: remaining data in input buffer"); 1257 mta_error(s, "Remote host sent too much data"); 1258 if (s->flags & MTA_WAIT) 1259 s->flags |= MTA_FREE; 1260 else 1261 mta_free(s); 1262 } 1263 break; 1264 1265 case IO_LOWAT: 1266 if (s->state == MTA_BODY) { 1267 mta_enter_state(s, MTA_BODY); 1268 if (s->flags & MTA_FREE) { 1269 mta_free(s); 1270 return; 1271 } 1272 } 1273 1274 if (iobuf_queued(&s->iobuf) == 0) 1275 io_set_read(io); 1276 break; 1277 1278 case IO_TIMEOUT: 1279 log_debug("debug: mta: %p: connection timeout", s); 1280 mta_error(s, "Connection timeout"); 1281 if (!s->ready) 1282 mta_connect(s); 1283 else 1284 mta_free(s); 1285 break; 1286 1287 case IO_ERROR: 1288 log_debug("debug: mta: %p: IO error: %s", s, io->error); 1289 if (!s->ready) { 1290 mta_error(s, "IO Error: %s", io->error); 1291 mta_connect(s); 1292 break; 1293 } 1294 else if (!(s->flags & (MTA_FORCE_TLS|MTA_FORCE_ANYSSL))) { 1295 /* error in non-strict SSL negotiation, downgrade to plain */ 1296 if (s->flags & MTA_TLS) { 1297 log_info("smtp-out: Error on session %016"PRIx64 1298 ": opportunistic TLS failed, " 1299 "downgrading to plain", s->id); 1300 s->flags &= ~MTA_TLS; 1301 s->flags |= MTA_DOWNGRADE_PLAIN; 1302 mta_connect(s); 1303 break; 1304 } 1305 } 1306 mta_error(s, "IO Error: %s", io->error); 1307 mta_free(s); 1308 break; 1309 1310 case IO_DISCONNECTED: 1311 log_debug("debug: mta: %p: disconnected in state %s", 1312 s, mta_strstate(s->state)); 1313 mta_error(s, "Connection closed unexpectedly"); 1314 if (!s->ready) 1315 mta_connect(s); 1316 else 1317 mta_free(s); 1318 break; 1319 1320 default: 1321 fatalx("mta_io() bad event"); 1322 } 1323 } 1324 1325 static void 1326 mta_send(struct mta_session *s, char *fmt, ...) 1327 { 1328 va_list ap; 1329 char *p; 1330 int len; 1331 1332 va_start(ap, fmt); 1333 if ((len = vasprintf(&p, fmt, ap)) == -1) 1334 fatal("mta: vasprintf"); 1335 va_end(ap); 1336 1337 log_trace(TRACE_MTA, "mta: %p: >>> %s", s, p); 1338 1339 iobuf_xfqueue(&s->iobuf, "mta_send", "%s\r\n", p); 1340 1341 free(p); 1342 } 1343 1344 /* 1345 * Queue some data into the input buffer 1346 */ 1347 static ssize_t 1348 mta_queue_data(struct mta_session *s) 1349 { 1350 char *ln; 1351 size_t len, q; 1352 1353 q = iobuf_queued(&s->iobuf); 1354 1355 while (iobuf_queued(&s->iobuf) < MTA_HIWAT) { 1356 if ((ln = fgetln(s->datafp, &len)) == NULL) 1357 break; 1358 if (ln[len - 1] == '\n') 1359 ln[len - 1] = '\0'; 1360 iobuf_xfqueue(&s->iobuf, "mta_queue_data", "%s%s\r\n", 1361 *ln == '.' ? "." : "", ln); 1362 } 1363 1364 if (ferror(s->datafp)) { 1365 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, 1366 "Error reading content file", 0, 0); 1367 return (-1); 1368 } 1369 1370 if (feof(s->datafp)) { 1371 fclose(s->datafp); 1372 s->datafp = NULL; 1373 } 1374 1375 return (iobuf_queued(&s->iobuf) - q); 1376 } 1377 1378 static void 1379 mta_flush_task(struct mta_session *s, int delivery, const char *error, size_t count, 1380 int cache) 1381 { 1382 struct mta_envelope *e; 1383 char relay[SMTPD_MAXLINESIZE]; 1384 size_t n; 1385 struct sockaddr_storage ss; 1386 struct sockaddr *sa; 1387 socklen_t sa_len; 1388 const char *domain; 1389 1390 (void)snprintf(relay, sizeof relay, "%s", mta_host_to_text(s->route->dst)); 1391 n = 0; 1392 while ((e = TAILQ_FIRST(&s->task->envelopes))) { 1393 1394 if (count && n == count) { 1395 stat_decrement("mta.envelope", n); 1396 return; 1397 } 1398 1399 TAILQ_REMOVE(&s->task->envelopes, e, entry); 1400 1401 /* we're about to log, associate session to envelope */ 1402 e->session = s->id; 1403 e->ext = s->ext; 1404 1405 /* XXX */ 1406 /* 1407 * getsockname() can only fail with ENOBUFS here 1408 * best effort, don't log source ... 1409 */ 1410 sa = (struct sockaddr *)&ss; 1411 sa_len = sizeof(ss); 1412 if (getsockname(s->io.sock, sa, &sa_len) < 0) 1413 mta_delivery_log(e, NULL, relay, delivery, error); 1414 else 1415 mta_delivery_log(e, sa_to_text(sa), 1416 relay, delivery, error); 1417 1418 mta_delivery_notify(e); 1419 1420 domain = strchr(e->dest, '@'); 1421 if (domain) { 1422 domain++; 1423 mta_hoststat_update(domain, error); 1424 if (cache) 1425 mta_hoststat_cache(domain, e->id); 1426 } 1427 1428 n++; 1429 } 1430 1431 free(s->task->sender); 1432 free(s->task); 1433 s->task = NULL; 1434 1435 if (s->datafp) { 1436 fclose(s->datafp); 1437 s->datafp = NULL; 1438 } 1439 1440 stat_decrement("mta.envelope", n); 1441 stat_decrement("mta.task.running", 1); 1442 stat_decrement("mta.task", 1); 1443 } 1444 1445 static void 1446 mta_error(struct mta_session *s, const char *fmt, ...) 1447 { 1448 va_list ap; 1449 char *error; 1450 int len; 1451 1452 va_start(ap, fmt); 1453 if ((len = vasprintf(&error, fmt, ap)) == -1) 1454 fatal("mta: vasprintf"); 1455 va_end(ap); 1456 1457 if (s->msgcount) 1458 log_info("smtp-out: Error on session %016"PRIx64 1459 " after %zu message%s sent: %s", s->id, s->msgcount, 1460 (s->msgcount > 1) ? "s" : "", error); 1461 else 1462 log_info("smtp-out: Error on session %016"PRIx64 ": %s", 1463 s->id, error); 1464 /* 1465 * If not connected yet, and the error is not local, just ignore it 1466 * and try to reconnect. 1467 */ 1468 if (s->state == MTA_INIT && 1469 (errno == ETIMEDOUT || errno == ECONNREFUSED)) { 1470 log_debug("debug: mta: not reporting route error yet"); 1471 free(error); 1472 return; 1473 } 1474 1475 mta_route_error(s->relay, s->route); 1476 1477 if (s->task) 1478 mta_flush_task(s, IMSG_MTA_DELIVERY_TEMPFAIL, error, 0, 0); 1479 1480 free(error); 1481 } 1482 1483 static void 1484 mta_start_tls(struct mta_session *s) 1485 { 1486 struct ca_cert_req_msg req_ca_cert; 1487 const char *certname; 1488 1489 if (s->relay->pki_name) 1490 certname = s->relay->pki_name; 1491 else 1492 certname = s->helo; 1493 1494 req_ca_cert.reqid = s->id; 1495 (void)strlcpy(req_ca_cert.name, certname, sizeof req_ca_cert.name); 1496 m_compose(p_lka, IMSG_MTA_SSL_INIT, 0, 0, -1, 1497 &req_ca_cert, sizeof(req_ca_cert)); 1498 tree_xset(&wait_ssl_init, s->id, s); 1499 s->flags |= MTA_WAIT; 1500 return; 1501 } 1502 1503 static int 1504 mta_verify_certificate(struct mta_session *s) 1505 { 1506 struct ca_vrfy_req_msg req_ca_vrfy; 1507 struct iovec iov[2]; 1508 X509 *x; 1509 STACK_OF(X509) *xchain; 1510 int i; 1511 const char *pkiname; 1512 1513 x = SSL_get_peer_certificate(s->io.ssl); 1514 if (x == NULL) 1515 return 0; 1516 xchain = SSL_get_peer_cert_chain(s->io.ssl); 1517 1518 /* 1519 * Client provided a certificate and possibly a certificate chain. 1520 * SMTP can't verify because it does not have the information that 1521 * it needs, instead it will pass the certificate and chain to the 1522 * lookup process and wait for a reply. 1523 * 1524 */ 1525 1526 tree_xset(&wait_ssl_verify, s->id, s); 1527 s->flags |= MTA_WAIT; 1528 1529 /* Send the client certificate */ 1530 memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy); 1531 if (s->relay->pki_name) 1532 pkiname = s->relay->pki_name; 1533 else 1534 pkiname = s->helo; 1535 if (strlcpy(req_ca_vrfy.pkiname, pkiname, sizeof req_ca_vrfy.pkiname) 1536 >= sizeof req_ca_vrfy.pkiname) 1537 return 0; 1538 1539 req_ca_vrfy.reqid = s->id; 1540 req_ca_vrfy.cert_len = i2d_X509(x, &req_ca_vrfy.cert); 1541 if (xchain) 1542 req_ca_vrfy.n_chain = sk_X509_num(xchain); 1543 iov[0].iov_base = &req_ca_vrfy; 1544 iov[0].iov_len = sizeof(req_ca_vrfy); 1545 iov[1].iov_base = req_ca_vrfy.cert; 1546 iov[1].iov_len = req_ca_vrfy.cert_len; 1547 m_composev(p_lka, IMSG_MTA_SSL_VERIFY_CERT, 0, 0, -1, 1548 iov, nitems(iov)); 1549 free(req_ca_vrfy.cert); 1550 X509_free(x); 1551 1552 if (xchain) { 1553 /* Send the chain, one cert at a time */ 1554 for (i = 0; i < sk_X509_num(xchain); ++i) { 1555 memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy); 1556 req_ca_vrfy.reqid = s->id; 1557 x = sk_X509_value(xchain, i); 1558 req_ca_vrfy.cert_len = i2d_X509(x, &req_ca_vrfy.cert); 1559 iov[0].iov_base = &req_ca_vrfy; 1560 iov[0].iov_len = sizeof(req_ca_vrfy); 1561 iov[1].iov_base = req_ca_vrfy.cert; 1562 iov[1].iov_len = req_ca_vrfy.cert_len; 1563 m_composev(p_lka, IMSG_MTA_SSL_VERIFY_CHAIN, 0, 0, -1, 1564 iov, nitems(iov)); 1565 free(req_ca_vrfy.cert); 1566 } 1567 } 1568 1569 /* Tell lookup process that it can start verifying, we're done */ 1570 memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy); 1571 req_ca_vrfy.reqid = s->id; 1572 m_compose(p_lka, IMSG_MTA_SSL_VERIFY, 0, 0, -1, 1573 &req_ca_vrfy, sizeof req_ca_vrfy); 1574 1575 return 1; 1576 } 1577 1578 static const char * 1579 dsn_strret(enum dsn_ret ret) 1580 { 1581 if (ret == DSN_RETHDRS) 1582 return "HDRS"; 1583 else if (ret == DSN_RETFULL) 1584 return "FULL"; 1585 else { 1586 log_debug("mta: invalid ret %d", ret); 1587 return "???"; 1588 } 1589 } 1590 1591 static const char * 1592 dsn_strnotify(uint8_t arg) 1593 { 1594 static char buf[32]; 1595 size_t sz; 1596 1597 buf[0] = '\0'; 1598 if (arg & DSN_SUCCESS) 1599 (void)strlcat(buf, "SUCCESS,", sizeof(buf)); 1600 1601 if (arg & DSN_FAILURE) 1602 (void)strlcat(buf, "FAILURE,", sizeof(buf)); 1603 1604 if (arg & DSN_DELAY) 1605 (void)strlcat(buf, "DELAY,", sizeof(buf)); 1606 1607 if (arg & DSN_NEVER) 1608 (void)strlcat(buf, "NEVER,", sizeof(buf)); 1609 1610 /* trim trailing comma */ 1611 sz = strlen(buf); 1612 if (sz) 1613 buf[sz - 1] = '\0'; 1614 1615 return (buf); 1616 } 1617 1618 #define CASE(x) case x : return #x 1619 1620 static const char * 1621 mta_strstate(int state) 1622 { 1623 switch (state) { 1624 CASE(MTA_INIT); 1625 CASE(MTA_BANNER); 1626 CASE(MTA_EHLO); 1627 CASE(MTA_HELO); 1628 CASE(MTA_STARTTLS); 1629 CASE(MTA_AUTH); 1630 CASE(MTA_AUTH_PLAIN); 1631 CASE(MTA_AUTH_LOGIN); 1632 CASE(MTA_AUTH_LOGIN_USER); 1633 CASE(MTA_AUTH_LOGIN_PASS); 1634 CASE(MTA_READY); 1635 CASE(MTA_MAIL); 1636 CASE(MTA_RCPT); 1637 CASE(MTA_DATA); 1638 CASE(MTA_BODY); 1639 CASE(MTA_EOM); 1640 CASE(MTA_LMTP_EOM); 1641 CASE(MTA_RSET); 1642 CASE(MTA_QUIT); 1643 default: 1644 return "MTA_???"; 1645 } 1646 } 1647