1 /* $OpenBSD: smtp_session.c,v 1.215 2014/07/09 12:44:54 eric Exp $ */ 2 3 /* 4 * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> 5 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> 6 * Copyright (c) 2008-2009 Jacek Masiulaniec <jacekm@dobremiasto.net> 7 * Copyright (c) 2012 Eric Faurot <eric@openbsd.org> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 #include <sys/types.h> 23 #include <sys/queue.h> 24 #include <sys/tree.h> 25 #include <sys/socket.h> 26 #include <sys/uio.h> 27 28 #include <netinet/in.h> 29 30 #include <ctype.h> 31 #include <errno.h> 32 #include <event.h> 33 #include <imsg.h> 34 #include <inttypes.h> 35 #include <openssl/ssl.h> 36 #include <resolv.h> 37 #include <stdio.h> 38 #include <stdlib.h> 39 #include <string.h> 40 #include <unistd.h> 41 #include <vis.h> 42 43 #include "smtpd.h" 44 #include "log.h" 45 #include "ssl.h" 46 47 #define SMTP_LIMIT_MAIL 100 48 #define SMTP_LIMIT_RCPT 1000 49 50 #define SMTP_KICK_CMD 5 51 #define SMTP_KICK_RCPTFAIL 50 52 53 enum smtp_phase { 54 PHASE_INIT = 0, 55 PHASE_SETUP, 56 PHASE_TRANSACTION 57 }; 58 59 enum smtp_state { 60 STATE_NEW = 0, 61 STATE_CONNECTED, 62 STATE_TLS, 63 STATE_HELO, 64 STATE_AUTH_INIT, 65 STATE_AUTH_USERNAME, 66 STATE_AUTH_PASSWORD, 67 STATE_AUTH_FINALIZE, 68 STATE_BODY, 69 STATE_QUIT, 70 }; 71 72 enum session_flags { 73 SF_EHLO = 0x0001, 74 SF_8BITMIME = 0x0002, 75 SF_SECURE = 0x0004, 76 SF_AUTHENTICATED = 0x0008, 77 SF_BOUNCE = 0x0010, 78 SF_KICK = 0x0020, 79 SF_VERIFIED = 0x0040, 80 SF_MFACONNSENT = 0x0080, 81 SF_BADINPUT = 0x0100, 82 }; 83 84 enum message_flags { 85 MF_QUEUE_ENVELOPE_FAIL = 0x0001, 86 MF_ERROR_SIZE = 0x1000, 87 MF_ERROR_IO = 0x2000, 88 MF_ERROR_LOOP = 0x4000, 89 }; 90 #define MF_ERROR (MF_ERROR_SIZE | MF_ERROR_IO | MF_ERROR_LOOP) 91 92 enum smtp_command { 93 CMD_HELO = 0, 94 CMD_EHLO, 95 CMD_STARTTLS, 96 CMD_AUTH, 97 CMD_MAIL_FROM, 98 CMD_RCPT_TO, 99 CMD_DATA, 100 CMD_RSET, 101 CMD_QUIT, 102 CMD_HELP, 103 CMD_WIZ, 104 CMD_NOOP, 105 }; 106 107 struct smtp_rcpt { 108 TAILQ_ENTRY(smtp_rcpt) entry; 109 struct mailaddr maddr; 110 size_t destcount; 111 }; 112 113 struct smtp_session { 114 uint64_t id; 115 struct iobuf iobuf; 116 struct io io; 117 struct listener *listener; 118 void *ssl_ctx; 119 struct sockaddr_storage ss; 120 char hostname[SMTPD_MAXHOSTNAMELEN]; 121 char smtpname[SMTPD_MAXHOSTNAMELEN]; 122 char sni[SMTPD_MAXHOSTNAMELEN]; 123 124 int flags; 125 int phase; 126 enum smtp_state state; 127 128 char helo[SMTPD_MAXLINESIZE]; 129 char cmd[SMTPD_MAXLINESIZE]; 130 char username[SMTPD_MAXLOGNAME]; 131 132 struct envelope evp; 133 134 size_t kickcount; 135 size_t mailcount; 136 137 int msgflags; 138 int msgcode; 139 size_t rcptcount; 140 size_t destcount; 141 size_t rcptfail; 142 TAILQ_HEAD(, smtp_rcpt) rcpts; 143 144 size_t datalen; 145 FILE *ofile; 146 int hdrdone; 147 int rcvcount; 148 149 struct event pause; 150 }; 151 152 #define ADVERTISE_TLS(s) \ 153 ((s)->listener->flags & F_STARTTLS && !((s)->flags & SF_SECURE)) 154 155 #define ADVERTISE_AUTH(s) \ 156 ((s)->listener->flags & F_AUTH && (s)->flags & SF_SECURE && \ 157 !((s)->flags & SF_AUTHENTICATED)) 158 159 #define ADVERTISE_EXT_DSN(s) \ 160 ((s)->listener->flags & F_EXT_DSN) 161 162 static int smtp_mailaddr(struct mailaddr *, char *, int, char **, const char *); 163 static void smtp_session_init(void); 164 static int smtp_lookup_servername(struct smtp_session *); 165 static void smtp_connected(struct smtp_session *); 166 static void smtp_send_banner(struct smtp_session *); 167 static void smtp_mfa_response(struct smtp_session *, int, int, uint32_t, 168 const char *); 169 static void smtp_io(struct io *, int); 170 static void smtp_enter_state(struct smtp_session *, int); 171 static void smtp_reply(struct smtp_session *, char *, ...); 172 static void smtp_command(struct smtp_session *, char *); 173 static int smtp_parse_mail_args(struct smtp_session *, char *); 174 static int smtp_parse_rcpt_args(struct smtp_session *, char *); 175 static void smtp_rfc4954_auth_plain(struct smtp_session *, char *); 176 static void smtp_rfc4954_auth_login(struct smtp_session *, char *); 177 static void smtp_message_write(struct smtp_session *, const char *); 178 static void smtp_message_end(struct smtp_session *); 179 static void smtp_message_reset(struct smtp_session *, int); 180 static void smtp_free(struct smtp_session *, const char *); 181 static const char *smtp_strstate(int); 182 static int smtp_verify_certificate(struct smtp_session *); 183 static uint8_t dsn_notify_str_to_uint8(const char *); 184 static void smtp_auth_failure_pause(struct smtp_session *); 185 static void smtp_auth_failure_resume(int, short, void *); 186 static int smtp_sni_callback(SSL *, int *, void *); 187 188 static void smtp_filter_connect(struct smtp_session *, struct sockaddr *); 189 static void smtp_filter_rset(struct smtp_session *); 190 static void smtp_filter_disconnect(struct smtp_session *); 191 static void smtp_filter_commit(struct smtp_session *); 192 static void smtp_filter_rollback(struct smtp_session *); 193 static void smtp_filter_eom(struct smtp_session *); 194 static void smtp_filter_helo(struct smtp_session *); 195 static void smtp_filter_mail(struct smtp_session *s); 196 static void smtp_filter_rcpt(struct smtp_session *s); 197 static void smtp_filter_data(struct smtp_session *s); 198 199 static struct { int code; const char *cmd; } commands[] = { 200 { CMD_HELO, "HELO" }, 201 { CMD_EHLO, "EHLO" }, 202 { CMD_STARTTLS, "STARTTLS" }, 203 { CMD_AUTH, "AUTH" }, 204 { CMD_MAIL_FROM, "MAIL FROM" }, 205 { CMD_RCPT_TO, "RCPT TO" }, 206 { CMD_DATA, "DATA" }, 207 { CMD_RSET, "RSET" }, 208 { CMD_QUIT, "QUIT" }, 209 { CMD_HELP, "HELP" }, 210 { CMD_WIZ, "WIZ" }, 211 { CMD_NOOP, "NOOP" }, 212 { -1, NULL }, 213 }; 214 215 static struct tree wait_lka_ptr; 216 static struct tree wait_lka_helo; 217 static struct tree wait_lka_rcpt; 218 static struct tree wait_mfa_data; 219 static struct tree wait_parent_auth; 220 static struct tree wait_queue_msg; 221 static struct tree wait_queue_fd; 222 static struct tree wait_queue_commit; 223 static struct tree wait_ssl_init; 224 static struct tree wait_ssl_verify; 225 226 static void 227 smtp_session_init(void) 228 { 229 static int init = 0; 230 231 if (!init) { 232 tree_init(&wait_lka_ptr); 233 tree_init(&wait_lka_helo); 234 tree_init(&wait_lka_rcpt); 235 tree_init(&wait_mfa_data); 236 tree_init(&wait_parent_auth); 237 tree_init(&wait_queue_msg); 238 tree_init(&wait_queue_fd); 239 tree_init(&wait_queue_commit); 240 tree_init(&wait_ssl_init); 241 tree_init(&wait_ssl_verify); 242 init = 1; 243 } 244 } 245 246 int 247 smtp_session(struct listener *listener, int sock, 248 const struct sockaddr_storage *ss, const char *hostname) 249 { 250 struct smtp_session *s; 251 252 log_debug("debug: smtp: new client on listener: %p", listener); 253 254 smtp_session_init(); 255 256 if ((s = calloc(1, sizeof(*s))) == NULL) 257 return (-1); 258 if (iobuf_init(&s->iobuf, SMTPD_MAXLINESIZE, SMTPD_MAXLINESIZE) == -1) { 259 free(s); 260 return (-1); 261 } 262 TAILQ_INIT(&s->rcpts); 263 264 s->id = generate_uid(); 265 s->listener = listener; 266 memmove(&s->ss, ss, sizeof(*ss)); 267 io_init(&s->io, sock, s, smtp_io, &s->iobuf); 268 io_set_timeout(&s->io, SMTPD_SESSION_TIMEOUT * 1000); 269 io_set_write(&s->io); 270 271 s->state = STATE_NEW; 272 s->phase = PHASE_INIT; 273 274 (void)strlcpy(s->smtpname, listener->hostname, sizeof(s->smtpname)); 275 276 /* For local enqueueing, the hostname is already set */ 277 if (hostname) { 278 s->flags |= SF_AUTHENTICATED; 279 /* A bit of a hack */ 280 if (!strcmp(hostname, "localhost")) 281 s->flags |= SF_BOUNCE; 282 (void)strlcpy(s->hostname, hostname, sizeof(s->hostname)); 283 if (smtp_lookup_servername(s)) 284 smtp_connected(s); 285 } else { 286 m_create(p_lka, IMSG_SMTP_DNS_PTR, 0, 0, -1); 287 m_add_id(p_lka, s->id); 288 m_add_sockaddr(p_lka, (struct sockaddr *)&s->ss); 289 m_close(p_lka); 290 tree_xset(&wait_lka_ptr, s->id, s); 291 } 292 293 return (0); 294 } 295 296 void 297 smtp_session_imsg(struct mproc *p, struct imsg *imsg) 298 { 299 struct ca_cert_resp_msg *resp_ca_cert; 300 struct ca_vrfy_resp_msg *resp_ca_vrfy; 301 struct smtp_session *s; 302 struct smtp_rcpt *rcpt; 303 void *ssl; 304 char *pkiname; 305 char user[SMTPD_MAXLOGNAME]; 306 struct msg m; 307 const char *line, *helo; 308 uint64_t reqid, evpid; 309 uint32_t msgid; 310 int status, success, dnserror; 311 X509 *x; 312 void *ssl_ctx; 313 314 switch (imsg->hdr.type) { 315 case IMSG_SMTP_DNS_PTR: 316 m_msg(&m, imsg); 317 m_get_id(&m, &reqid); 318 m_get_int(&m, &dnserror); 319 if (dnserror) 320 line = "<unknown>"; 321 else 322 m_get_string(&m, &line); 323 m_end(&m); 324 s = tree_xpop(&wait_lka_ptr, reqid); 325 (void)strlcpy(s->hostname, line, sizeof s->hostname); 326 if (smtp_lookup_servername(s)) 327 smtp_connected(s); 328 return; 329 330 case IMSG_SMTP_EXPAND_RCPT: 331 m_msg(&m, imsg); 332 m_get_id(&m, &reqid); 333 m_get_int(&m, &status); 334 m_get_string(&m, &line); 335 m_end(&m); 336 s = tree_xpop(&wait_lka_rcpt, reqid); 337 switch (status) { 338 case LKA_OK: 339 fatalx("unexpected ok"); 340 case LKA_PERMFAIL: 341 smtp_reply(s, "%s", line); 342 s->rcptfail += 1; 343 if (s->rcptfail >= SMTP_KICK_RCPTFAIL) { 344 log_info("smtp-in: Ending session %016"PRIx64 345 ": too many failed RCPT", s->id); 346 smtp_enter_state(s, STATE_QUIT); 347 } 348 break; 349 case LKA_TEMPFAIL: 350 smtp_reply(s, "%s", line); 351 } 352 io_reload(&s->io); 353 return; 354 355 case IMSG_SMTP_LOOKUP_HELO: 356 m_msg(&m, imsg); 357 m_get_id(&m, &reqid); 358 s = tree_xpop(&wait_lka_helo, reqid); 359 m_get_int(&m, &status); 360 if (status == LKA_OK) { 361 m_get_string(&m, &helo); 362 (void)strlcpy(s->smtpname, helo, sizeof(s->smtpname)); 363 } 364 m_end(&m); 365 smtp_connected(s); 366 return; 367 368 case IMSG_SMTP_MESSAGE_CREATE: 369 m_msg(&m, imsg); 370 m_get_id(&m, &reqid); 371 m_get_int(&m, &success); 372 s = tree_xpop(&wait_queue_msg, reqid); 373 if (success) { 374 m_get_msgid(&m, &msgid); 375 s->evp.id = msgid_to_evpid(msgid); 376 s->rcptcount = 0; 377 s->phase = PHASE_TRANSACTION; 378 smtp_reply(s, "250 %s: Ok", 379 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); 380 } else { 381 smtp_reply(s, "421 %s: Temporary Error", 382 esc_code(ESC_STATUS_TEMPFAIL, ESC_OTHER_MAIL_SYSTEM_STATUS)); 383 smtp_enter_state(s, STATE_QUIT); 384 } 385 m_end(&m); 386 io_reload(&s->io); 387 return; 388 389 case IMSG_SMTP_MESSAGE_OPEN: 390 m_msg(&m, imsg); 391 m_get_id(&m, &reqid); 392 m_get_int(&m, &success); 393 m_end(&m); 394 395 s = tree_xpop(&wait_queue_fd, reqid); 396 if (!success || imsg->fd == -1 || 397 (s->ofile = fdopen(imsg->fd, "w")) == NULL) { 398 if (imsg->fd != -1) 399 close(imsg->fd); 400 smtp_reply(s, "421 %s: Temporary Error", 401 esc_code(ESC_STATUS_TEMPFAIL, ESC_OTHER_MAIL_SYSTEM_STATUS)); 402 smtp_enter_state(s, STATE_QUIT); 403 io_reload(&s->io); 404 return; 405 } 406 407 fprintf(s->ofile, "Received: "); 408 if (! (s->listener->flags & F_MASK_SOURCE)) { 409 fprintf(s->ofile, "from %s (%s [%s]);\n\t", 410 s->evp.helo, 411 s->hostname, 412 ss_to_text(&s->ss)); 413 } 414 fprintf(s->ofile, "by %s (%s) with %sSMTP%s%s id %08x;\n", 415 s->smtpname, 416 SMTPD_NAME, 417 s->flags & SF_EHLO ? "E" : "", 418 s->flags & SF_SECURE ? "S" : "", 419 s->flags & SF_AUTHENTICATED ? "A" : "", 420 evpid_to_msgid(s->evp.id)); 421 422 if (s->flags & SF_SECURE) { 423 x = SSL_get_peer_certificate(s->io.ssl); 424 fprintf(s->ofile, 425 "\tTLS version=%s cipher=%s bits=%d verify=%s;\n", 426 SSL_get_cipher_version(s->io.ssl), 427 SSL_get_cipher_name(s->io.ssl), 428 SSL_get_cipher_bits(s->io.ssl, NULL), 429 (s->flags & SF_VERIFIED) ? "YES" : (x ? "FAIL" : "NO")); 430 if (x) 431 X509_free(x); 432 } 433 434 if (s->rcptcount == 1) { 435 fprintf(s->ofile, "\tfor <%s@%s>;\n", 436 s->evp.rcpt.user, 437 s->evp.rcpt.domain); 438 } 439 440 fprintf(s->ofile, "\t%s\n", time_to_text(time(NULL))); 441 442 smtp_enter_state(s, STATE_BODY); 443 smtp_reply(s, "354 Enter mail, end with \".\"" 444 " on a line by itself"); 445 446 tree_xset(&wait_mfa_data, s->id, s); 447 io_reload(&s->io); 448 return; 449 450 case IMSG_QUEUE_ENVELOPE_SUBMIT: 451 m_msg(&m, imsg); 452 m_get_id(&m, &reqid); 453 m_get_int(&m, &success); 454 s = tree_xget(&wait_lka_rcpt, reqid); 455 if (success) { 456 m_get_evpid(&m, &evpid); 457 s->destcount++; 458 } 459 else 460 s->msgflags |= MF_QUEUE_ENVELOPE_FAIL; 461 m_end(&m); 462 return; 463 464 case IMSG_QUEUE_ENVELOPE_COMMIT: 465 m_msg(&m, imsg); 466 m_get_id(&m, &reqid); 467 m_get_int(&m, &success); 468 m_end(&m); 469 if (!success) 470 fatalx("commit evp failed: not supposed to happen"); 471 s = tree_xpop(&wait_lka_rcpt, reqid); 472 if (s->msgflags & MF_QUEUE_ENVELOPE_FAIL) { 473 /* 474 * If an envelope failed, we can't cancel the last 475 * RCPT only so we must cancel the whole transaction 476 * and close the connection. 477 */ 478 smtp_reply(s, "421 %s: Temporary failure", 479 esc_code(ESC_STATUS_TEMPFAIL, ESC_OTHER_MAIL_SYSTEM_STATUS)); 480 smtp_enter_state(s, STATE_QUIT); 481 } 482 else { 483 rcpt = xcalloc(1, sizeof(*rcpt), "smtp_rcpt"); 484 rcpt->destcount = s->destcount; 485 rcpt->maddr = s->evp.rcpt; 486 TAILQ_INSERT_TAIL(&s->rcpts, rcpt, entry); 487 488 s->destcount = 0; 489 s->rcptcount++; 490 s->kickcount--; 491 smtp_reply(s, "250 %s %s: Recipient ok", 492 esc_code(ESC_STATUS_OK, ESC_DESTINATION_ADDRESS_VALID), 493 esc_description(ESC_DESTINATION_ADDRESS_VALID)); 494 } 495 io_reload(&s->io); 496 return; 497 498 case IMSG_SMTP_MESSAGE_COMMIT: 499 m_msg(&m, imsg); 500 m_get_id(&m, &reqid); 501 m_get_int(&m, &success); 502 m_end(&m); 503 s = tree_xpop(&wait_queue_commit, reqid); 504 if (!success) { 505 smtp_filter_rollback(s); 506 smtp_reply(s, "421 %s: Temporary failure", 507 esc_code(ESC_STATUS_TEMPFAIL, ESC_OTHER_MAIL_SYSTEM_STATUS)); 508 smtp_enter_state(s, STATE_QUIT); 509 io_reload(&s->io); 510 return; 511 } 512 513 smtp_filter_commit(s); 514 smtp_reply(s, "250 %s: %08x Message accepted for delivery", 515 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS), 516 evpid_to_msgid(s->evp.id)); 517 518 TAILQ_FOREACH(rcpt, &s->rcpts, entry) { 519 log_info("smtp-in: Accepted message %08x " 520 "on session %016"PRIx64 521 ": from=<%s%s%s>, to=<%s%s%s>, size=%zu, ndest=%zu, proto=%s", 522 evpid_to_msgid(s->evp.id), 523 s->id, 524 s->evp.sender.user, 525 s->evp.sender.user[0] == '\0' ? "" : "@", 526 s->evp.sender.domain, 527 rcpt->maddr.user, 528 rcpt->maddr.user[0] == '\0' ? "" : "@", 529 rcpt->maddr.domain, 530 s->datalen, 531 rcpt->destcount, 532 s->flags & SF_EHLO ? "ESMTP" : "SMTP"); 533 } 534 535 s->mailcount++; 536 s->kickcount = 0; 537 s->phase = PHASE_SETUP; 538 smtp_message_reset(s, 0); 539 smtp_enter_state(s, STATE_HELO); 540 io_reload(&s->io); 541 return; 542 543 case IMSG_SMTP_AUTHENTICATE: 544 m_msg(&m, imsg); 545 m_get_id(&m, &reqid); 546 m_get_int(&m, &success); 547 m_end(&m); 548 549 s = tree_xpop(&wait_parent_auth, reqid); 550 strnvis(user, s->username, sizeof user, VIS_WHITE | VIS_SAFE); 551 if (success == LKA_OK) { 552 log_info("smtp-in: Accepted authentication for user %s " 553 "on session %016"PRIx64, user, s->id); 554 s->kickcount = 0; 555 s->flags |= SF_AUTHENTICATED; 556 smtp_reply(s, "235 %s: Authentication succeeded", 557 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); 558 } 559 else if (success == LKA_PERMFAIL) { 560 log_info("smtp-in: Authentication failed for user %s " 561 "on session %016"PRIx64, user, s->id); 562 smtp_auth_failure_pause(s); 563 return; 564 } 565 else if (success == LKA_TEMPFAIL) { 566 log_info("smtp-in: Authentication temporarily failed " 567 "for user %s on session %016"PRIx64, user, s->id); 568 smtp_reply(s, "421 %s: Temporary failure", 569 esc_code(ESC_STATUS_TEMPFAIL, ESC_OTHER_MAIL_SYSTEM_STATUS)); 570 } 571 else 572 fatalx("bad lka response"); 573 574 smtp_enter_state(s, STATE_HELO); 575 io_reload(&s->io); 576 return; 577 578 case IMSG_SMTP_SSL_INIT: 579 resp_ca_cert = imsg->data; 580 s = tree_xpop(&wait_ssl_init, resp_ca_cert->reqid); 581 582 if (resp_ca_cert->status == CA_FAIL) { 583 log_info("smtp-in: Disconnecting session %016" PRIx64 584 ": CA failure", s->id); 585 smtp_free(s, "CA failure"); 586 return; 587 } 588 589 resp_ca_cert = xmemdup(imsg->data, sizeof *resp_ca_cert, "smtp:ca_cert"); 590 if (resp_ca_cert == NULL) 591 fatal(NULL); 592 resp_ca_cert->cert = xstrdup((char *)imsg->data + 593 sizeof *resp_ca_cert, "smtp:ca_cert"); 594 if (s->listener->pki_name[0]) 595 pkiname = s->listener->pki_name; 596 else 597 pkiname = s->smtpname; 598 ssl_ctx = dict_get(env->sc_ssl_dict, pkiname); 599 600 ssl = ssl_smtp_init(ssl_ctx, smtp_sni_callback, s); 601 io_set_read(&s->io); 602 io_start_tls(&s->io, ssl); 603 604 explicit_bzero(resp_ca_cert->cert, resp_ca_cert->cert_len); 605 free(resp_ca_cert->cert); 606 free(resp_ca_cert); 607 return; 608 609 case IMSG_SMTP_SSL_VERIFY: 610 resp_ca_vrfy = imsg->data; 611 s = tree_xpop(&wait_ssl_verify, resp_ca_vrfy->reqid); 612 613 if (resp_ca_vrfy->status == CA_OK) 614 s->flags |= SF_VERIFIED; 615 else if (s->listener->flags & F_TLS_VERIFY) { 616 log_info("smtp-in: Disconnecting session %016" PRIx64 617 ": SSL certificate check failed", s->id); 618 smtp_free(s, "SSL certificate check failed"); 619 return; 620 } 621 smtp_io(&s->io, IO_TLSVERIFIED); 622 io_resume(&s->io, IO_PAUSE_IN); 623 return; 624 } 625 626 log_warnx("smtp_session_imsg: unexpected %s imsg", 627 imsg_to_str(imsg->hdr.type)); 628 fatalx(NULL); 629 } 630 631 static void 632 smtp_mfa_response(struct smtp_session *s, int msg, int status, uint32_t code, 633 const char *line) 634 { 635 struct ca_cert_req_msg req_ca_cert; 636 637 if (status == FILTER_CLOSE) { 638 code = code ? code : 421; 639 line = line ? line : "Temporary failure"; 640 smtp_reply(s, "%d %s", code, line); 641 smtp_enter_state(s, STATE_QUIT); 642 io_reload(&s->io); 643 return; 644 } 645 646 switch (msg) { 647 648 case IMSG_SMTP_REQ_CONNECT: 649 if (status != FILTER_OK) { 650 log_info("smtp-in: Disconnecting session %016" PRIx64 651 ": rejected by filter", s->id); 652 smtp_free(s, "rejected by filter"); 653 return; 654 } 655 656 if (s->listener->flags & F_SMTPS) { 657 req_ca_cert.reqid = s->id; 658 if (s->listener->pki_name[0]) 659 (void)strlcpy(req_ca_cert.name, s->listener->pki_name, 660 sizeof req_ca_cert.name); 661 else 662 (void)strlcpy(req_ca_cert.name, s->smtpname, 663 sizeof req_ca_cert.name); 664 m_compose(p_lka, IMSG_SMTP_SSL_INIT, 0, 0, -1, 665 &req_ca_cert, sizeof(req_ca_cert)); 666 tree_xset(&wait_ssl_init, s->id, s); 667 return; 668 } 669 smtp_send_banner(s); 670 return; 671 672 case IMSG_SMTP_REQ_HELO: 673 if (status != FILTER_OK) { 674 code = code ? code : 530; 675 line = line ? line : "Hello rejected"; 676 smtp_reply(s, "%d %s", code, line); 677 io_reload(&s->io); 678 return; 679 } 680 681 smtp_enter_state(s, STATE_HELO); 682 smtp_reply(s, "250%c%s Hello %s [%s], pleased to meet you", 683 (s->flags & SF_EHLO) ? '-' : ' ', 684 s->smtpname, 685 s->evp.helo, 686 ss_to_text(&s->ss)); 687 688 if (s->flags & SF_EHLO) { 689 smtp_reply(s, "250-8BITMIME"); 690 smtp_reply(s, "250-ENHANCEDSTATUSCODES"); 691 smtp_reply(s, "250-SIZE %zu", env->sc_maxsize); 692 if (ADVERTISE_EXT_DSN(s)) 693 smtp_reply(s, "250-DSN"); 694 if (ADVERTISE_TLS(s)) 695 smtp_reply(s, "250-STARTTLS"); 696 if (ADVERTISE_AUTH(s)) 697 smtp_reply(s, "250-AUTH PLAIN LOGIN"); 698 smtp_reply(s, "250 HELP"); 699 } 700 s->kickcount = 0; 701 s->phase = PHASE_SETUP; 702 io_reload(&s->io); 703 return; 704 705 case IMSG_SMTP_REQ_MAIL: 706 if (status != FILTER_OK) { 707 code = code ? code : 530; 708 line = line ? line : "Sender rejected"; 709 smtp_reply(s, "%d %s", code, line); 710 io_reload(&s->io); 711 return; 712 } 713 714 m_create(p_queue, IMSG_SMTP_MESSAGE_CREATE, 0, 0, -1); 715 m_add_id(p_queue, s->id); 716 m_close(p_queue); 717 tree_xset(&wait_queue_msg, s->id, s); 718 return; 719 720 case IMSG_SMTP_REQ_RCPT: 721 if (status != FILTER_OK) { 722 code = code ? code : 530; 723 line = line ? line : "Recipient rejected"; 724 smtp_reply(s, "%d %s", code, line); 725 726 s->rcptfail += 1; 727 if (s->rcptfail >= SMTP_KICK_RCPTFAIL) { 728 log_info("smtp-in: Ending session %016" PRIx64 729 ": too many failed RCPT", s->id); 730 smtp_enter_state(s, STATE_QUIT); 731 } 732 io_reload(&s->io); 733 return; 734 } 735 736 m_create(p_lka, IMSG_SMTP_EXPAND_RCPT, 0, 0, -1); 737 m_add_id(p_lka, s->id); 738 m_add_envelope(p_lka, &s->evp); 739 m_close(p_lka); 740 tree_xset(&wait_lka_rcpt, s->id, s); 741 return; 742 743 case IMSG_SMTP_REQ_DATA: 744 if (status != FILTER_OK) { 745 code = code ? code : 530; 746 line = line ? line : "Message rejected"; 747 smtp_reply(s, "%d %s", code, line); 748 io_reload(&s->io); 749 return; 750 } 751 m_create(p_queue, IMSG_SMTP_MESSAGE_OPEN, 0, 0, -1); 752 m_add_id(p_queue, s->id); 753 m_add_msgid(p_queue, evpid_to_msgid(s->evp.id)); 754 m_close(p_queue); 755 tree_xset(&wait_queue_fd, s->id, s); 756 return; 757 758 case IMSG_SMTP_REQ_EOM: 759 if (status != FILTER_OK) { 760 code = code ? code : 530; 761 line = line ? line : "Message rejected"; 762 smtp_reply(s, "%d %s", code, line); 763 io_reload(&s->io); 764 return; 765 } 766 smtp_message_end(s); 767 return; 768 769 default: 770 fatal("bad mfa_imsg"); 771 } 772 } 773 774 static void 775 smtp_io(struct io *io, int evt) 776 { 777 struct ca_cert_req_msg req_ca_cert; 778 struct smtp_session *s = io->arg; 779 char *line; 780 size_t len, i; 781 X509 *x; 782 783 log_trace(TRACE_IO, "smtp: %p: %s %s", s, io_strevent(evt), 784 io_strio(io)); 785 786 switch (evt) { 787 788 case IO_TLSREADY: 789 log_info("smtp-in: Started TLS on session %016"PRIx64": %s", 790 s->id, ssl_to_text(s->io.ssl)); 791 792 s->flags |= SF_SECURE; 793 s->kickcount = 0; 794 s->phase = PHASE_INIT; 795 796 if (smtp_verify_certificate(s)) { 797 io_pause(&s->io, IO_PAUSE_IN); 798 break; 799 } 800 801 if (s->listener->flags & F_TLS_VERIFY) { 802 log_info("smtp-in: Disconnecting session %016" PRIx64 803 ": client did not present certificate", s->id); 804 smtp_free(s, "client did not present certificate"); 805 return; 806 } 807 808 /* No verification required, cascade */ 809 810 case IO_TLSVERIFIED: 811 x = SSL_get_peer_certificate(s->io.ssl); 812 if (x) { 813 log_info("smtp-in: Client certificate verification %s " 814 "on session %016"PRIx64, 815 (s->flags & SF_VERIFIED) ? "succeeded" : "failed", 816 s->id); 817 X509_free(x); 818 } 819 820 if (s->listener->flags & F_SMTPS) { 821 stat_increment("smtp.smtps", 1); 822 io_set_write(&s->io); 823 smtp_send_banner(s); 824 } 825 else { 826 stat_increment("smtp.tls", 1); 827 smtp_enter_state(s, STATE_HELO); 828 } 829 break; 830 831 case IO_DATAIN: 832 nextline: 833 line = iobuf_getline(&s->iobuf, &len); 834 if ((line == NULL && iobuf_len(&s->iobuf) >= SMTPD_MAXLINESIZE) || 835 (line && len >= SMTPD_MAXLINESIZE)) { 836 s->flags |= SF_BADINPUT; 837 smtp_reply(s, "500 %s: Line too long", 838 esc_code(ESC_STATUS_PERMFAIL, ESC_OTHER_STATUS)); 839 smtp_enter_state(s, STATE_QUIT); 840 io_set_write(io); 841 return; 842 } 843 844 /* No complete line received */ 845 if (line == NULL) { 846 iobuf_normalize(&s->iobuf); 847 return; 848 } 849 850 /* Message body */ 851 if (s->state == STATE_BODY && strcmp(line, ".")) { 852 853 if (line[0] == '.') { 854 line += 1; 855 len -= 1; 856 } 857 858 if (!(s->flags & SF_8BITMIME)) 859 for (i = 0; i < len; ++i) 860 if (line[i] & 0x80) 861 line[i] = line[i] & 0x7f; 862 863 smtp_message_write(s, line); 864 goto nextline; 865 } 866 867 /* Pipelining not supported */ 868 if (iobuf_len(&s->iobuf)) { 869 s->flags |= SF_BADINPUT; 870 smtp_reply(s, "500 %s %s: Pipelining not supported", 871 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 872 esc_description(ESC_INVALID_COMMAND)); 873 smtp_enter_state(s, STATE_QUIT); 874 io_set_write(io); 875 return; 876 } 877 878 /* End of body */ 879 if (s->state == STATE_BODY) { 880 iobuf_normalize(&s->iobuf); 881 io_set_write(io); 882 883 smtp_filter_eom(s); 884 return; 885 } 886 887 /* Must be a command */ 888 (void)strlcpy(s->cmd, line, sizeof s->cmd); 889 io_set_write(io); 890 smtp_command(s, line); 891 iobuf_normalize(&s->iobuf); 892 if (s->flags & SF_KICK) 893 smtp_free(s, "kick"); 894 break; 895 896 case IO_LOWAT: 897 if (s->state == STATE_QUIT) { 898 log_info("smtp-in: Closing session %016" PRIx64, s->id); 899 smtp_free(s, "done"); 900 break; 901 } 902 903 /* Wait for the client to start tls */ 904 if (s->state == STATE_TLS) { 905 req_ca_cert.reqid = s->id; 906 if (s->listener->pki_name[0]) 907 (void)strlcpy(req_ca_cert.name, s->listener->pki_name, 908 sizeof req_ca_cert.name); 909 else 910 (void)strlcpy(req_ca_cert.name, s->smtpname, 911 sizeof req_ca_cert.name); 912 m_compose(p_lka, IMSG_SMTP_SSL_INIT, 0, 0, -1, 913 &req_ca_cert, sizeof(req_ca_cert)); 914 tree_xset(&wait_ssl_init, s->id, s); 915 break; 916 } 917 918 io_set_read(io); 919 break; 920 921 case IO_TIMEOUT: 922 log_info("smtp-in: Disconnecting session %016"PRIx64": " 923 "session timeout", s->id); 924 smtp_free(s, "timeout"); 925 break; 926 927 case IO_DISCONNECTED: 928 log_info("smtp-in: Received disconnect from session %016"PRIx64, 929 s->id); 930 smtp_free(s, "disconnected"); 931 break; 932 933 case IO_ERROR: 934 log_info("smtp-in: Disconnecting session %016"PRIx64": " 935 "IO error: %s", s->id, io->error); 936 smtp_free(s, "IO error"); 937 break; 938 939 default: 940 fatalx("smtp_io()"); 941 } 942 } 943 944 static void 945 smtp_command(struct smtp_session *s, char *line) 946 { 947 char *args, *eom, *method; 948 int cmd, i; 949 950 log_trace(TRACE_SMTP, "smtp: %p: <<< %s", s, line); 951 952 if (++s->kickcount >= SMTP_KICK_CMD) { 953 log_info("smtp-in: Disconnecting session %016" PRIx64 954 ": session not moving forward", s->id); 955 s->flags |= SF_KICK; 956 stat_increment("smtp.kick", 1); 957 return; 958 } 959 960 /* 961 * These states are special. 962 */ 963 if (s->state == STATE_AUTH_INIT) { 964 smtp_rfc4954_auth_plain(s, line); 965 return; 966 } 967 if (s->state == STATE_AUTH_USERNAME || s->state == STATE_AUTH_PASSWORD) { 968 smtp_rfc4954_auth_login(s, line); 969 return; 970 } 971 972 /* 973 * Unlike other commands, "mail from" and "rcpt to" contain a 974 * space in the command name. 975 */ 976 if (strncasecmp("mail from:", line, 10) == 0 || 977 strncasecmp("rcpt to:", line, 8) == 0) 978 args = strchr(line, ':'); 979 else 980 args = strchr(line, ' '); 981 982 if (args) { 983 *args++ = '\0'; 984 while (isspace((unsigned char)*args)) 985 args++; 986 } 987 988 cmd = -1; 989 for (i = 0; commands[i].code != -1; i++) 990 if (!strcasecmp(line, commands[i].cmd)) { 991 cmd = commands[i].code; 992 break; 993 } 994 995 switch (cmd) { 996 /* 997 * INIT 998 */ 999 case CMD_HELO: 1000 case CMD_EHLO: 1001 if (s->phase != PHASE_INIT) { 1002 smtp_reply(s, "503 %s %s: Already identified", 1003 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1004 esc_description(ESC_INVALID_COMMAND)); 1005 break; 1006 } 1007 1008 if (args == NULL) { 1009 smtp_reply(s, "501 %s %s: %s requires domain name", 1010 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1011 esc_description(ESC_INVALID_COMMAND), 1012 (cmd == CMD_HELO) ? "HELO" : "EHLO"); 1013 1014 break; 1015 } 1016 1017 if (!valid_domainpart(args)) { 1018 smtp_reply(s, "501 %s %s: Invalid domain name", 1019 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND_ARGUMENTS), 1020 esc_description(ESC_INVALID_COMMAND_ARGUMENTS)); 1021 break; 1022 } 1023 (void)strlcpy(s->helo, args, sizeof(s->helo)); 1024 s->flags &= SF_SECURE | SF_AUTHENTICATED | SF_VERIFIED; 1025 if (cmd == CMD_EHLO) { 1026 s->flags |= SF_EHLO; 1027 s->flags |= SF_8BITMIME; 1028 } 1029 1030 smtp_message_reset(s, 1); 1031 1032 smtp_filter_helo(s); 1033 break; 1034 /* 1035 * SETUP 1036 */ 1037 case CMD_STARTTLS: 1038 if (s->phase != PHASE_SETUP) { 1039 smtp_reply(s, "503 %s %s: Command not allowed at this point.", 1040 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1041 esc_description(ESC_INVALID_COMMAND)); 1042 break; 1043 } 1044 1045 if (!(s->listener->flags & F_STARTTLS)) { 1046 smtp_reply(s, "503 %s %s: Command not supported", 1047 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1048 esc_description(ESC_INVALID_COMMAND)); 1049 break; 1050 } 1051 1052 if (s->flags & SF_SECURE) { 1053 smtp_reply(s, "503 %s %s: Channel already secured", 1054 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1055 esc_description(ESC_INVALID_COMMAND)); 1056 break; 1057 } 1058 if (args != NULL) { 1059 smtp_reply(s, "501 %s %s: No parameters allowed", 1060 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND_ARGUMENTS), 1061 esc_description(ESC_INVALID_COMMAND_ARGUMENTS)); 1062 break; 1063 } 1064 smtp_reply(s, "220 %s: Ready to start TLS", 1065 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); 1066 smtp_enter_state(s, STATE_TLS); 1067 break; 1068 1069 case CMD_AUTH: 1070 if (s->phase != PHASE_SETUP) { 1071 smtp_reply(s, "503 %s %s: Command not allowed at this point.", 1072 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1073 esc_description(ESC_INVALID_COMMAND)); 1074 break; 1075 } 1076 1077 if (s->flags & SF_AUTHENTICATED) { 1078 smtp_reply(s, "503 %s %s: Already authenticated", 1079 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1080 esc_description(ESC_INVALID_COMMAND)); 1081 break; 1082 } 1083 1084 if (!ADVERTISE_AUTH(s)) { 1085 smtp_reply(s, "503 %s %s: Command not supported", 1086 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1087 esc_description(ESC_INVALID_COMMAND)); 1088 break; 1089 } 1090 1091 if (args == NULL) { 1092 smtp_reply(s, "501 %s %s: No parameters given", 1093 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND_ARGUMENTS), 1094 esc_description(ESC_INVALID_COMMAND_ARGUMENTS)); 1095 break; 1096 } 1097 1098 method = args; 1099 eom = strchr(args, ' '); 1100 if (eom == NULL) 1101 eom = strchr(args, '\t'); 1102 if (eom != NULL) 1103 *eom++ = '\0'; 1104 if (strcasecmp(method, "PLAIN") == 0) 1105 smtp_rfc4954_auth_plain(s, eom); 1106 else if (strcasecmp(method, "LOGIN") == 0) 1107 smtp_rfc4954_auth_login(s, eom); 1108 else 1109 smtp_reply(s, "504 %s %s: AUTH method \"%s\" not supported", 1110 esc_code(ESC_STATUS_PERMFAIL, ESC_SECURITY_FEATURES_NOT_SUPPORTED), 1111 esc_description(ESC_SECURITY_FEATURES_NOT_SUPPORTED), 1112 method); 1113 break; 1114 1115 case CMD_MAIL_FROM: 1116 if (s->phase != PHASE_SETUP) { 1117 smtp_reply(s, "503 %s %s: Command not allowed at this point.", 1118 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1119 esc_description(ESC_INVALID_COMMAND)); 1120 1121 break; 1122 } 1123 1124 if (s->listener->flags & F_STARTTLS_REQUIRE && 1125 !(s->flags & SF_SECURE)) { 1126 smtp_reply(s, 1127 "530 %s %s: Must issue a STARTTLS command first", 1128 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1129 esc_description(ESC_INVALID_COMMAND)); 1130 break; 1131 } 1132 1133 if (s->listener->flags & F_AUTH_REQUIRE && 1134 !(s->flags & SF_AUTHENTICATED)) { 1135 smtp_reply(s, 1136 "530 %s %s: Must issue an AUTH command first", 1137 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1138 esc_description(ESC_INVALID_COMMAND)); 1139 break; 1140 } 1141 1142 if (s->mailcount >= SMTP_LIMIT_MAIL) { 1143 /* we can pretend we had too many recipients */ 1144 smtp_reply(s, "452 %s %s: Too many messages sent", 1145 esc_code(ESC_STATUS_TEMPFAIL, ESC_TOO_MANY_RECIPIENTS), 1146 esc_description(ESC_TOO_MANY_RECIPIENTS)); 1147 break; 1148 } 1149 1150 smtp_message_reset(s, 1); 1151 1152 if (smtp_mailaddr(&s->evp.sender, args, 1, &args, 1153 s->smtpname) == 0) { 1154 smtp_reply(s, "553 %s: Sender address syntax error", 1155 esc_code(ESC_STATUS_PERMFAIL, ESC_OTHER_ADDRESS_STATUS)); 1156 break; 1157 } 1158 if (args && smtp_parse_mail_args(s, args) == -1) 1159 break; 1160 1161 smtp_filter_mail(s); 1162 break; 1163 /* 1164 * TRANSACTION 1165 */ 1166 case CMD_RCPT_TO: 1167 if (s->phase != PHASE_TRANSACTION) { 1168 smtp_reply(s, "503 %s %s: Command not allowed at this point.", 1169 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1170 esc_description(ESC_INVALID_COMMAND)); 1171 break; 1172 } 1173 1174 if (s->rcptcount >= SMTP_LIMIT_RCPT) { 1175 smtp_reply(s, "451 %s %s: Too many recipients", 1176 esc_code(ESC_STATUS_TEMPFAIL, ESC_TOO_MANY_RECIPIENTS), 1177 esc_description(ESC_TOO_MANY_RECIPIENTS)); 1178 break; 1179 } 1180 1181 if (smtp_mailaddr(&s->evp.rcpt, args, 0, &args, 1182 s->smtpname) == 0) { 1183 smtp_reply(s, 1184 "501 %s: Recipient address syntax error", 1185 esc_code(ESC_STATUS_PERMFAIL, ESC_BAD_DESTINATION_MAILBOX_ADDRESS_SYNTAX)); 1186 break; 1187 } 1188 if (args && smtp_parse_rcpt_args(s, args) == -1) 1189 break; 1190 1191 smtp_filter_rcpt(s); 1192 break; 1193 1194 case CMD_RSET: 1195 if (s->phase != PHASE_TRANSACTION && s->phase != PHASE_SETUP) { 1196 smtp_reply(s, "503 %s %s: Command not allowed at this point.", 1197 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1198 esc_description(ESC_INVALID_COMMAND)); 1199 break; 1200 } 1201 1202 smtp_filter_rset(s); 1203 1204 if (s->evp.id) { 1205 m_create(p_queue, IMSG_SMTP_MESSAGE_ROLLBACK, 0, 0, -1); 1206 m_add_msgid(p_queue, evpid_to_msgid(s->evp.id)); 1207 m_close(p_queue); 1208 } 1209 1210 s->phase = PHASE_SETUP; 1211 smtp_message_reset(s, 0); 1212 smtp_reply(s, "250 %s: Reset state", 1213 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); 1214 break; 1215 1216 case CMD_DATA: 1217 if (s->phase != PHASE_TRANSACTION) { 1218 smtp_reply(s, "503 %s %s: Command not allowed at this point.", 1219 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1220 esc_description(ESC_INVALID_COMMAND)); 1221 break; 1222 } 1223 if (s->rcptcount == 0) { 1224 smtp_reply(s, "503 %s %s: No recipient specified", 1225 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND_ARGUMENTS), 1226 esc_description(ESC_INVALID_COMMAND_ARGUMENTS)); 1227 break; 1228 } 1229 1230 smtp_filter_data(s); 1231 break; 1232 /* 1233 * ANY 1234 */ 1235 case CMD_QUIT: 1236 smtp_reply(s, "221 %s: Bye", 1237 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); 1238 smtp_enter_state(s, STATE_QUIT); 1239 break; 1240 1241 case CMD_NOOP: 1242 smtp_reply(s, "250 %s: Ok", 1243 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); 1244 break; 1245 1246 case CMD_HELP: 1247 smtp_reply(s, "214- This is OpenSMTPD"); 1248 smtp_reply(s, "214- To report bugs in the implementation, " 1249 "please contact bugs@openbsd.org"); 1250 smtp_reply(s, "214- with full details"); 1251 smtp_reply(s, "214 %s: End of HELP info", 1252 esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); 1253 break; 1254 1255 case CMD_WIZ: 1256 smtp_reply(s, "500 %s %s: this feature is not supported yet ;-)", 1257 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1258 esc_description(ESC_INVALID_COMMAND)); 1259 break; 1260 1261 default: 1262 smtp_reply(s, "500 %s %s: Command unrecognized", 1263 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), 1264 esc_description(ESC_INVALID_COMMAND)); 1265 break; 1266 } 1267 } 1268 1269 static void 1270 smtp_rfc4954_auth_plain(struct smtp_session *s, char *arg) 1271 { 1272 char buf[1024], *user, *pass; 1273 int len; 1274 1275 switch (s->state) { 1276 case STATE_HELO: 1277 if (arg == NULL) { 1278 smtp_enter_state(s, STATE_AUTH_INIT); 1279 smtp_reply(s, "334 "); 1280 return; 1281 } 1282 smtp_enter_state(s, STATE_AUTH_INIT); 1283 /* FALLTHROUGH */ 1284 1285 case STATE_AUTH_INIT: 1286 /* String is not NUL terminated, leave room. */ 1287 if ((len = base64_decode(arg, (unsigned char *)buf, 1288 sizeof(buf) - 1)) == -1) 1289 goto abort; 1290 /* buf is a byte string, NUL terminate. */ 1291 buf[len] = '\0'; 1292 1293 /* 1294 * Skip "foo" in "foo\0user\0pass", if present. 1295 */ 1296 user = memchr(buf, '\0', len); 1297 if (user == NULL || user >= buf + len - 2) 1298 goto abort; 1299 user++; /* skip NUL */ 1300 if (strlcpy(s->username, user, sizeof(s->username)) 1301 >= sizeof(s->username)) 1302 goto abort; 1303 1304 pass = memchr(user, '\0', len - (user - buf)); 1305 if (pass == NULL || pass >= buf + len - 2) 1306 goto abort; 1307 pass++; /* skip NUL */ 1308 1309 m_create(p_lka, IMSG_SMTP_AUTHENTICATE, 0, 0, -1); 1310 m_add_id(p_lka, s->id); 1311 m_add_string(p_lka, s->listener->authtable); 1312 m_add_string(p_lka, user); 1313 m_add_string(p_lka, pass); 1314 m_close(p_lka); 1315 tree_xset(&wait_parent_auth, s->id, s); 1316 return; 1317 1318 default: 1319 fatal("smtp_rfc4954_auth_plain: unknown state"); 1320 } 1321 1322 abort: 1323 smtp_reply(s, "501 %s %s: Syntax error", 1324 esc_code(ESC_STATUS_PERMFAIL, ESC_SYNTAX_ERROR), 1325 esc_description(ESC_SYNTAX_ERROR)); 1326 smtp_enter_state(s, STATE_HELO); 1327 } 1328 1329 static void 1330 smtp_rfc4954_auth_login(struct smtp_session *s, char *arg) 1331 { 1332 char buf[SMTPD_MAXLINESIZE]; 1333 1334 switch (s->state) { 1335 case STATE_HELO: 1336 smtp_enter_state(s, STATE_AUTH_USERNAME); 1337 smtp_reply(s, "334 VXNlcm5hbWU6"); 1338 return; 1339 1340 case STATE_AUTH_USERNAME: 1341 memset(s->username, 0, sizeof(s->username)); 1342 if (base64_decode(arg, (unsigned char *)s->username, 1343 sizeof(s->username) - 1) == -1) 1344 goto abort; 1345 1346 smtp_enter_state(s, STATE_AUTH_PASSWORD); 1347 smtp_reply(s, "334 UGFzc3dvcmQ6"); 1348 return; 1349 1350 case STATE_AUTH_PASSWORD: 1351 memset(buf, 0, sizeof(buf)); 1352 if (base64_decode(arg, (unsigned char *)buf, 1353 sizeof(buf)-1) == -1) 1354 goto abort; 1355 1356 m_create(p_lka, IMSG_SMTP_AUTHENTICATE, 0, 0, -1); 1357 m_add_id(p_lka, s->id); 1358 m_add_string(p_lka, s->listener->authtable); 1359 m_add_string(p_lka, s->username); 1360 m_add_string(p_lka, buf); 1361 m_close(p_lka); 1362 tree_xset(&wait_parent_auth, s->id, s); 1363 return; 1364 1365 default: 1366 fatal("smtp_rfc4954_auth_login: unknown state"); 1367 } 1368 1369 abort: 1370 smtp_reply(s, "501 %s %s: Syntax error", 1371 esc_code(ESC_STATUS_PERMFAIL, ESC_SYNTAX_ERROR), 1372 esc_description(ESC_SYNTAX_ERROR)); 1373 smtp_enter_state(s, STATE_HELO); 1374 } 1375 1376 static uint8_t 1377 dsn_notify_str_to_uint8(const char *arg) 1378 { 1379 if (strcasecmp(arg, "SUCCESS") == 0) 1380 return DSN_SUCCESS; 1381 else if (strcasecmp(arg, "FAILURE") == 0) 1382 return DSN_FAILURE; 1383 else if (strcasecmp(arg, "DELAY") == 0) 1384 return DSN_DELAY; 1385 else if (strcasecmp(arg, "NEVER") == 0) 1386 return DSN_NEVER; 1387 1388 return (0); 1389 } 1390 1391 static int 1392 smtp_parse_rcpt_args(struct smtp_session *s, char *args) 1393 { 1394 char *b, *p; 1395 uint8_t flag; 1396 1397 while ((b = strsep(&args, " "))) { 1398 if (*b == '\0') 1399 continue; 1400 1401 if (ADVERTISE_EXT_DSN(s) && strncasecmp(b, "NOTIFY=", 7) == 0) { 1402 b += 7; 1403 while ((p = strsep(&b, ","))) { 1404 if (*p == '\0') 1405 continue; 1406 1407 if ((flag = dsn_notify_str_to_uint8(p)) == 0) 1408 continue; 1409 1410 s->evp.dsn_notify |= flag; 1411 } 1412 if (s->evp.dsn_notify & DSN_NEVER && 1413 s->evp.dsn_notify & (DSN_SUCCESS | DSN_FAILURE | 1414 DSN_DELAY)) { 1415 smtp_reply(s, 1416 "553 NOTIFY option NEVER cannot be \ 1417 combined with other options"); 1418 return (-1); 1419 } 1420 } else if (ADVERTISE_EXT_DSN(s) && strncasecmp(b, "ORCPT=", 6) == 0) { 1421 b += 6; 1422 if (!text_to_mailaddr(&s->evp.dsn_orcpt, b)) { 1423 smtp_reply(s, "553 ORCPT address syntax error"); 1424 return (-1); 1425 } 1426 } else { 1427 smtp_reply(s, "503 Unsupported option %s", b); 1428 return (-1); 1429 } 1430 } 1431 1432 return (0); 1433 } 1434 1435 static int 1436 smtp_parse_mail_args(struct smtp_session *s, char *args) 1437 { 1438 char *b; 1439 1440 while ((b = strsep(&args, " "))) { 1441 if (*b == '\0') 1442 continue; 1443 1444 if (strncasecmp(b, "AUTH=", 5) == 0) 1445 log_debug("debug: smtp: AUTH in MAIL FROM command"); 1446 else if (strncasecmp(b, "SIZE=", 5) == 0) 1447 log_debug("debug: smtp: SIZE in MAIL FROM command"); 1448 else if (strcasecmp(b, "BODY=7BIT") == 0) 1449 /* XXX only for this transaction */ 1450 s->flags &= ~SF_8BITMIME; 1451 else if (strcasecmp(b, "BODY=8BITMIME") == 0) 1452 ; 1453 else if (ADVERTISE_EXT_DSN(s) && strncasecmp(b, "RET=", 4) == 0) { 1454 b += 4; 1455 if (strcasecmp(b, "HDRS") == 0) 1456 s->evp.dsn_ret = DSN_RETHDRS; 1457 else if (strcasecmp(b, "FULL") == 0) 1458 s->evp.dsn_ret = DSN_RETFULL; 1459 } else if (ADVERTISE_EXT_DSN(s) && strncasecmp(b, "ENVID=", 6) == 0) { 1460 b += 6; 1461 if (strlcpy(s->evp.dsn_envid, b, sizeof(s->evp.dsn_envid)) 1462 >= sizeof(s->evp.dsn_envid)) { 1463 smtp_reply(s, "503 %s %s: option too large, truncated: %s", 1464 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND_ARGUMENTS), 1465 esc_description(ESC_INVALID_COMMAND_ARGUMENTS), b); 1466 return (-1); 1467 } 1468 } else { 1469 smtp_reply(s, "503 %s %s: Unsupported option %s", 1470 esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND_ARGUMENTS), 1471 esc_description(ESC_INVALID_COMMAND_ARGUMENTS), b); 1472 return (-1); 1473 } 1474 } 1475 1476 return (0); 1477 } 1478 1479 static int 1480 smtp_lookup_servername(struct smtp_session *s) 1481 { 1482 struct sockaddr *sa; 1483 socklen_t sa_len; 1484 struct sockaddr_storage ss; 1485 1486 if (s->listener->hostnametable[0]) { 1487 sa_len = sizeof(ss); 1488 sa = (struct sockaddr *)&ss; 1489 if (getsockname(s->io.sock, sa, &sa_len) == -1) { 1490 log_warn("warn: getsockname()"); 1491 } 1492 else { 1493 m_create(p_lka, IMSG_SMTP_LOOKUP_HELO, 0, 0, -1); 1494 m_add_id(p_lka, s->id); 1495 m_add_string(p_lka, s->listener->hostnametable); 1496 m_add_sockaddr(p_lka, sa); 1497 m_close(p_lka); 1498 tree_xset(&wait_lka_helo, s->id, s); 1499 return 0; 1500 } 1501 } 1502 return 1; 1503 } 1504 1505 static void 1506 smtp_connected(struct smtp_session *s) 1507 { 1508 struct sockaddr_storage ss; 1509 socklen_t sl; 1510 1511 smtp_enter_state(s, STATE_CONNECTED); 1512 1513 log_info("smtp-in: New session %016"PRIx64" from host %s [%s]", 1514 s->id, s->hostname, ss_to_text(&s->ss)); 1515 1516 sl = sizeof(ss); 1517 if (getsockname(s->io.sock, (struct sockaddr*)&ss, &sl) == -1) { 1518 smtp_free(s, strerror(errno)); 1519 return; 1520 } 1521 1522 s->flags |= SF_MFACONNSENT; 1523 smtp_filter_connect(s, (struct sockaddr *)&ss); 1524 } 1525 1526 static void 1527 smtp_send_banner(struct smtp_session *s) 1528 { 1529 smtp_reply(s, "220 %s ESMTP %s", s->smtpname, SMTPD_NAME); 1530 io_reload(&s->io); 1531 } 1532 1533 void 1534 smtp_enter_state(struct smtp_session *s, int newstate) 1535 { 1536 log_trace(TRACE_SMTP, "smtp: %p: %s -> %s", s, 1537 smtp_strstate(s->state), 1538 smtp_strstate(newstate)); 1539 1540 s->state = newstate; 1541 } 1542 1543 static void 1544 smtp_message_write(struct smtp_session *s, const char *line) 1545 { 1546 size_t len; 1547 1548 log_trace(TRACE_SMTP, "<<< [MSG] %s", line); 1549 1550 /* Don't waste resources on message if it's going to bin anyway. */ 1551 if (s->msgflags & MF_ERROR) 1552 return; 1553 1554 if (*line == '\0') 1555 s->hdrdone = 1; 1556 1557 /* check for loops */ 1558 if (!s->hdrdone) { 1559 if (strncasecmp("Received: ", line, 10) == 0) 1560 s->rcvcount++; 1561 if (s->rcvcount == MAX_HOPS_COUNT) { 1562 s->msgflags |= MF_ERROR_LOOP; 1563 log_warn("warn: loop detected"); 1564 return; 1565 } 1566 } 1567 1568 len = strlen(line) + 1; 1569 1570 if (s->datalen + len > env->sc_maxsize) { 1571 s->msgflags |= MF_ERROR_SIZE; 1572 return; 1573 } 1574 1575 if (fprintf(s->ofile, "%s\n", line) != (int)len) { 1576 s->msgflags |= MF_ERROR_IO; 1577 return; 1578 } 1579 1580 s->datalen += len; 1581 } 1582 1583 static void 1584 smtp_message_end(struct smtp_session *s) 1585 { 1586 log_debug("debug: %p: end of message, msgflags=0x%04x", s, s->msgflags); 1587 1588 tree_xpop(&wait_mfa_data, s->id); 1589 1590 s->phase = PHASE_SETUP; 1591 1592 fclose(s->ofile); 1593 s->ofile = NULL; 1594 1595 if (s->msgflags & MF_ERROR) { 1596 m_create(p_queue, IMSG_SMTP_MESSAGE_ROLLBACK, 0, 0, -1); 1597 m_add_msgid(p_queue, evpid_to_msgid(s->evp.id)); 1598 m_close(p_queue); 1599 if (s->msgflags & MF_ERROR_SIZE) 1600 smtp_reply(s, "554 %s %s: Transaction failed, message too big", 1601 esc_code(ESC_STATUS_PERMFAIL, ESC_MESSAGE_TOO_BIG_FOR_SYSTEM), 1602 esc_description(ESC_MESSAGE_TOO_BIG_FOR_SYSTEM)); 1603 else if (s->msgflags & MF_ERROR_LOOP) 1604 smtp_reply(s, "500 %s %s: Loop detected", 1605 esc_code(ESC_STATUS_PERMFAIL, ESC_ROUTING_LOOP_DETECTED), 1606 esc_description(ESC_ROUTING_LOOP_DETECTED)); 1607 else 1608 smtp_reply(s, "%d Message rejected", s->msgcode); 1609 smtp_message_reset(s, 0); 1610 smtp_enter_state(s, STATE_HELO); 1611 return; 1612 } 1613 1614 m_create(p_queue, IMSG_SMTP_MESSAGE_COMMIT, 0, 0, -1); 1615 m_add_id(p_queue, s->id); 1616 m_add_msgid(p_queue, evpid_to_msgid(s->evp.id)); 1617 m_close(p_queue); 1618 tree_xset(&wait_queue_commit, s->id, s); 1619 } 1620 1621 static void 1622 smtp_message_reset(struct smtp_session *s, int prepare) 1623 { 1624 struct smtp_rcpt *rcpt; 1625 1626 while ((rcpt = TAILQ_FIRST(&s->rcpts))) { 1627 TAILQ_REMOVE(&s->rcpts, rcpt, entry); 1628 free(rcpt); 1629 } 1630 1631 memset(&s->evp, 0, sizeof s->evp); 1632 s->msgflags = 0; 1633 s->destcount = 0; 1634 s->rcptcount = 0; 1635 s->datalen = 0; 1636 s->rcvcount = 0; 1637 s->hdrdone = 0; 1638 1639 if (prepare) { 1640 s->evp.ss = s->ss; 1641 (void)strlcpy(s->evp.tag, s->listener->tag, sizeof(s->evp.tag)); 1642 (void)strlcpy(s->evp.smtpname, s->smtpname, sizeof(s->evp.smtpname)); 1643 (void)strlcpy(s->evp.hostname, s->hostname, sizeof s->evp.hostname); 1644 (void)strlcpy(s->evp.helo, s->helo, sizeof s->evp.helo); 1645 1646 if (s->flags & SF_BOUNCE) 1647 s->evp.flags |= EF_BOUNCE; 1648 if (s->flags & SF_AUTHENTICATED) 1649 s->evp.flags |= EF_AUTHENTICATED; 1650 } 1651 } 1652 1653 static void 1654 smtp_reply(struct smtp_session *s, char *fmt, ...) 1655 { 1656 va_list ap; 1657 int n; 1658 char buf[SMTPD_MAXLINESIZE], tmp[SMTPD_MAXLINESIZE]; 1659 1660 va_start(ap, fmt); 1661 n = vsnprintf(buf, sizeof buf, fmt, ap); 1662 va_end(ap); 1663 if (n == -1 || n >= SMTPD_MAXLINESIZE) 1664 fatalx("smtp_reply: line too long"); 1665 if (n < 4) 1666 fatalx("smtp_reply: response too short"); 1667 1668 log_trace(TRACE_SMTP, "smtp: %p: >>> %s", s, buf); 1669 1670 iobuf_xfqueue(&s->iobuf, "smtp_reply", "%s\r\n", buf); 1671 1672 switch (buf[0]) { 1673 case '5': 1674 case '4': 1675 if (s->flags & SF_BADINPUT) { 1676 log_info("smtp-in: Bad input on session %016"PRIx64 1677 ": %.*s", s->id, n, buf); 1678 } 1679 else if (strstr(s->cmd, "AUTH ") == s->cmd) { 1680 log_info("smtp-in: Failed command on session %016"PRIx64 1681 ": \"AUTH [...]\" => %.*s", s->id, n, buf); 1682 } 1683 else { 1684 strnvis(tmp, s->cmd, sizeof tmp, VIS_SAFE | VIS_CSTYLE); 1685 log_info("smtp-in: Failed command on session %016"PRIx64 1686 ": \"%s\" => %.*s", s->id, tmp, n, buf); 1687 } 1688 break; 1689 } 1690 } 1691 1692 static void 1693 smtp_free(struct smtp_session *s, const char * reason) 1694 { 1695 struct smtp_rcpt *rcpt; 1696 1697 log_debug("debug: smtp: %p: deleting session: %s", s, reason); 1698 1699 tree_pop(&wait_mfa_data, s->id); 1700 1701 if (s->ofile) 1702 fclose(s->ofile); 1703 1704 if (s->evp.id) { 1705 m_create(p_queue, IMSG_SMTP_MESSAGE_ROLLBACK, 0, 0, -1); 1706 m_add_msgid(p_queue, evpid_to_msgid(s->evp.id)); 1707 m_close(p_queue); 1708 } 1709 1710 if (s->flags & SF_MFACONNSENT) 1711 smtp_filter_disconnect(s); 1712 1713 if (s->flags & SF_SECURE && s->listener->flags & F_SMTPS) 1714 stat_decrement("smtp.smtps", 1); 1715 if (s->flags & SF_SECURE && s->listener->flags & F_STARTTLS) 1716 stat_decrement("smtp.tls", 1); 1717 1718 while ((rcpt = TAILQ_FIRST(&s->rcpts))) { 1719 TAILQ_REMOVE(&s->rcpts, rcpt, entry); 1720 free(rcpt); 1721 } 1722 1723 io_clear(&s->io); 1724 iobuf_clear(&s->iobuf); 1725 free(s); 1726 1727 smtp_collect(); 1728 } 1729 1730 static int 1731 smtp_mailaddr(struct mailaddr *maddr, char *line, int mailfrom, char **args, 1732 const char *domain) 1733 { 1734 char *p, *e; 1735 1736 if (line == NULL) 1737 return (0); 1738 1739 if (*line != '<') 1740 return (0); 1741 1742 e = strchr(line, '>'); 1743 if (e == NULL) 1744 return (0); 1745 *e++ = '\0'; 1746 while (*e == ' ') 1747 e++; 1748 *args = e; 1749 1750 if (!text_to_mailaddr(maddr, line + 1)) 1751 return (0); 1752 1753 p = strchr(maddr->user, ':'); 1754 if (p != NULL) { 1755 p++; 1756 memmove(maddr->user, p, strlen(p) + 1); 1757 } 1758 1759 if (!valid_localpart(maddr->user) || 1760 !valid_domainpart(maddr->domain)) { 1761 /* We accept empty sender for MAIL FROM */ 1762 if (mailfrom && 1763 maddr->user[0] == '\0' && 1764 maddr->domain[0] == '\0') 1765 return (1); 1766 1767 /* We accept empty domain for RCPT TO if user is postmaster */ 1768 if (!mailfrom && 1769 strcasecmp(maddr->user, "postmaster") == 0 && 1770 maddr->domain[0] == '\0') { 1771 (void)strlcpy(maddr->domain, domain, 1772 sizeof(maddr->domain)); 1773 return (1); 1774 } 1775 1776 return (0); 1777 } 1778 1779 return (1); 1780 } 1781 1782 static int 1783 smtp_verify_certificate(struct smtp_session *s) 1784 { 1785 struct ca_vrfy_req_msg req_ca_vrfy; 1786 struct iovec iov[2]; 1787 X509 *x; 1788 STACK_OF(X509) *xchain; 1789 int i; 1790 const char *pkiname; 1791 1792 x = SSL_get_peer_certificate(s->io.ssl); 1793 if (x == NULL) 1794 return 0; 1795 xchain = SSL_get_peer_cert_chain(s->io.ssl); 1796 1797 /* 1798 * Client provided a certificate and possibly a certificate chain. 1799 * SMTP can't verify because it does not have the information that 1800 * it needs, instead it will pass the certificate and chain to the 1801 * lookup process and wait for a reply. 1802 * 1803 */ 1804 1805 tree_xset(&wait_ssl_verify, s->id, s); 1806 1807 /* Send the client certificate */ 1808 memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy); 1809 if (s->listener->pki_name[0]) 1810 pkiname = s->listener->pki_name; 1811 else 1812 pkiname = s->smtpname; 1813 1814 if (strlcpy(req_ca_vrfy.pkiname, pkiname, sizeof req_ca_vrfy.pkiname) 1815 >= sizeof req_ca_vrfy.pkiname) 1816 return 0; 1817 1818 req_ca_vrfy.reqid = s->id; 1819 req_ca_vrfy.cert_len = i2d_X509(x, &req_ca_vrfy.cert); 1820 if (xchain) 1821 req_ca_vrfy.n_chain = sk_X509_num(xchain); 1822 iov[0].iov_base = &req_ca_vrfy; 1823 iov[0].iov_len = sizeof(req_ca_vrfy); 1824 iov[1].iov_base = req_ca_vrfy.cert; 1825 iov[1].iov_len = req_ca_vrfy.cert_len; 1826 m_composev(p_lka, IMSG_SMTP_SSL_VERIFY_CERT, 0, 0, -1, 1827 iov, nitems(iov)); 1828 free(req_ca_vrfy.cert); 1829 X509_free(x); 1830 1831 if (xchain) { 1832 /* Send the chain, one cert at a time */ 1833 for (i = 0; i < sk_X509_num(xchain); ++i) { 1834 memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy); 1835 req_ca_vrfy.reqid = s->id; 1836 x = sk_X509_value(xchain, i); 1837 req_ca_vrfy.cert_len = i2d_X509(x, &req_ca_vrfy.cert); 1838 iov[0].iov_base = &req_ca_vrfy; 1839 iov[0].iov_len = sizeof(req_ca_vrfy); 1840 iov[1].iov_base = req_ca_vrfy.cert; 1841 iov[1].iov_len = req_ca_vrfy.cert_len; 1842 m_composev(p_lka, IMSG_SMTP_SSL_VERIFY_CHAIN, 0, 0, -1, 1843 iov, nitems(iov)); 1844 free(req_ca_vrfy.cert); 1845 } 1846 } 1847 1848 /* Tell lookup process that it can start verifying, we're done */ 1849 memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy); 1850 req_ca_vrfy.reqid = s->id; 1851 m_compose(p_lka, IMSG_SMTP_SSL_VERIFY, 0, 0, -1, 1852 &req_ca_vrfy, sizeof req_ca_vrfy); 1853 1854 return 1; 1855 } 1856 1857 static void 1858 smtp_auth_failure_resume(int fd, short event, void *p) 1859 { 1860 struct smtp_session *s = p; 1861 1862 smtp_reply(s, "535 Authentication failed"); 1863 smtp_enter_state(s, STATE_HELO); 1864 io_reload(&s->io); 1865 } 1866 1867 static void 1868 smtp_auth_failure_pause(struct smtp_session *s) 1869 { 1870 struct timeval tv; 1871 1872 tv.tv_sec = 0; 1873 tv.tv_usec = arc4random_uniform(1000000); 1874 log_trace(TRACE_SMTP, "smtp: timing-attack protection triggered, " 1875 "will defer answer for %lu microseconds", tv.tv_usec); 1876 evtimer_set(&s->pause, smtp_auth_failure_resume, s); 1877 evtimer_add(&s->pause, &tv); 1878 } 1879 1880 static int 1881 smtp_sni_callback(SSL *ssl, int *ad, void *arg) 1882 { 1883 const char *sn; 1884 struct smtp_session *s = arg; 1885 void *ssl_ctx; 1886 1887 sn = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); 1888 if (sn == NULL) 1889 return SSL_TLSEXT_ERR_NOACK; 1890 if (strlcpy(s->sni, sn, sizeof s->sni) >= sizeof s->sni) { 1891 log_warnx("warn: client SNI exceeds max hostname length"); 1892 return SSL_TLSEXT_ERR_NOACK; 1893 } 1894 ssl_ctx = dict_get(env->sc_ssl_dict, sn); 1895 if (ssl_ctx == NULL) { 1896 log_info("smtp-in: No PKI entry for requested SNI \"%s\"" 1897 "on session %016"PRIx64, sn, s->id); 1898 return SSL_TLSEXT_ERR_NOACK; 1899 } 1900 SSL_set_SSL_CTX(ssl, ssl_ctx); 1901 return SSL_TLSEXT_ERR_OK; 1902 } 1903 1904 static void 1905 smtp_filter_rset(struct smtp_session *s) 1906 { 1907 } 1908 1909 static void 1910 smtp_filter_commit(struct smtp_session *s) 1911 { 1912 } 1913 1914 static void 1915 smtp_filter_rollback(struct smtp_session *s) 1916 { 1917 } 1918 1919 static void 1920 smtp_filter_disconnect(struct smtp_session *s) 1921 { 1922 } 1923 1924 static void 1925 smtp_filter_connect(struct smtp_session *s, struct sockaddr *sa) 1926 { 1927 smtp_mfa_response(s, IMSG_SMTP_REQ_CONNECT, FILTER_OK, 0, NULL); 1928 } 1929 1930 static void 1931 smtp_filter_eom(struct smtp_session *s) 1932 { 1933 smtp_mfa_response(s, IMSG_SMTP_REQ_EOM, FILTER_OK, 0, NULL); 1934 } 1935 1936 static void 1937 smtp_filter_helo(struct smtp_session *s) 1938 { 1939 smtp_mfa_response(s, IMSG_SMTP_REQ_HELO, FILTER_OK, 0, NULL); 1940 } 1941 1942 static void 1943 smtp_filter_mail(struct smtp_session *s) 1944 { 1945 smtp_mfa_response(s, IMSG_SMTP_REQ_MAIL, FILTER_OK, 0, NULL); 1946 } 1947 1948 static void 1949 smtp_filter_rcpt(struct smtp_session *s) 1950 { 1951 smtp_mfa_response(s, IMSG_SMTP_REQ_RCPT, FILTER_OK, 0, NULL); 1952 } 1953 1954 static void 1955 smtp_filter_data(struct smtp_session *s) 1956 { 1957 smtp_mfa_response(s, IMSG_SMTP_REQ_DATA, FILTER_OK, 0, NULL); 1958 } 1959 1960 #define CASE(x) case x : return #x 1961 1962 const char * 1963 smtp_strstate(int state) 1964 { 1965 static char buf[32]; 1966 1967 switch (state) { 1968 CASE(STATE_NEW); 1969 CASE(STATE_CONNECTED); 1970 CASE(STATE_TLS); 1971 CASE(STATE_HELO); 1972 CASE(STATE_AUTH_INIT); 1973 CASE(STATE_AUTH_USERNAME); 1974 CASE(STATE_AUTH_PASSWORD); 1975 CASE(STATE_AUTH_FINALIZE); 1976 CASE(STATE_BODY); 1977 CASE(STATE_QUIT); 1978 default: 1979 (void)snprintf(buf, sizeof(buf), "STATE_??? (%d)", state); 1980 return (buf); 1981 } 1982 } 1983