static void
m_error(const char *error)
{
char buf[512];
(void)snprintf(buf, sizeof buf, "%s: %s: %s",
proc_name(smtpd_process),
imsg_to_str(current->hdr.type),
error);
fatalx("%s", buf);
}
void
m_close(struct mproc *p)
{
if (imsg_compose(&p->imsgbuf, p->m_type, p->m_peerid, p->m_pid, p->m_fd,
p->m_buf, p->m_pos) == -1)
fatal("imsg_compose");
log_trace(TRACE_MPROC, "mproc: %s -> %s : %zu %s",
proc_name(smtpd_process),
proc_name(p->proc),
p->m_pos,
imsg_to_str(p->m_type));
mproc_event_add(p);
}
void
m_compose(struct mproc *p, uint32_t type, uint32_t peerid, pid_t pid, int fd,
void *data, size_t len)
{
imsg_compose(&p->imsgbuf, type, peerid, pid, fd, data, len);
if (type != IMSG_STAT_DECREMENT &&
type != IMSG_STAT_INCREMENT)
log_trace(TRACE_MPROC, "mproc: %s -> %s : %zu %s",
proc_name(smtpd_process),
proc_name(p->proc),
len,
imsg_to_str(type));
mproc_event_add(p);
}
void
m_flush(struct mproc *p)
{
if (imsg_compose(&p->imsgbuf, p->m_type, p->m_peerid, p->m_pid, p->m_fd,
p->m_buf, p->m_pos) == -1)
fatal("imsg_compose");
log_trace(TRACE_MPROC, "mproc: %s -> %s : %zu %s (flush)",
proc_name(smtpd_process),
proc_name(p->proc),
p->m_pos,
imsg_to_str(p->m_type));
p->m_pos = 0;
imsg_flush(&p->imsgbuf);
}
void
m_forward(struct mproc *p, struct imsg *imsg)
{
imsg_compose(&p->imsgbuf, imsg->hdr.type, imsg->hdr.peerid,
imsg->hdr.pid, imsg->fd, imsg->data,
imsg->hdr.len - sizeof(imsg->hdr));
if (imsg->hdr.type != IMSG_STAT_DECREMENT &&
imsg->hdr.type != IMSG_STAT_INCREMENT)
log_trace(TRACE_MPROC, "mproc: %s -> %s : %zu %s (forward)",
proc_name(smtpd_process),
proc_name(p->proc),
imsg->hdr.len - sizeof(imsg->hdr),
imsg_to_str(imsg->hdr.type));
mproc_event_add(p);
}
static void
control_imsg(struct imsgev *iev, struct imsg *imsg)
{
struct ctl_conn *c;
char *key;
struct stat_value val;
if (iev->proc == PROC_SMTP) {
switch (imsg->hdr.type) {
case IMSG_SMTP_ENQUEUE:
c = control_connbyfd(imsg->hdr.peerid);
if (c == NULL)
return;
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0,
imsg->fd, NULL, 0);
return;
}
}
switch (imsg->hdr.type) {
case IMSG_STAT_INCREMENT:
memmove(&val, imsg->data, sizeof (val));
key = (char*)imsg->data + sizeof (val);
if (stat_backend)
stat_backend->increment(key, val.u.counter);
return;
case IMSG_STAT_DECREMENT:
memmove(&val, imsg->data, sizeof (val));
key = (char*)imsg->data + sizeof (val);
if (stat_backend)
stat_backend->decrement(key, val.u.counter);
return;
case IMSG_STAT_SET:
memmove(&val, imsg->data, sizeof (val));
key = (char*)imsg->data + sizeof (val);
if (stat_backend)
stat_backend->set(key, &val);
return;
}
errx(1, "control_imsg: unexpected %s imsg",
imsg_to_str(imsg->hdr.type));
}
void
control_imsg(struct imsgev *iev, struct imsg *imsg)
{
struct ctl_conn *c;
log_imsg(PROC_CONTROL, iev->proc, imsg);
if (iev->proc == PROC_SMTP) {
switch (imsg->hdr.type) {
case IMSG_SMTP_ENQUEUE:
c = control_connbyfd(imsg->hdr.peerid);
if (c == NULL)
return;
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0,
imsg->fd, NULL, 0);
return;
}
}
errx(1, "control_imsg: unexpected %s imsg",
imsg_to_str(imsg->hdr.type));
}
void
m_composev(struct mproc *p, uint32_t type, uint32_t peerid, pid_t pid,
int fd, const struct iovec *iov, int n)
{
size_t len;
int i;
imsg_composev(&p->imsgbuf, type, peerid, pid, fd, iov, n);
len = 0;
for (i = 0; i < n; i++)
len += iov[i].iov_len;
if (type != IMSG_STAT_DECREMENT &&
type != IMSG_STAT_INCREMENT)
log_trace(TRACE_MPROC, "mproc: %s -> %s : %zu %s",
proc_name(smtpd_process),
proc_name(p->proc),
len,
imsg_to_str(type));
mproc_event_add(p);
}
void
mta_session_imsg(struct mproc *p, struct imsg *imsg)
{
struct ca_vrfy_resp_msg *resp_ca_vrfy;
struct ca_cert_resp_msg *resp_ca_cert;
struct mta_session *s;
struct mta_host *h;
struct msg m;
uint64_t reqid;
const char *name;
void *ssl;
int dnserror, status;
switch (imsg->hdr.type) {
case IMSG_QUEUE_MESSAGE_FD:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
s = mta_tree_pop(&wait_fd, reqid);
if (s == NULL) {
if (imsg->fd != -1)
close(imsg->fd);
return;
}
if (imsg->fd == -1) {
log_debug("debug: mta: failed to obtain msg fd");
mta_flush_task(s, IMSG_DELIVERY_TEMPFAIL,
"Could not get message fd", 0, 0);
mta_enter_state(s, MTA_READY);
io_reload(&s->io);
return;
}
s->datafp = fdopen(imsg->fd, "r");
if (s->datafp == NULL)
fatal("mta: fdopen");
if (mta_check_loop(s->datafp)) {
log_debug("debug: mta: loop detected");
fclose(s->datafp);
s->datafp = NULL;
mta_flush_task(s, IMSG_DELIVERY_LOOP,
"Loop detected", 0, 0);
mta_enter_state(s, MTA_READY);
} else {
mta_enter_state(s, MTA_MAIL);
}
io_reload(&s->io);
return;
case IMSG_DNS_PTR:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_int(&m, &dnserror);
if (dnserror)
name = NULL;
else
m_get_string(&m, &name);
m_end(&m);
s = mta_tree_pop(&wait_ptr, reqid);
if (s == NULL)
return;
h = s->route->dst;
h->lastptrquery = time(NULL);
if (name)
h->ptrname = xstrdup(name, "mta: ptr");
waitq_run(&h->ptrname, h->ptrname);
return;
case IMSG_LKA_SSL_INIT:
resp_ca_cert = imsg->data;
s = mta_tree_pop(&wait_ssl_init, resp_ca_cert->reqid);
if (s == NULL)
return;
if (resp_ca_cert->status == CA_FAIL) {
if (s->relay->pki_name) {
log_info("smtp-out: Disconnecting session %016"PRIx64
": CA failure", s->id);
mta_free(s);
return;
}
else {
ssl = ssl_mta_init(NULL, 0, NULL, 0);
if (ssl == NULL)
fatal("mta: ssl_mta_init");
io_start_tls(&s->io, ssl);
return;
}
}
resp_ca_cert = xmemdup(imsg->data, sizeof *resp_ca_cert, "mta:ca_cert");
resp_ca_cert->cert = xstrdup((char *)imsg->data +
sizeof *resp_ca_cert, "mta:ca_cert");
resp_ca_cert->key = xstrdup((char *)imsg->data +
sizeof *resp_ca_cert + resp_ca_cert->cert_len,
"mta:ca_key");
ssl = ssl_mta_init(resp_ca_cert->cert, resp_ca_cert->cert_len,
resp_ca_cert->key, resp_ca_cert->key_len);
if (ssl == NULL)
fatal("mta: ssl_mta_init");
io_start_tls(&s->io, ssl);
memset(resp_ca_cert->cert, 0, resp_ca_cert->cert_len);
memset(resp_ca_cert->key, 0, resp_ca_cert->key_len);
free(resp_ca_cert->cert);
free(resp_ca_cert->key);
free(resp_ca_cert);
return;
case IMSG_LKA_SSL_VERIFY:
resp_ca_vrfy = imsg->data;
s = mta_tree_pop(&wait_ssl_verify, resp_ca_vrfy->reqid);
if (s == NULL)
return;
if (resp_ca_vrfy->status == CA_OK)
s->flags |= MTA_VERIFIED;
else if (s->relay->flags & F_TLS_VERIFY) {
errno = 0;
mta_error(s, "SSL certificate check failed");
mta_free(s);
return;
}
mta_io(&s->io, IO_TLSVERIFIED);
io_resume(&s->io, IO_PAUSE_IN);
io_reload(&s->io);
return;
case IMSG_LKA_HELO:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_int(&m, &status);
if (status == LKA_OK)
m_get_string(&m, &name);
m_end(&m);
s = mta_tree_pop(&wait_helo, reqid);
if (s == NULL)
return;
if (status == LKA_OK) {
s->helo = xstrdup(name, "mta_session_imsg");
mta_connect(s);
} else {
mta_source_error(s->relay, s->route,
"Failed to retrieve helo string");
mta_free(s);
}
return;
default:
errx(1, "mta_session_imsg: unexpected %s imsg",
imsg_to_str(imsg->hdr.type));
}
}
void
runner_imsg(struct imsgev *iev, struct imsg *imsg)
{
struct envelope *e, bounce;
struct scheduler_info si;
log_imsg(PROC_RUNNER, iev->proc, imsg);
switch (imsg->hdr.type) {
case IMSG_QUEUE_COMMIT_MESSAGE:
e = imsg->data;
runner_message_to_scheduler(evpid_to_msgid(e->id));
runner_reset_events();
return;
case IMSG_QUEUE_DELIVERY_OK:
stat_decrement(STATS_RUNNER);
e = imsg->data;
log_debug("queue_delivery_ok: %016"PRIx64, e->id);
scheduler->remove(e->id);
queue_envelope_delete(e);
return;
case IMSG_QUEUE_DELIVERY_TEMPFAIL:
stat_decrement(STATS_RUNNER);
e = imsg->data;
e->retry++;
queue_envelope_update(e);
log_debug("queue_delivery_tempfail: %016"PRIx64, e->id);
scheduler_info(&si, e);
scheduler->insert(&si);
runner_reset_events();
return;
case IMSG_QUEUE_DELIVERY_PERMFAIL:
stat_decrement(STATS_RUNNER);
e = imsg->data;
if (e->type != D_BOUNCE && e->sender.user[0] != '\0') {
bounce_record_message(e, &bounce);
log_debug("queue_delivery_permfail: %016"PRIx64,
bounce.id);
scheduler_info(&si, &bounce);
scheduler->insert(&si);
runner_reset_events();
}
scheduler->remove(e->id);
queue_envelope_delete(e);
return;
case IMSG_MDA_SESS_NEW:
stat_decrement(STATS_MDA_SESSION);
if (env->sc_maxconn - stat_get(STATS_MDA_SESSION, STAT_ACTIVE))
env->sc_flags &= ~SMTPD_MDA_BUSY;
runner_reset_events();
return;
case IMSG_BATCH_DONE:
stat_decrement(STATS_MTA_SESSION);
if (env->sc_maxconn - stat_get(STATS_MTA_SESSION, STAT_ACTIVE))
env->sc_flags &= ~SMTPD_MTA_BUSY;
runner_reset_events();
return;
case IMSG_SMTP_ENQUEUE:
e = imsg->data;
if (imsg->fd < 0 || !bounce_session(imsg->fd, e)) {
queue_envelope_update(e);
log_debug("smtp_enqueue: %016"PRIx64, e->id);
scheduler_info(&si, e);
scheduler->insert(&si);
runner_reset_events();
return;
}
return;
case IMSG_QUEUE_PAUSE_MDA:
env->sc_flags |= SMTPD_MDA_PAUSED;
return;
case IMSG_QUEUE_RESUME_MDA:
env->sc_flags &= ~SMTPD_MDA_PAUSED;
runner_reset_events();
return;
case IMSG_QUEUE_PAUSE_MTA:
env->sc_flags |= SMTPD_MTA_PAUSED;
return;
case IMSG_QUEUE_RESUME_MTA:
env->sc_flags &= ~SMTPD_MTA_PAUSED;
runner_reset_events();
return;
case IMSG_CTL_VERBOSE:
log_verbose(*(int *)imsg->data);
return;
case IMSG_RUNNER_SCHEDULE:
scheduler->force(*(u_int64_t *)imsg->data);
runner_reset_events();
return;
case IMSG_RUNNER_REMOVE: {
runner_remove(*(u_int64_t *)imsg->data);
runner_reset_events();
return;
}
}
errx(1, "runner_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
static void
lka_imsg(struct mproc *p, struct imsg *imsg)
{
struct rule *rule;
struct table *table;
void *tmp;
int ret;
const char *key, *val;
struct ssl *ssl;
struct iovec iov[3];
static struct dict *ssl_dict;
static struct dict *tables_dict;
static struct table *table_last;
static struct ca_vrfy_req_msg *req_ca_vrfy_smtp = NULL;
static struct ca_vrfy_req_msg *req_ca_vrfy_mta = NULL;
struct ca_vrfy_req_msg *req_ca_vrfy_chain;
struct ca_vrfy_resp_msg resp_ca_vrfy;
struct ca_cert_req_msg *req_ca_cert;
struct ca_cert_resp_msg resp_ca_cert;
struct sockaddr_storage ss;
struct userinfo userinfo;
struct addrname addrname;
struct envelope evp;
struct msg m;
union lookup lk;
char buf[SMTPD_MAXLINESIZE];
const char *tablename, *username, *password, *label;
uint64_t reqid;
size_t i;
int v;
if (imsg->hdr.type == IMSG_DNS_HOST ||
imsg->hdr.type == IMSG_DNS_PTR ||
imsg->hdr.type == IMSG_DNS_MX ||
imsg->hdr.type == IMSG_DNS_MX_PREFERENCE) {
dns_imsg(p, imsg);
return;
}
if (p->proc == PROC_SMTP) {
switch (imsg->hdr.type) {
case IMSG_LKA_EXPAND_RCPT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_envelope(&m, &evp);
m_end(&m);
lka_session(reqid, &evp);
return;
case IMSG_LKA_SSL_INIT:
req_ca_cert = imsg->data;
resp_ca_cert.reqid = req_ca_cert->reqid;
ssl = dict_get(env->sc_ssl_dict, req_ca_cert->name);
if (ssl == NULL) {
resp_ca_cert.status = CA_FAIL;
m_compose(p, IMSG_LKA_SSL_INIT, 0, 0, -1, &resp_ca_cert,
sizeof(resp_ca_cert));
return;
}
resp_ca_cert.status = CA_OK;
resp_ca_cert.cert_len = ssl->ssl_cert_len;
resp_ca_cert.key_len = ssl->ssl_key_len;
iov[0].iov_base = &resp_ca_cert;
iov[0].iov_len = sizeof(resp_ca_cert);
iov[1].iov_base = ssl->ssl_cert;
iov[1].iov_len = ssl->ssl_cert_len;
iov[2].iov_base = ssl->ssl_key;
iov[2].iov_len = ssl->ssl_key_len;
m_composev(p, IMSG_LKA_SSL_INIT, 0, 0, -1, iov, nitems(iov));
return;
case IMSG_LKA_SSL_VERIFY_CERT:
req_ca_vrfy_smtp = xmemdup(imsg->data, sizeof *req_ca_vrfy_smtp, "lka:ca_vrfy");
if (req_ca_vrfy_smtp == NULL)
fatal(NULL);
req_ca_vrfy_smtp->cert = xmemdup((char *)imsg->data +
sizeof *req_ca_vrfy_smtp, req_ca_vrfy_smtp->cert_len, "lka:ca_vrfy");
req_ca_vrfy_smtp->chain_cert = xcalloc(req_ca_vrfy_smtp->n_chain,
sizeof (unsigned char *), "lka:ca_vrfy");
req_ca_vrfy_smtp->chain_cert_len = xcalloc(req_ca_vrfy_smtp->n_chain,
sizeof (off_t), "lka:ca_vrfy");
return;
case IMSG_LKA_SSL_VERIFY_CHAIN:
if (req_ca_vrfy_smtp == NULL)
fatalx("lka:ca_vrfy: chain without a certificate");
req_ca_vrfy_chain = imsg->data;
req_ca_vrfy_smtp->chain_cert[req_ca_vrfy_smtp->chain_offset] = xmemdup((char *)imsg->data +
sizeof *req_ca_vrfy_chain, req_ca_vrfy_chain->cert_len, "lka:ca_vrfy");
req_ca_vrfy_smtp->chain_cert_len[req_ca_vrfy_smtp->chain_offset] = req_ca_vrfy_chain->cert_len;
req_ca_vrfy_smtp->chain_offset++;
return;
case IMSG_LKA_SSL_VERIFY:
if (req_ca_vrfy_smtp == NULL)
fatalx("lka:ca_vrfy: verify without a certificate");
resp_ca_vrfy.reqid = req_ca_vrfy_smtp->reqid;
if (! lka_X509_verify(req_ca_vrfy_smtp, CA_FILE, NULL))
resp_ca_vrfy.status = CA_FAIL;
else
resp_ca_vrfy.status = CA_OK;
m_compose(p, IMSG_LKA_SSL_VERIFY, 0, 0, -1, &resp_ca_vrfy,
sizeof resp_ca_vrfy);
for (i = 0; i < req_ca_vrfy_smtp->n_chain; ++i)
free(req_ca_vrfy_smtp->chain_cert[i]);
free(req_ca_vrfy_smtp->chain_cert);
free(req_ca_vrfy_smtp->chain_cert_len);
free(req_ca_vrfy_smtp->cert);
free(req_ca_vrfy_smtp);
return;
case IMSG_LKA_AUTHENTICATE:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_string(&m, &tablename);
m_get_string(&m, &username);
m_get_string(&m, &password);
m_end(&m);
if (!tablename[0]) {
m_create(p_parent, IMSG_LKA_AUTHENTICATE,
0, 0, -1);
m_add_id(p_parent, reqid);
m_add_string(p_parent, username);
m_add_string(p_parent, password);
m_close(p_parent);
return;
}
ret = lka_authenticate(tablename, username, password);
m_create(p, IMSG_LKA_AUTHENTICATE, 0, 0, -1);
m_add_id(p, reqid);
m_add_int(p, ret);
m_close(p);
return;
}
}
if (p->proc == PROC_MDA) {
switch (imsg->hdr.type) {
case IMSG_LKA_USERINFO:
m_msg(&m, imsg);
m_get_string(&m, &tablename);
m_get_string(&m, &username);
m_end(&m);
ret = lka_userinfo(tablename, username, &userinfo);
m_create(p, IMSG_LKA_USERINFO, 0, 0, -1);
m_add_string(p, tablename);
m_add_string(p, username);
m_add_int(p, ret);
if (ret == LKA_OK)
m_add_data(p, &userinfo, sizeof(userinfo));
m_close(p);
return;
}
}
if (p->proc == PROC_MTA) {
switch (imsg->hdr.type) {
case IMSG_LKA_SSL_INIT:
req_ca_cert = imsg->data;
resp_ca_cert.reqid = req_ca_cert->reqid;
ssl = dict_get(env->sc_ssl_dict, req_ca_cert->name);
if (ssl == NULL) {
resp_ca_cert.status = CA_FAIL;
m_compose(p, IMSG_LKA_SSL_INIT, 0, 0, -1, &resp_ca_cert,
sizeof(resp_ca_cert));
return;
}
resp_ca_cert.status = CA_OK;
resp_ca_cert.cert_len = ssl->ssl_cert_len;
resp_ca_cert.key_len = ssl->ssl_key_len;
iov[0].iov_base = &resp_ca_cert;
iov[0].iov_len = sizeof(resp_ca_cert);
iov[1].iov_base = ssl->ssl_cert;
iov[1].iov_len = ssl->ssl_cert_len;
iov[2].iov_base = ssl->ssl_key;
iov[2].iov_len = ssl->ssl_key_len;
m_composev(p, IMSG_LKA_SSL_INIT, 0, 0, -1, iov, nitems(iov));
return;
case IMSG_LKA_SSL_VERIFY_CERT:
req_ca_vrfy_mta = xmemdup(imsg->data, sizeof *req_ca_vrfy_mta, "lka:ca_vrfy");
if (req_ca_vrfy_mta == NULL)
fatal(NULL);
req_ca_vrfy_mta->cert = xmemdup((char *)imsg->data +
sizeof *req_ca_vrfy_mta, req_ca_vrfy_mta->cert_len, "lka:ca_vrfy");
req_ca_vrfy_mta->chain_cert = xcalloc(req_ca_vrfy_mta->n_chain,
sizeof (unsigned char *), "lka:ca_vrfy");
req_ca_vrfy_mta->chain_cert_len = xcalloc(req_ca_vrfy_mta->n_chain,
sizeof (off_t), "lka:ca_vrfy");
return;
case IMSG_LKA_SSL_VERIFY_CHAIN:
if (req_ca_vrfy_mta == NULL)
fatalx("lka:ca_vrfy: verify without a certificate");
req_ca_vrfy_chain = imsg->data;
req_ca_vrfy_mta->chain_cert[req_ca_vrfy_mta->chain_offset] = xmemdup((char *)imsg->data +
sizeof *req_ca_vrfy_chain, req_ca_vrfy_chain->cert_len, "lka:ca_vrfy");
req_ca_vrfy_mta->chain_cert_len[req_ca_vrfy_mta->chain_offset] = req_ca_vrfy_chain->cert_len;
req_ca_vrfy_mta->chain_offset++;
return;
case IMSG_LKA_SSL_VERIFY:
if (req_ca_vrfy_mta == NULL)
fatalx("lka:ca_vrfy: verify without a certificate");
resp_ca_vrfy.reqid = req_ca_vrfy_mta->reqid;
if (! lka_X509_verify(req_ca_vrfy_mta, CA_FILE, NULL))
resp_ca_vrfy.status = CA_FAIL;
else
resp_ca_vrfy.status = CA_OK;
m_compose(p, IMSG_LKA_SSL_VERIFY, 0, 0, -1, &resp_ca_vrfy,
sizeof resp_ca_vrfy);
for (i = 0; i < req_ca_vrfy_mta->n_chain; ++i)
free(req_ca_vrfy_mta->chain_cert[i]);
free(req_ca_vrfy_mta->chain_cert);
free(req_ca_vrfy_mta->chain_cert_len);
free(req_ca_vrfy_mta->cert);
free(req_ca_vrfy_mta);
return;
case IMSG_LKA_SECRET:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_string(&m, &tablename);
m_get_string(&m, &label);
m_end(&m);
lka_credentials(tablename, label, buf, sizeof(buf));
m_create(p, IMSG_LKA_SECRET, 0, 0, -1);
m_add_id(p, reqid);
m_add_string(p, buf);
m_close(p);
return;
case IMSG_LKA_SOURCE:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_string(&m, &tablename);
table = table_find(tablename, NULL);
m_create(p, IMSG_LKA_SOURCE, 0, 0, -1);
m_add_id(p, reqid);
if (table == NULL) {
log_warn("warn: source address table %s missing",
tablename);
m_add_int(p, LKA_TEMPFAIL);
}
else {
ret = table_fetch(table, K_SOURCE, &lk);
if (ret == -1)
m_add_int(p, LKA_TEMPFAIL);
else if (ret == 0)
m_add_int(p, LKA_PERMFAIL);
else {
m_add_int(p, LKA_OK);
m_add_sockaddr(p,
(struct sockaddr *)&lk.source.addr);
}
}
m_close(p);
return;
case IMSG_LKA_HELO:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_string(&m, &tablename);
m_get_sockaddr(&m, (struct sockaddr *)&ss);
m_end(&m);
ret = lka_addrname(tablename, (struct sockaddr*)&ss,
&addrname);
m_create(p, IMSG_LKA_HELO, 0, 0, -1);
m_add_id(p, reqid);
m_add_int(p, ret);
if (ret == LKA_OK)
m_add_string(p, addrname.name);
m_close(p);
return;
}
}
if (p->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CONF_START:
env->sc_rules_reload = xcalloc(1,
sizeof *env->sc_rules, "lka:sc_rules_reload");
tables_dict = xcalloc(1,
sizeof *tables_dict, "lka:tables_dict");
ssl_dict = calloc(1, sizeof *ssl_dict);
if (ssl_dict == NULL)
fatal(NULL);
dict_init(ssl_dict);
dict_init(tables_dict);
TAILQ_INIT(env->sc_rules_reload);
return;
case IMSG_CONF_SSL:
ssl = calloc(1, sizeof *ssl);
if (ssl == NULL)
fatal(NULL);
*ssl = *(struct ssl *)imsg->data;
ssl->ssl_cert = xstrdup((char *)imsg->data +
sizeof *ssl, "smtp:ssl_cert");
ssl->ssl_key = xstrdup((char *)imsg->data +
sizeof *ssl + ssl->ssl_cert_len, "smtp:ssl_key");
if (ssl->ssl_dhparams_len) {
ssl->ssl_dhparams = xstrdup((char *)imsg->data
+ sizeof *ssl + ssl->ssl_cert_len +
ssl->ssl_key_len, "smtp:ssl_dhparams");
}
if (ssl->ssl_ca_len) {
ssl->ssl_ca = xstrdup((char *)imsg->data
+ sizeof *ssl + ssl->ssl_cert_len +
ssl->ssl_key_len + ssl->ssl_dhparams_len,
"smtp:ssl_ca");
}
dict_set(ssl_dict, ssl->ssl_name, ssl);
return;
case IMSG_CONF_RULE:
rule = xmemdup(imsg->data, sizeof *rule, "lka:rule");
TAILQ_INSERT_TAIL(env->sc_rules_reload, rule, r_entry);
return;
case IMSG_CONF_TABLE:
table_last = table = xmemdup(imsg->data, sizeof *table,
"lka:table");
dict_init(&table->t_dict);
dict_set(tables_dict, table->t_name, table);
return;
case IMSG_CONF_RULE_SOURCE:
rule = TAILQ_LAST(env->sc_rules_reload, rulelist);
tmp = env->sc_tables_dict;
env->sc_tables_dict = tables_dict;
rule->r_sources = table_find(imsg->data, NULL);
if (rule->r_sources == NULL)
fatalx("lka: tables inconsistency");
env->sc_tables_dict = tmp;
return;
case IMSG_CONF_RULE_SENDER:
rule = TAILQ_LAST(env->sc_rules_reload, rulelist);
tmp = env->sc_tables_dict;
env->sc_tables_dict = tables_dict;
rule->r_senders = table_find(imsg->data, NULL);
if (rule->r_senders == NULL)
fatalx("lka: tables inconsistency");
env->sc_tables_dict = tmp;
return;
case IMSG_CONF_RULE_DESTINATION:
rule = TAILQ_LAST(env->sc_rules_reload, rulelist);
tmp = env->sc_tables_dict;
env->sc_tables_dict = tables_dict;
rule->r_destination = table_find(imsg->data, NULL);
if (rule->r_destination == NULL)
fatalx("lka: tables inconsistency");
env->sc_tables_dict = tmp;
return;
case IMSG_CONF_RULE_MAPPING:
rule = TAILQ_LAST(env->sc_rules_reload, rulelist);
tmp = env->sc_tables_dict;
env->sc_tables_dict = tables_dict;
rule->r_mapping = table_find(imsg->data, NULL);
if (rule->r_mapping == NULL)
fatalx("lka: tables inconsistency");
env->sc_tables_dict = tmp;
return;
case IMSG_CONF_RULE_USERS:
rule = TAILQ_LAST(env->sc_rules_reload, rulelist);
tmp = env->sc_tables_dict;
env->sc_tables_dict = tables_dict;
rule->r_userbase = table_find(imsg->data, NULL);
if (rule->r_userbase == NULL)
fatalx("lka: tables inconsistency");
env->sc_tables_dict = tmp;
return;
case IMSG_CONF_TABLE_CONTENT:
table = table_last;
if (table == NULL)
fatalx("lka: tables inconsistency");
key = imsg->data;
if (table->t_type == T_HASH)
val = key + strlen(key) + 1;
else
val = NULL;
dict_set(&table->t_dict, key,
val ? xstrdup(val, "lka:dict_set") : NULL);
return;
case IMSG_CONF_END:
if (env->sc_rules)
purge_config(PURGE_RULES);
if (env->sc_tables_dict) {
table_close_all();
purge_config(PURGE_TABLES);
}
env->sc_rules = env->sc_rules_reload;
env->sc_ssl_dict = ssl_dict;
env->sc_tables_dict = tables_dict;
if (verbose & TRACE_TABLES)
table_dump_all();
table_open_all();
ssl_dict = NULL;
table_last = NULL;
tables_dict = NULL;
/* Start fulfilling requests */
mproc_enable(p_mda);
mproc_enable(p_mta);
mproc_enable(p_smtp);
return;
case IMSG_CTL_VERBOSE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
log_verbose(v);
return;
case IMSG_CTL_PROFILE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
profiling = v;
return;
case IMSG_PARENT_FORWARD_OPEN:
lka_session_forward_reply(imsg->data, imsg->fd);
return;
case IMSG_LKA_AUTHENTICATE:
m_forward(p_smtp, imsg);
return;
}
}
if (p->proc == PROC_CONTROL) {
switch (imsg->hdr.type) {
case IMSG_LKA_UPDATE_TABLE:
table = table_find(imsg->data, NULL);
if (table == NULL) {
log_warnx("warn: Lookup table not found: "
"\"%s\"", (char *)imsg->data);
return;
}
table_update(table);
return;
}
}
errx(1, "lka_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
/* ARGSUSED */
void
control_dispatch_ext(int fd, short event, void *arg)
{
struct ctl_conn *c;
struct imsg imsg;
int n;
uid_t euid;
gid_t egid;
if (getpeereid(fd, &euid, &egid) == -1)
fatal("getpeereid");
if ((c = control_connbyfd(fd)) == NULL) {
log_warn("control_dispatch_ext: fd %d: not found", fd);
return;
}
if (event & EV_READ) {
if ((n = imsg_read(&c->iev.ibuf)) == -1 || n == 0) {
control_close(fd);
return;
}
}
if (event & EV_WRITE) {
if (msgbuf_write(&c->iev.ibuf.w) < 0) {
control_close(fd);
return;
}
}
for (;;) {
if ((n = imsg_get(&c->iev.ibuf, &imsg)) == -1) {
control_close(fd);
return;
}
if (n == 0)
break;
switch (imsg.hdr.type) {
case IMSG_SMTP_ENQUEUE:
if (env->sc_flags & (SMTPD_SMTP_PAUSED |
SMTPD_CONFIGURING | SMTPD_EXITING)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
imsg_compose_event(env->sc_ievs[PROC_SMTP],
IMSG_SMTP_ENQUEUE, fd, 0, -1, &euid, sizeof(euid));
break;
case IMSG_STATS:
if (euid)
goto badcred;
imsg_compose_event(&c->iev, IMSG_STATS, 0, 0, -1,
env->stats, sizeof(struct stats));
break;
case IMSG_CTL_SHUTDOWN:
/* NEEDS_FIX */
log_debug("received shutdown request");
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_EXITING) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
env->sc_flags |= SMTPD_EXITING;
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_CTL_VERBOSE: {
int verbose;
if (euid)
goto badcred;
if (IMSG_DATA_SIZE(&imsg) != sizeof(verbose))
goto badcred;
memcpy(&verbose, imsg.data, sizeof(verbose));
log_verbose(verbose);
imsg_compose_event(env->sc_ievs[PROC_PARENT], IMSG_CTL_VERBOSE,
0, 0, -1, &verbose, sizeof(verbose));
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
}
case IMSG_QUEUE_PAUSE_MDA:
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_MDA_PAUSED) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
env->sc_flags |= SMTPD_MDA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_PAUSE_MDA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_QUEUE_PAUSE_MTA:
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_MTA_PAUSED) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
env->sc_flags |= SMTPD_MTA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_PAUSE_MTA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_SMTP_PAUSE:
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_SMTP_PAUSED) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
env->sc_flags |= SMTPD_SMTP_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_SMTP], IMSG_SMTP_PAUSE,
0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_QUEUE_RESUME_MDA:
if (euid)
goto badcred;
if (! (env->sc_flags & SMTPD_MDA_PAUSED)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
env->sc_flags &= ~SMTPD_MDA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_RESUME_MDA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_QUEUE_RESUME_MTA:
if (euid)
goto badcred;
if (!(env->sc_flags & SMTPD_MTA_PAUSED)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
env->sc_flags &= ~SMTPD_MTA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_RESUME_MTA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_SMTP_RESUME:
if (euid)
goto badcred;
if (!(env->sc_flags & SMTPD_SMTP_PAUSED)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
env->sc_flags &= ~SMTPD_SMTP_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_SMTP], IMSG_SMTP_RESUME,
0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_RUNNER_SCHEDULE: {
u_int64_t ullval;
if (euid)
goto badcred;
ullval = *(u_int64_t *)imsg.data;
imsg_compose_event(env->sc_ievs[PROC_RUNNER], IMSG_RUNNER_SCHEDULE,
0, 0, -1, &ullval, sizeof(ullval));
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
}
case IMSG_RUNNER_REMOVE: {
u_int64_t ullval;
if (euid)
goto badcred;
ullval = *(u_int64_t *)imsg.data;
imsg_compose_event(env->sc_ievs[PROC_RUNNER], IMSG_RUNNER_REMOVE,
0, 0, -1, &ullval, sizeof(ullval));
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
}
default:
log_debug("control_dispatch_ext: "
"error handling %s imsg",
imsg_to_str(imsg.hdr.type));
break;
}
imsg_free(&imsg);
continue;
badcred:
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
}
imsg_event_add(&c->iev);
}
/* ARGSUSED */
static void
control_dispatch_ext(struct mproc *p, struct imsg *imsg)
{
struct ctl_conn *c;
int v;
struct stat_kv *kvp;
char *key;
struct stat_value val;
size_t len;
c = p->data;
if (imsg == NULL) {
control_close(c);
return;
}
if (imsg->hdr.peerid != IMSG_VERSION) {
m_compose(p, IMSG_CTL_FAIL, IMSG_VERSION, 0, -1, NULL, 0);
return;
}
switch (imsg->hdr.type) {
case IMSG_SMTP_ENQUEUE_FD:
if (env->sc_flags & (SMTPD_SMTP_PAUSED | SMTPD_EXITING)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
m_compose(p_smtp, IMSG_SMTP_ENQUEUE_FD, c->id, 0, -1,
&c->euid, sizeof(c->euid));
return;
case IMSG_STATS:
if (c->euid)
goto badcred;
m_compose(p, IMSG_STATS, 0, 0, -1, NULL, 0);
return;
case IMSG_DIGEST:
if (c->euid)
goto badcred;
digest.timestamp = time(NULL);
m_compose(p, IMSG_DIGEST, 0, 0, -1, &digest, sizeof digest);
return;
case IMSG_STATS_GET:
if (c->euid)
goto badcred;
kvp = imsg->data;
if (! stat_backend->iter(&kvp->iter, &key, &val))
kvp->iter = NULL;
else {
strlcpy(kvp->key, key, sizeof kvp->key);
kvp->val = val;
}
m_compose(p, IMSG_STATS_GET, 0, 0, -1, kvp, sizeof *kvp);
return;
case IMSG_CTL_SHUTDOWN:
/* NEEDS_FIX */
log_debug("debug: received shutdown request");
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_EXITING) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
env->sc_flags |= SMTPD_EXITING;
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
m_compose(p_parent, IMSG_CTL_SHUTDOWN, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_VERBOSE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
verbose = v;
log_verbose(verbose);
m_create(p_parent, IMSG_CTL_VERBOSE, 0, 0, -1);
m_add_int(p_parent, verbose);
m_close(p_parent);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_TRACE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
verbose |= v;
log_verbose(verbose);
m_create(p_parent, IMSG_CTL_TRACE, 0, 0, -1);
m_add_int(p_parent, v);
m_close(p_parent);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_UNTRACE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
verbose &= ~v;
log_verbose(verbose);
m_create(p_parent, IMSG_CTL_UNTRACE, 0, 0, -1);
m_add_int(p_parent, v);
m_close(p_parent);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PROFILE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
profiling |= v;
m_create(p_parent, IMSG_CTL_PROFILE, 0, 0, -1);
m_add_int(p_parent, v);
m_close(p_parent);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_UNPROFILE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
profiling &= ~v;
m_create(p_parent, IMSG_CTL_UNPROFILE, 0, 0, -1);
m_add_int(p_parent, v);
m_close(p_parent);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PAUSE_EVP:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_PAUSE_MDA:
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_MDA_PAUSED) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mda paused");
env->sc_flags |= SMTPD_MDA_PAUSED;
m_compose(p_queue, IMSG_CTL_PAUSE_MDA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PAUSE_MTA:
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_MTA_PAUSED) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mta paused");
env->sc_flags |= SMTPD_MTA_PAUSED;
m_compose(p_queue, IMSG_CTL_PAUSE_MTA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PAUSE_SMTP:
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_SMTP_PAUSED) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: smtp paused");
env->sc_flags |= SMTPD_SMTP_PAUSED;
m_compose(p_smtp, IMSG_CTL_PAUSE_SMTP, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_EVP:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_RESUME_MDA:
if (c->euid)
goto badcred;
if (! (env->sc_flags & SMTPD_MDA_PAUSED)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mda resumed");
env->sc_flags &= ~SMTPD_MDA_PAUSED;
m_compose(p_queue, IMSG_CTL_RESUME_MDA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_MTA:
if (c->euid)
goto badcred;
if (!(env->sc_flags & SMTPD_MTA_PAUSED)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mta resumed");
env->sc_flags &= ~SMTPD_MTA_PAUSED;
m_compose(p_queue, IMSG_CTL_RESUME_MTA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_SMTP:
if (c->euid)
goto badcred;
if (!(env->sc_flags & SMTPD_SMTP_PAUSED)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: smtp resumed");
env->sc_flags &= ~SMTPD_SMTP_PAUSED;
m_forward(p_smtp, imsg);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_ROUTE:
if (c->euid)
goto badcred;
m_forward(p_mta, imsg);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_LIST_MESSAGES:
if (c->euid)
goto badcred;
m_compose(p_scheduler, IMSG_CTL_LIST_MESSAGES, c->id, 0, -1,
imsg->data, imsg->hdr.len - sizeof(imsg->hdr));
return;
case IMSG_CTL_LIST_ENVELOPES:
if (c->euid)
goto badcred;
m_compose(p_scheduler, IMSG_CTL_LIST_ENVELOPES, c->id, 0, -1,
imsg->data, imsg->hdr.len - sizeof(imsg->hdr));
return;
case IMSG_CTL_MTA_SHOW_HOSTS:
case IMSG_CTL_MTA_SHOW_RELAYS:
case IMSG_CTL_MTA_SHOW_ROUTES:
case IMSG_CTL_MTA_SHOW_HOSTSTATS:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_mta, imsg);
return;
case IMSG_CTL_SCHEDULE:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_REMOVE:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_LKA_UPDATE_TABLE:
if (c->euid)
goto badcred;
/* table name too long */
len = strlen(imsg->data);
if (len >= SMTPD_MAXLINESIZE)
goto invalid;
m_forward(p_lka, imsg);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
default:
log_debug("debug: control_dispatch_ext: "
"error handling %s imsg",
imsg_to_str(imsg->hdr.type));
return;
}
badcred:
invalid:
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
}
static void
mfa_imsg(struct mproc *p, struct imsg *imsg)
{
struct sockaddr_storage local, remote;
struct mailaddr maddr;
struct msg m;
const char *line, *hostname;
uint64_t reqid;
int v;
if (p->proc == PROC_SMTP) {
switch (imsg->hdr.type) {
case IMSG_MFA_REQ_CONNECT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_sockaddr(&m, (struct sockaddr *)&local);
m_get_sockaddr(&m, (struct sockaddr *)&remote);
m_get_string(&m, &hostname);
m_end(&m);
mfa_filter_connect(reqid, (struct sockaddr *)&local,
(struct sockaddr *)&remote, hostname);
return;
case IMSG_MFA_REQ_HELO:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_string(&m, &line);
m_end(&m);
mfa_filter_line(reqid, HOOK_HELO, line);
return;
case IMSG_MFA_REQ_MAIL:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_mailaddr(&m, &maddr);
m_end(&m);
mfa_filter_mailaddr(reqid, HOOK_MAIL, &maddr);
return;
case IMSG_MFA_REQ_RCPT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_mailaddr(&m, &maddr);
m_end(&m);
mfa_filter_mailaddr(reqid, HOOK_RCPT, &maddr);
return;
case IMSG_MFA_REQ_DATA:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
mfa_filter(reqid, HOOK_DATA);
return;
case IMSG_MFA_REQ_EOM:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
mfa_filter(reqid, HOOK_EOM);
return;
case IMSG_MFA_SMTP_DATA:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_string(&m, &line);
m_end(&m);
mfa_filter_data(reqid, line);
return;
case IMSG_MFA_EVENT_RSET:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
mfa_filter_event(reqid, HOOK_RESET);
return;
case IMSG_MFA_EVENT_COMMIT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
mfa_filter_event(reqid, HOOK_COMMIT);
return;
case IMSG_MFA_EVENT_ROLLBACK:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
mfa_filter_event(reqid, HOOK_ROLLBACK);
return;
case IMSG_MFA_EVENT_DISCONNECT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
mfa_filter_event(reqid, HOOK_DISCONNECT);
return;
}
}
if (p->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CONF_START:
return;
case IMSG_CONF_FILTER:
return;
case IMSG_CONF_END:
mfa_filter_init();
return;
case IMSG_CTL_VERBOSE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
log_verbose(v);
return;
case IMSG_CTL_PROFILE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
profiling = v;
return;
}
}
errx(1, "mfa_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
void
mta_session_imsg(struct imsgev *iev, struct imsg *imsg)
{
uint64_t id;
struct mta_session *s;
struct mta_host *host;
struct secret *secret;
struct dns *dns;
const char *error;
void *ptr;
switch(imsg->hdr.type) {
case IMSG_QUEUE_MESSAGE_FD:
id = *(uint64_t*)(imsg->data);
if (imsg->fd == -1)
fatalx("mta: cannot obtain msgfd");
s = tree_xget(&sessions, id);
s->datafp = fdopen(imsg->fd, "r");
if (s->datafp == NULL)
fatal("mta: fdopen");
if (mta_check_loop(s->datafp)) {
log_debug("mta: loop detected");
fclose(s->datafp);
s->datafp = NULL;
mta_status(s, 0, "646 Loop detected");
mta_enter_state(s, MTA_SMTP_READY);
} else {
mta_enter_state(s, MTA_SMTP_MAIL);
}
return;
case IMSG_LKA_SECRET:
/* LKA responded to AUTH lookup. */
secret = imsg->data;
s = tree_xget(&sessions, secret->id);
s->secret = xstrdup(secret->secret, "mta: secret");
if (s->secret[0] == '\0') {
mta_route_error(s->route, "secrets lookup failed");
mta_enter_state(s, MTA_DONE);
} else
mta_enter_state(s, MTA_MX);
return;
case IMSG_DNS_HOST:
dns = imsg->data;
s = tree_xget(&sessions, dns->id);
host = xcalloc(1, sizeof *host, "mta: host");
host->sa = dns->ss;
TAILQ_INSERT_TAIL(&s->hosts, host, entry);
return;
case IMSG_DNS_HOST_END:
/* LKA responded to DNS lookup. */
dns = imsg->data;
s = tree_xget(&sessions, dns->id);
if (!dns->error) {
mta_enter_state(s, MTA_CONNECT);
return;
}
if (dns->error == DNS_RETRY)
error = "100 MX lookup failed temporarily";
else if (dns->error == DNS_EINVAL)
error = "600 Invalid domain name";
else if (dns->error == DNS_ENONAME)
error = "600 Domain does not exist";
else if (dns->error == DNS_ENOTFOUND)
error = "600 No MX address found for domain";
else
error = "100 Weird error";
mta_route_error(s->route, error);
mta_enter_state(s, MTA_CONNECT);
return;
case IMSG_DNS_PTR:
dns = imsg->data;
s = tree_xget(&sessions, dns->id);
host = TAILQ_FIRST(&s->hosts);
if (dns->error)
strlcpy(host->fqdn, "<unknown>", sizeof host->fqdn);
else
strlcpy(host->fqdn, dns->host, sizeof host->fqdn);
log_debug("mta: %p: connected to %s", s, host->fqdn);
/* check if we need to start tls now... */
if (((s->flags & MTA_FORCE_ANYSSL) && host->used == 1) ||
(s->flags & MTA_FORCE_SMTPS)) {
log_debug("mta: %p: trying smtps (ssl=%p)...", s, s->ssl);
if ((ptr = ssl_mta_init(s->ssl)) == NULL)
fatalx("mta: ssl_mta_init");
io_start_tls(&s->io, ptr);
} else {
mta_enter_state(s, MTA_SMTP_BANNER);
}
break;
default:
errx(1, "mta_session_imsg: unexpected %s imsg",
imsg_to_str(imsg->hdr.type));
}
}
void
mta_imsg(struct imsgev *iev, struct imsg *imsg)
{
struct mta_route *route;
struct mta_batch2 *batch;
struct mta_task *task;
struct envelope *e;
struct ssl *ssl;
uint64_t id;
if (iev->proc == PROC_QUEUE) {
switch (imsg->hdr.type) {
case IMSG_BATCH_CREATE:
id = *(uint64_t*)(imsg->data);
batch = xmalloc(sizeof *batch, "mta_batch");
batch->id = id;
tree_init(&batch->tasks);
tree_xset(&batches, batch->id, batch);
log_trace(TRACE_MTA,
"mta: batch:%016" PRIx64 " created", batch->id);
return;
case IMSG_BATCH_APPEND:
e = xmemdup(imsg->data, sizeof *e, "mta:envelope");
route = mta_route_for(e);
batch = tree_xget(&batches, e->batch_id);
if ((task = tree_get(&batch->tasks, route->id)) == NULL) {
log_trace(TRACE_MTA, "mta: new task for %s",
mta_route_to_text(route));
task = xmalloc(sizeof *task, "mta_task");
TAILQ_INIT(&task->envelopes);
task->route = route;
tree_xset(&batch->tasks, route->id, task);
task->msgid = evpid_to_msgid(e->id);
task->sender = e->sender;
route->refcount += 1;
}
/* Technically, we could handle that by adding a msg
* level, but the batch sent by the scheduler should
* be valid.
*/
if (task->msgid != evpid_to_msgid(e->id))
errx(1, "msgid mismatch in batch");
/* XXX honour route->maxrcpt */
TAILQ_INSERT_TAIL(&task->envelopes, e, entry);
stat_increment("mta.envelope", 1);
log_debug("mta: received evp:%016" PRIx64 " for <%s@%s>",
e->id, e->dest.user, e->dest.domain);
return;
case IMSG_BATCH_CLOSE:
id = *(uint64_t*)(imsg->data);
batch = tree_xpop(&batches, id);
log_trace(TRACE_MTA, "mta: batch:%016" PRIx64 " closed",
batch->id);
/* for all tasks, queue them on there route */
while (tree_poproot(&batch->tasks, &id, (void**)&task)) {
if (id != task->route->id)
errx(1, "route id mismatch!");
task->route->refcount -= 1;
task->route->ntask += 1;
TAILQ_INSERT_TAIL(&task->route->tasks, task, entry);
stat_increment("mta.task", 1);
mta_route_drain(task->route);
}
free(batch);
return;
case IMSG_QUEUE_MESSAGE_FD:
mta_session_imsg(iev, imsg);
return;
}
}
if (iev->proc == PROC_LKA) {
switch (imsg->hdr.type) {
case IMSG_LKA_SECRET:
case IMSG_DNS_HOST:
case IMSG_DNS_HOST_END:
case IMSG_DNS_PTR:
mta_session_imsg(iev, imsg);
return;
}
}
if (iev->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CONF_START:
if (env->sc_flags & SMTPD_CONFIGURING)
return;
env->sc_flags |= SMTPD_CONFIGURING;
env->sc_ssl = xcalloc(1, sizeof *env->sc_ssl, "mta:sc_ssl");
return;
case IMSG_CONF_SSL:
if (!(env->sc_flags & SMTPD_CONFIGURING))
return;
ssl = xmemdup(imsg->data, sizeof *ssl, "mta:ssl");
ssl->ssl_cert = xstrdup((char*)imsg->data + sizeof *ssl,
"mta:ssl_cert");
ssl->ssl_key = xstrdup((char*)imsg->data +
sizeof *ssl + ssl->ssl_cert_len, "mta:ssl_key");
SPLAY_INSERT(ssltree, env->sc_ssl, ssl);
return;
case IMSG_CONF_END:
if (!(env->sc_flags & SMTPD_CONFIGURING))
return;
env->sc_flags &= ~SMTPD_CONFIGURING;
return;
case IMSG_CTL_VERBOSE:
log_verbose(*(int *)imsg->data);
return;
}
}
errx(1, "mta_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
/* ARGSUSED */
static void
control_dispatch_ext(int fd, short event, void *arg)
{
struct ctl_conn *c;
struct imsg imsg;
int n, verbose;
uid_t euid;
gid_t egid;
uint64_t id;
struct stat_kv *kvp;
char *key;
struct stat_value val;
size_t len;
if (getpeereid(fd, &euid, &egid) == -1)
fatal("getpeereid");
if ((c = control_connbyfd(fd)) == NULL) {
log_warn("control_dispatch_ext: fd %d: not found", fd);
return;
}
if (event & EV_READ) {
if ((n = imsg_read(&c->iev.ibuf)) == -1 || n == 0) {
control_close(c);
return;
}
}
if (event & EV_WRITE) {
if (msgbuf_write(&c->iev.ibuf.w) < 0) {
control_close(c);
return;
}
}
for (;;) {
if ((n = imsg_get(&c->iev.ibuf, &imsg)) == -1) {
control_close(c);
return;
}
if (n == 0)
break;
switch (imsg.hdr.type) {
case IMSG_SMTP_ENQUEUE:
if (env->sc_flags & (SMTPD_SMTP_PAUSED |
SMTPD_CONFIGURING | SMTPD_EXITING)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
imsg_compose_event(env->sc_ievs[PROC_SMTP],
IMSG_SMTP_ENQUEUE, fd, 0, -1, &euid, sizeof(euid));
break;
case IMSG_STATS:
if (euid)
goto badcred;
imsg_compose_event(&c->iev, IMSG_STATS, 0, 0, -1, NULL, 0);
break;
case IMSG_STATS_GET:
if (euid)
goto badcred;
kvp = imsg.data;
if (! stat_backend->iter(&kvp->iter, &key, &val))
kvp->iter = NULL;
else {
strlcpy(kvp->key, key, sizeof kvp->key);
kvp->val = val;
}
imsg_compose_event(&c->iev, IMSG_STATS_GET, 0, 0, -1,
kvp, sizeof *kvp);
break;
case IMSG_CTL_SHUTDOWN:
/* NEEDS_FIX */
log_debug("received shutdown request");
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_EXITING) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0,
-1, NULL, 0);
break;
}
env->sc_flags |= SMTPD_EXITING;
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1,
NULL, 0);
imsg_compose_event(env->sc_ievs[PROC_PARENT],
IMSG_CTL_SHUTDOWN, 0, 0, -1, NULL, 0);
break;
case IMSG_CTL_VERBOSE:
if (euid)
goto badcred;
if (imsg.hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&verbose, imsg.data, sizeof(verbose));
log_verbose(verbose);
imsg_compose_event(env->sc_ievs[PROC_PARENT], IMSG_CTL_VERBOSE,
0, 0, -1, &verbose, sizeof(verbose));
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_QUEUE_PAUSE_MDA:
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_MDA_PAUSED) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
log_info("mda paused");
env->sc_flags |= SMTPD_MDA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_PAUSE_MDA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_QUEUE_PAUSE_MTA:
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_MTA_PAUSED) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
log_info("mta paused");
env->sc_flags |= SMTPD_MTA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_PAUSE_MTA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_SMTP_PAUSE:
if (euid)
goto badcred;
if (env->sc_flags & SMTPD_SMTP_PAUSED) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
log_info("smtp paused");
env->sc_flags |= SMTPD_SMTP_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_SMTP], IMSG_SMTP_PAUSE,
0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_QUEUE_RESUME_MDA:
if (euid)
goto badcred;
if (! (env->sc_flags & SMTPD_MDA_PAUSED)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
log_info("mda resumed");
env->sc_flags &= ~SMTPD_MDA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_RESUME_MDA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_QUEUE_RESUME_MTA:
if (euid)
goto badcred;
if (!(env->sc_flags & SMTPD_MTA_PAUSED)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
log_info("mta resumed");
env->sc_flags &= ~SMTPD_MTA_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_RESUME_MTA, 0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_SMTP_RESUME:
if (euid)
goto badcred;
if (!(env->sc_flags & SMTPD_SMTP_PAUSED)) {
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
break;
}
log_info("smtp resumed");
env->sc_flags &= ~SMTPD_SMTP_PAUSED;
imsg_compose_event(env->sc_ievs[PROC_SMTP], IMSG_SMTP_RESUME,
0, 0, -1, NULL, 0);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
break;
case IMSG_SCHEDULER_SCHEDULE:
if (euid)
goto badcred;
id = *(uint64_t *)imsg.data;
imsg_compose_event(env->sc_ievs[PROC_SCHEDULER],
IMSG_SCHEDULER_SCHEDULE, 0, 0, -1, &id, sizeof id);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1,
NULL, 0);
break;
case IMSG_SCHEDULER_REMOVE:
if (euid)
goto badcred;
id = *(uint64_t *)imsg.data;
imsg_compose_event(env->sc_ievs[PROC_SCHEDULER],
IMSG_SCHEDULER_REMOVE, 0, 0, -1, &id, sizeof id);
imsg_compose_event(&c->iev, IMSG_CTL_OK, 0, 0, -1,
NULL, 0);
break;
case IMSG_LKA_UPDATE_MAP:
if (euid)
goto badcred;
/* map name too long */
len = strlen(imsg.data);
if (len >= MAX_LINE_SIZE)
goto invalid;
imsg_compose_event(env->sc_ievs[PROC_LKA], IMSG_LKA_UPDATE_MAP,
0, 0, -1, imsg.data, len + 1);
break;
default:
log_debug("control_dispatch_ext: "
"error handling %s imsg",
imsg_to_str(imsg.hdr.type));
break;
}
imsg_free(&imsg);
continue;
badcred:
invalid:
imsg_compose_event(&c->iev, IMSG_CTL_FAIL, 0, 0, -1,
NULL, 0);
}
imsg_event_add(&c->iev);
}
void
pony_imsg(struct mproc *p, struct imsg *imsg)
{
struct msg m;
int v;
switch (imsg->hdr.type) {
case IMSG_CONF_START:
return;
case IMSG_CONF_END:
filter_configure();
return;
case IMSG_CTL_VERBOSE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
log_verbose(v);
return;
case IMSG_CTL_PROFILE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
profiling = v;
return;
/* smtp imsg */
case IMSG_SMTP_DNS_PTR:
case IMSG_SMTP_CHECK_SENDER:
case IMSG_SMTP_EXPAND_RCPT:
case IMSG_SMTP_LOOKUP_HELO:
case IMSG_SMTP_AUTHENTICATE:
case IMSG_SMTP_SSL_INIT:
case IMSG_SMTP_SSL_VERIFY:
case IMSG_SMTP_MESSAGE_COMMIT:
case IMSG_SMTP_MESSAGE_CREATE:
case IMSG_SMTP_MESSAGE_OPEN:
case IMSG_QUEUE_ENVELOPE_SUBMIT:
case IMSG_QUEUE_ENVELOPE_COMMIT:
case IMSG_QUEUE_SMTP_SESSION:
case IMSG_CTL_SMTP_SESSION:
case IMSG_CTL_PAUSE_SMTP:
case IMSG_CTL_RESUME_SMTP:
smtp_imsg(p, imsg);
return;
/* mta imsg */
case IMSG_QUEUE_TRANSFER:
case IMSG_MTA_OPEN_MESSAGE:
case IMSG_MTA_LOOKUP_CREDENTIALS:
case IMSG_MTA_LOOKUP_SOURCE:
case IMSG_MTA_LOOKUP_HELO:
case IMSG_MTA_DNS_HOST:
case IMSG_MTA_DNS_HOST_END:
case IMSG_MTA_DNS_MX_PREFERENCE:
case IMSG_MTA_DNS_PTR:
case IMSG_MTA_SSL_INIT:
case IMSG_MTA_SSL_VERIFY:
case IMSG_CTL_RESUME_ROUTE:
case IMSG_CTL_MTA_SHOW_HOSTS:
case IMSG_CTL_MTA_SHOW_RELAYS:
case IMSG_CTL_MTA_SHOW_ROUTES:
case IMSG_CTL_MTA_SHOW_HOSTSTATS:
case IMSG_CTL_MTA_BLOCK:
case IMSG_CTL_MTA_UNBLOCK:
case IMSG_CTL_MTA_SHOW_BLOCK:
mta_imsg(p, imsg);
return;
/* mda imsg */
case IMSG_MDA_LOOKUP_USERINFO:
case IMSG_QUEUE_DELIVER:
case IMSG_MDA_OPEN_MESSAGE:
case IMSG_MDA_FORK:
case IMSG_MDA_DONE:
mda_imsg(p, imsg);
return;
default:
break;
}
errx(1, "session_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
/* ARGSUSED */
static void
control_dispatch_ext(struct mproc *p, struct imsg *imsg)
{
struct sockaddr_storage ss;
struct ctl_conn *c;
int v;
struct stat_kv *kvp;
char *key;
struct stat_value val;
size_t len;
uint64_t evpid;
uint32_t msgid;
c = p->data;
if (imsg == NULL) {
control_close(c);
return;
}
if (imsg->hdr.peerid != IMSG_VERSION) {
m_compose(p, IMSG_CTL_FAIL, IMSG_VERSION, 0, -1, NULL, 0);
return;
}
switch (imsg->hdr.type) {
case IMSG_CTL_SMTP_SESSION:
if (env->sc_flags & (SMTPD_SMTP_PAUSED | SMTPD_EXITING)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
m_compose(p_pony, IMSG_CTL_SMTP_SESSION, c->id, 0, -1,
&c->euid, sizeof(c->euid));
return;
case IMSG_CTL_GET_DIGEST:
if (c->euid)
goto badcred;
digest.timestamp = time(NULL);
m_compose(p, IMSG_CTL_GET_DIGEST, 0, 0, -1, &digest, sizeof digest);
return;
case IMSG_CTL_GET_STATS:
if (c->euid)
goto badcred;
kvp = imsg->data;
if (! stat_backend->iter(&kvp->iter, &key, &val))
kvp->iter = NULL;
else {
(void)strlcpy(kvp->key, key, sizeof kvp->key);
kvp->val = val;
}
m_compose(p, IMSG_CTL_GET_STATS, 0, 0, -1, kvp, sizeof *kvp);
return;
case IMSG_CTL_SHUTDOWN:
/* NEEDS_FIX */
log_debug("debug: received shutdown request");
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_EXITING) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
env->sc_flags |= SMTPD_EXITING;
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
m_compose(p_parent, IMSG_CTL_SHUTDOWN, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_VERBOSE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
verbose = v;
log_verbose(verbose);
control_broadcast_verbose(IMSG_CTL_VERBOSE, verbose);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_TRACE_ENABLE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
verbose |= v;
log_verbose(verbose);
control_broadcast_verbose(IMSG_CTL_VERBOSE, verbose);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_TRACE_DISABLE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
verbose &= ~v;
log_verbose(verbose);
control_broadcast_verbose(IMSG_CTL_VERBOSE, verbose);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PROFILE_ENABLE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
profiling |= v;
control_broadcast_verbose(IMSG_CTL_PROFILE, profiling);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PROFILE_DISABLE:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof(verbose))
goto badcred;
memcpy(&v, imsg->data, sizeof(v));
profiling &= ~v;
control_broadcast_verbose(IMSG_CTL_PROFILE, profiling);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PAUSE_EVP:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_PAUSE_MDA:
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_MDA_PAUSED) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mda paused");
env->sc_flags |= SMTPD_MDA_PAUSED;
m_compose(p_queue, IMSG_CTL_PAUSE_MDA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PAUSE_MTA:
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_MTA_PAUSED) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mta paused");
env->sc_flags |= SMTPD_MTA_PAUSED;
m_compose(p_queue, IMSG_CTL_PAUSE_MTA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_PAUSE_SMTP:
if (c->euid)
goto badcred;
if (env->sc_flags & SMTPD_SMTP_PAUSED) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: smtp paused");
env->sc_flags |= SMTPD_SMTP_PAUSED;
m_compose(p_pony, IMSG_CTL_PAUSE_SMTP, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_EVP:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_RESUME_MDA:
if (c->euid)
goto badcred;
if (! (env->sc_flags & SMTPD_MDA_PAUSED)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mda resumed");
env->sc_flags &= ~SMTPD_MDA_PAUSED;
m_compose(p_queue, IMSG_CTL_RESUME_MDA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_MTA:
if (c->euid)
goto badcred;
if (!(env->sc_flags & SMTPD_MTA_PAUSED)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: mta resumed");
env->sc_flags &= ~SMTPD_MTA_PAUSED;
m_compose(p_queue, IMSG_CTL_RESUME_MTA, 0, 0, -1, NULL, 0);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_SMTP:
if (c->euid)
goto badcred;
if (!(env->sc_flags & SMTPD_SMTP_PAUSED)) {
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
return;
}
log_info("info: smtp resumed");
env->sc_flags &= ~SMTPD_SMTP_PAUSED;
m_forward(p_pony, imsg);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_RESUME_ROUTE:
if (c->euid)
goto badcred;
m_forward(p_pony, imsg);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_LIST_MESSAGES:
if (c->euid)
goto badcred;
m_compose(p_scheduler, IMSG_CTL_LIST_MESSAGES, c->id, 0, -1,
imsg->data, imsg->hdr.len - sizeof(imsg->hdr));
return;
case IMSG_CTL_LIST_ENVELOPES:
if (c->euid)
goto badcred;
m_compose(p_scheduler, IMSG_CTL_LIST_ENVELOPES, c->id, 0, -1,
imsg->data, imsg->hdr.len - sizeof(imsg->hdr));
return;
case IMSG_CTL_MTA_SHOW_HOSTS:
case IMSG_CTL_MTA_SHOW_RELAYS:
case IMSG_CTL_MTA_SHOW_ROUTES:
case IMSG_CTL_MTA_SHOW_HOSTSTATS:
case IMSG_CTL_MTA_SHOW_BLOCK:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_pony, imsg);
return;
case IMSG_CTL_SHOW_STATUS:
if (c->euid)
goto badcred;
m_compose(p, IMSG_CTL_SHOW_STATUS, 0, 0, -1, &env->sc_flags,
sizeof(env->sc_flags));
return;
case IMSG_CTL_MTA_BLOCK:
case IMSG_CTL_MTA_UNBLOCK:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE <= sizeof(ss))
goto invalid;
memmove(&ss, imsg->data, sizeof(ss));
m_create(p_pony, imsg->hdr.type, c->id, 0, -1);
m_add_sockaddr(p_pony, (struct sockaddr *)&ss);
m_add_string(p_pony, (char *)imsg->data + sizeof(ss));
m_close(p_pony);
return;
case IMSG_CTL_SCHEDULE:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_REMOVE:
if (c->euid)
goto badcred;
imsg->hdr.peerid = c->id;
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_UPDATE_TABLE:
if (c->euid)
goto badcred;
/* table name too long */
len = strlen(imsg->data);
if (len >= LINE_MAX)
goto invalid;
m_forward(p_lka, imsg);
m_compose(p, IMSG_CTL_OK, 0, 0, -1, NULL, 0);
return;
case IMSG_CTL_DISCOVER_EVPID:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof evpid)
goto invalid;
memmove(&evpid, imsg->data, sizeof evpid);
m_create(p_queue, imsg->hdr.type, c->id, 0, -1);
m_add_evpid(p_queue, evpid);
m_close(p_queue);
return;
case IMSG_CTL_DISCOVER_MSGID:
case IMSG_CTL_UNCORRUPT_MSGID:
if (c->euid)
goto badcred;
if (imsg->hdr.len - IMSG_HEADER_SIZE != sizeof msgid)
goto invalid;
memmove(&msgid, imsg->data, sizeof msgid);
m_create(p_queue, imsg->hdr.type, c->id, 0, -1);
m_add_msgid(p_queue, msgid);
m_close(p_queue);
return;
default:
log_debug("debug: control_dispatch_ext: "
"error handling %s imsg",
imsg_to_str(imsg->hdr.type));
return;
}
badcred:
invalid:
m_compose(p, IMSG_CTL_FAIL, 0, 0, -1, NULL, 0);
}
static void
control_imsg(struct mproc *p, struct imsg *imsg)
{
struct ctl_conn *c;
struct stat_value val;
struct msg m;
const char *key;
const void *data;
size_t sz;
if (p->proc == PROC_PONY) {
switch (imsg->hdr.type) {
case IMSG_CTL_SMTP_SESSION:
c = tree_get(&ctl_conns, imsg->hdr.peerid);
if (c == NULL)
return;
m_compose(&c->mproc, IMSG_CTL_OK, 0, 0, imsg->fd,
NULL, 0);
return;
}
}
if (p->proc == PROC_SCHEDULER) {
switch (imsg->hdr.type) {
case IMSG_CTL_OK:
case IMSG_CTL_FAIL:
case IMSG_CTL_LIST_MESSAGES:
c = tree_get(&ctl_conns, imsg->hdr.peerid);
if (c == NULL)
return;
imsg->hdr.peerid = 0;
m_forward(&c->mproc, imsg);
return;
}
}
if (p->proc == PROC_QUEUE) {
switch (imsg->hdr.type) {
case IMSG_CTL_LIST_ENVELOPES:
case IMSG_CTL_DISCOVER_EVPID:
case IMSG_CTL_DISCOVER_MSGID:
case IMSG_CTL_UNCORRUPT_MSGID:
c = tree_get(&ctl_conns, imsg->hdr.peerid);
if (c == NULL)
return;
m_forward(&c->mproc, imsg);
return;
}
}
if (p->proc == PROC_PONY) {
switch (imsg->hdr.type) {
case IMSG_CTL_OK:
case IMSG_CTL_FAIL:
case IMSG_CTL_MTA_SHOW_HOSTS:
case IMSG_CTL_MTA_SHOW_RELAYS:
case IMSG_CTL_MTA_SHOW_ROUTES:
case IMSG_CTL_MTA_SHOW_HOSTSTATS:
case IMSG_CTL_MTA_SHOW_BLOCK:
c = tree_get(&ctl_conns, imsg->hdr.peerid);
if (c == NULL)
return;
imsg->hdr.peerid = 0;
m_forward(&c->mproc, imsg);
return;
}
}
switch (imsg->hdr.type) {
case IMSG_STAT_INCREMENT:
m_msg(&m, imsg);
m_get_string(&m, &key);
m_get_data(&m, &data, &sz);
m_end(&m);
memmove(&val, data, sz);
if (stat_backend)
stat_backend->increment(key, val.u.counter);
control_digest_update(key, val.u.counter, 1);
return;
case IMSG_STAT_DECREMENT:
m_msg(&m, imsg);
m_get_string(&m, &key);
m_get_data(&m, &data, &sz);
m_end(&m);
memmove(&val, data, sz);
if (stat_backend)
stat_backend->decrement(key, val.u.counter);
control_digest_update(key, val.u.counter, 0);
return;
case IMSG_STAT_SET:
m_msg(&m, imsg);
m_get_string(&m, &key);
m_get_data(&m, &data, &sz);
m_end(&m);
memmove(&val, data, sz);
if (stat_backend)
stat_backend->set(key, &val);
return;
}
errx(1, "control_imsg: unexpected %s imsg",
imsg_to_str(imsg->hdr.type));
}
void
ca_imsg(struct mproc *p, struct imsg *imsg)
{
RSA *rsa;
const void *from = NULL;
unsigned char *to = NULL;
struct msg m;
const char *pkiname;
size_t flen, tlen, padding;
struct pki *pki;
int ret = 0;
uint64_t id;
int v;
if (p->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CONF_START:
return;
case IMSG_CONF_END:
ca_init();
/* Start fulfilling requests */
mproc_enable(p_pony);
return;
}
}
if (p->proc == PROC_CONTROL) {
switch (imsg->hdr.type) {
case IMSG_CTL_VERBOSE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
log_verbose(v);
return;
case IMSG_CTL_PROFILE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
profiling = v;
return;
}
}
if (p->proc == PROC_PONY) {
switch (imsg->hdr.type) {
case IMSG_CA_PRIVENC:
case IMSG_CA_PRIVDEC:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_string(&m, &pkiname);
m_get_data(&m, &from, &flen);
m_get_size(&m, &tlen);
m_get_size(&m, &padding);
m_end(&m);
pki = dict_get(env->sc_pki_dict, pkiname);
if (pki == NULL || pki->pki_pkey == NULL ||
(rsa = EVP_PKEY_get1_RSA(pki->pki_pkey)) == NULL)
fatalx("ca_imsg: invalid pki");
if ((to = calloc(1, tlen)) == NULL)
fatalx("ca_imsg: calloc");
switch (imsg->hdr.type) {
case IMSG_CA_PRIVENC:
ret = RSA_private_encrypt(flen, from, to, rsa,
padding);
break;
case IMSG_CA_PRIVDEC:
ret = RSA_private_decrypt(flen, from, to, rsa,
padding);
break;
}
m_create(p, imsg->hdr.type, 0, 0, -1);
m_add_id(p, id);
m_add_int(p, ret);
if (ret > 0)
m_add_data(p, to, (size_t)ret);
m_close(p);
free(to);
RSA_free(rsa);
return;
}
}
errx(1, "ca_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
static void
queue_imsg(struct mproc *p, struct imsg *imsg)
{
struct delivery_bounce bounce;
struct bounce_req_msg *req_bounce;
struct envelope evp;
struct msg m;
const char *reason;
uint64_t reqid, evpid, holdq;
uint32_t msgid;
time_t nexttry;
int fd, mta_ext, ret, v, flags, code;
memset(&bounce, 0, sizeof(struct delivery_bounce));
if (p->proc == PROC_PONY) {
switch (imsg->hdr.type) {
case IMSG_SMTP_MESSAGE_CREATE:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
ret = queue_message_create(&msgid);
m_create(p, IMSG_SMTP_MESSAGE_CREATE, 0, 0, -1);
m_add_id(p, reqid);
if (ret == 0)
m_add_int(p, 0);
else {
m_add_int(p, 1);
m_add_msgid(p, msgid);
}
m_close(p);
return;
case IMSG_SMTP_MESSAGE_ROLLBACK:
m_msg(&m, imsg);
m_get_msgid(&m, &msgid);
m_end(&m);
queue_message_delete(msgid);
m_create(p_scheduler, IMSG_QUEUE_MESSAGE_ROLLBACK,
0, 0, -1);
m_add_msgid(p_scheduler, msgid);
m_close(p_scheduler);
return;
case IMSG_SMTP_MESSAGE_COMMIT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_msgid(&m, &msgid);
m_end(&m);
ret = queue_message_commit(msgid);
m_create(p, IMSG_SMTP_MESSAGE_COMMIT, 0, 0, -1);
m_add_id(p, reqid);
m_add_int(p, (ret == 0) ? 0 : 1);
m_close(p);
if (ret) {
m_create(p_scheduler, IMSG_QUEUE_MESSAGE_COMMIT,
0, 0, -1);
m_add_msgid(p_scheduler, msgid);
m_close(p_scheduler);
}
return;
case IMSG_SMTP_MESSAGE_OPEN:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_msgid(&m, &msgid);
m_end(&m);
fd = queue_message_fd_rw(msgid);
m_create(p, IMSG_SMTP_MESSAGE_OPEN, 0, 0, fd);
m_add_id(p, reqid);
m_add_int(p, (fd == -1) ? 0 : 1);
m_close(p);
return;
case IMSG_QUEUE_SMTP_SESSION:
bounce_fd(imsg->fd);
return;
}
}
if (p->proc == PROC_LKA) {
switch (imsg->hdr.type) {
case IMSG_LKA_ENVELOPE_SUBMIT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_envelope(&m, &evp);
m_end(&m);
if (evp.id == 0)
log_warnx("warn: imsg_queue_submit_envelope: evpid=0");
if (evpid_to_msgid(evp.id) == 0)
log_warnx("warn: imsg_queue_submit_envelope: msgid=0, "
"evpid=%016"PRIx64, evp.id);
ret = queue_envelope_create(&evp);
m_create(p_pony, IMSG_QUEUE_ENVELOPE_SUBMIT, 0, 0, -1);
m_add_id(p_pony, reqid);
if (ret == 0)
m_add_int(p_pony, 0);
else {
m_add_int(p_pony, 1);
m_add_evpid(p_pony, evp.id);
}
m_close(p_pony);
if (ret) {
m_create(p_scheduler,
IMSG_QUEUE_ENVELOPE_SUBMIT, 0, 0, -1);
m_add_envelope(p_scheduler, &evp);
m_close(p_scheduler);
}
return;
case IMSG_LKA_ENVELOPE_COMMIT:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_end(&m);
m_create(p_pony, IMSG_QUEUE_ENVELOPE_COMMIT, 0, 0, -1);
m_add_id(p_pony, reqid);
m_add_int(p_pony, 1);
m_close(p_pony);
return;
}
}
if (p->proc == PROC_SCHEDULER) {
switch (imsg->hdr.type) {
case IMSG_SCHED_ENVELOPE_REMOVE:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_end(&m);
/* already removed by scheduler */
if (queue_envelope_load(evpid, &evp) == 0)
return;
queue_log(&evp, "Remove", "Removed by administrator");
queue_envelope_delete(evpid);
return;
case IMSG_SCHED_ENVELOPE_EXPIRE:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_end(&m);
/* already removed by scheduler*/
if (queue_envelope_load(evpid, &evp) == 0)
return;
bounce.type = B_ERROR;
envelope_set_errormsg(&evp, "Envelope expired");
envelope_set_esc_class(&evp, ESC_STATUS_TEMPFAIL);
envelope_set_esc_code(&evp, ESC_DELIVERY_TIME_EXPIRED);
queue_bounce(&evp, &bounce);
queue_log(&evp, "Expire", "Envelope expired");
queue_envelope_delete(evpid);
return;
case IMSG_SCHED_ENVELOPE_BOUNCE:
req_bounce = imsg->data;
evpid = req_bounce->evpid;
if (queue_envelope_load(evpid, &evp) == 0) {
log_warnx("queue: bounce: failed to load envelope");
m_create(p_scheduler, IMSG_QUEUE_ENVELOPE_REMOVE, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_add_u32(p_scheduler, 0); /* not in-flight */
m_close(p_scheduler);
return;
}
queue_bounce(&evp, &req_bounce->bounce);
evp.lastbounce = req_bounce->timestamp;
if (!queue_envelope_update(&evp))
log_warnx("warn: could not update envelope %016"PRIx64, evpid);
return;
case IMSG_SCHED_ENVELOPE_DELIVER:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_end(&m);
if (queue_envelope_load(evpid, &evp) == 0) {
log_warnx("queue: deliver: failed to load envelope");
m_create(p_scheduler, IMSG_QUEUE_ENVELOPE_REMOVE, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_add_u32(p_scheduler, 1); /* in-flight */
m_close(p_scheduler);
return;
}
evp.lasttry = time(NULL);
m_create(p_pony, IMSG_QUEUE_DELIVER, 0, 0, -1);
m_add_envelope(p_pony, &evp);
m_close(p_pony);
return;
case IMSG_SCHED_ENVELOPE_INJECT:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_end(&m);
bounce_add(evpid);
return;
case IMSG_SCHED_ENVELOPE_TRANSFER:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_end(&m);
if (queue_envelope_load(evpid, &evp) == 0) {
log_warnx("queue: failed to load envelope");
m_create(p_scheduler, IMSG_QUEUE_ENVELOPE_REMOVE, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_add_u32(p_scheduler, 1); /* in-flight */
m_close(p_scheduler);
return;
}
evp.lasttry = time(NULL);
m_create(p_pony, IMSG_QUEUE_TRANSFER, 0, 0, -1);
m_add_envelope(p_pony, &evp);
m_close(p_pony);
return;
case IMSG_CTL_LIST_ENVELOPES:
if (imsg->hdr.len == sizeof imsg->hdr) {
m_forward(p_control, imsg);
return;
}
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_get_int(&m, &flags);
m_get_time(&m, &nexttry);
m_end(&m);
if (queue_envelope_load(evpid, &evp) == 0)
return; /* Envelope is gone, drop it */
/*
* XXX consistency: The envelope might already be on
* its way back to the scheduler. We need to detect
* this properly and report that state.
*/
evp.flags |= flags;
/* In the past if running or runnable */
evp.nexttry = nexttry;
if (flags & EF_INFLIGHT) {
/*
* Not exactly correct but pretty close: The
* value is not recorded on the envelope unless
* a tempfail occurs.
*/
evp.lasttry = nexttry;
}
m_compose(p_control, IMSG_CTL_LIST_ENVELOPES,
imsg->hdr.peerid, 0, -1, &evp, sizeof evp);
return;
}
}
if (p->proc == PROC_PONY) {
switch (imsg->hdr.type) {
case IMSG_MDA_OPEN_MESSAGE:
case IMSG_MTA_OPEN_MESSAGE:
m_msg(&m, imsg);
m_get_id(&m, &reqid);
m_get_msgid(&m, &msgid);
m_end(&m);
fd = queue_message_fd_r(msgid);
m_create(p, imsg->hdr.type, 0, 0, fd);
m_add_id(p, reqid);
m_close(p);
return;
case IMSG_MDA_DELIVERY_OK:
case IMSG_MTA_DELIVERY_OK:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
if (imsg->hdr.type == IMSG_MTA_DELIVERY_OK)
m_get_int(&m, &mta_ext);
m_end(&m);
if (queue_envelope_load(evpid, &evp) == 0) {
log_warn("queue: dsn: failed to load envelope");
return;
}
if (evp.dsn_notify & DSN_SUCCESS) {
bounce.type = B_DSN;
bounce.dsn_ret = evp.dsn_ret;
if (imsg->hdr.type == IMSG_MDA_DELIVERY_OK)
queue_bounce(&evp, &bounce);
else if (imsg->hdr.type == IMSG_MTA_DELIVERY_OK &&
(mta_ext & MTA_EXT_DSN) == 0) {
bounce.mta_without_dsn = 1;
queue_bounce(&evp, &bounce);
}
}
queue_envelope_delete(evpid);
m_create(p_scheduler, IMSG_QUEUE_DELIVERY_OK, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_close(p_scheduler);
return;
case IMSG_MDA_DELIVERY_TEMPFAIL:
case IMSG_MTA_DELIVERY_TEMPFAIL:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_get_string(&m, &reason);
m_get_int(&m, &code);
m_end(&m);
if (queue_envelope_load(evpid, &evp) == 0) {
log_warnx("queue: tempfail: failed to load envelope");
m_create(p_scheduler, IMSG_QUEUE_ENVELOPE_REMOVE, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_add_u32(p_scheduler, 1); /* in-flight */
m_close(p_scheduler);
return;
}
envelope_set_errormsg(&evp, "%s", reason);
envelope_set_esc_class(&evp, ESC_STATUS_TEMPFAIL);
envelope_set_esc_code(&evp, code);
evp.retry++;
if (!queue_envelope_update(&evp))
log_warnx("warn: could not update envelope %016"PRIx64, evpid);
m_create(p_scheduler, IMSG_QUEUE_DELIVERY_TEMPFAIL, 0, 0, -1);
m_add_envelope(p_scheduler, &evp);
m_close(p_scheduler);
return;
case IMSG_MDA_DELIVERY_PERMFAIL:
case IMSG_MTA_DELIVERY_PERMFAIL:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_get_string(&m, &reason);
m_get_int(&m, &code);
m_end(&m);
if (queue_envelope_load(evpid, &evp) == 0) {
log_warnx("queue: permfail: failed to load envelope");
m_create(p_scheduler, IMSG_QUEUE_ENVELOPE_REMOVE, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_add_u32(p_scheduler, 1); /* in-flight */
m_close(p_scheduler);
return;
}
bounce.type = B_ERROR;
envelope_set_errormsg(&evp, "%s", reason);
envelope_set_esc_class(&evp, ESC_STATUS_PERMFAIL);
envelope_set_esc_code(&evp, code);
queue_bounce(&evp, &bounce);
queue_envelope_delete(evpid);
m_create(p_scheduler, IMSG_QUEUE_DELIVERY_PERMFAIL, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_close(p_scheduler);
return;
case IMSG_MDA_DELIVERY_LOOP:
case IMSG_MTA_DELIVERY_LOOP:
m_msg(&m, imsg);
m_get_evpid(&m, &evpid);
m_end(&m);
if (queue_envelope_load(evpid, &evp) == 0) {
log_warnx("queue: loop: failed to load envelope");
m_create(p_scheduler, IMSG_QUEUE_ENVELOPE_REMOVE, 0, 0, -1);
m_add_evpid(p_scheduler, evpid);
m_add_u32(p_scheduler, 1); /* in-flight */
m_close(p_scheduler);
return;
}
envelope_set_errormsg(&evp, "%s", "Loop detected");
envelope_set_esc_class(&evp, ESC_STATUS_TEMPFAIL);
envelope_set_esc_code(&evp, ESC_ROUTING_LOOP_DETECTED);
bounce.type = B_ERROR;
queue_bounce(&evp, &bounce);
queue_envelope_delete(evp.id);
m_create(p_scheduler, IMSG_QUEUE_DELIVERY_LOOP, 0, 0, -1);
m_add_evpid(p_scheduler, evp.id);
m_close(p_scheduler);
return;
case IMSG_MTA_DELIVERY_HOLD:
case IMSG_MDA_DELIVERY_HOLD:
imsg->hdr.type = IMSG_QUEUE_HOLDQ_HOLD;
m_forward(p_scheduler, imsg);
return;
case IMSG_MTA_SCHEDULE:
imsg->hdr.type = IMSG_QUEUE_ENVELOPE_SCHEDULE;
m_forward(p_scheduler, imsg);
return;
case IMSG_MTA_HOLDQ_RELEASE:
case IMSG_MDA_HOLDQ_RELEASE:
m_msg(&m, imsg);
m_get_id(&m, &holdq);
m_get_int(&m, &v);
m_end(&m);
m_create(p_scheduler, IMSG_QUEUE_HOLDQ_RELEASE, 0, 0, -1);
if (imsg->hdr.type == IMSG_MTA_HOLDQ_RELEASE)
m_add_int(p_scheduler, D_MTA);
else
m_add_int(p_scheduler, D_MDA);
m_add_id(p_scheduler, holdq);
m_add_int(p_scheduler, v);
m_close(p_scheduler);
return;
}
}
if (p->proc == PROC_CONTROL) {
switch (imsg->hdr.type) {
case IMSG_CTL_PAUSE_MDA:
case IMSG_CTL_PAUSE_MTA:
case IMSG_CTL_RESUME_MDA:
case IMSG_CTL_RESUME_MTA:
m_forward(p_scheduler, imsg);
return;
}
}
if (p->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CTL_VERBOSE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
log_verbose(v);
m_forward(p_scheduler, imsg);
return;
case IMSG_CTL_PROFILE:
m_msg(&m, imsg);
m_get_int(&m, &v);
m_end(&m);
profiling = v;
return;
}
}
errx(1, "queue_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
static void
lka_imsg(struct imsgev *iev, struct imsg *imsg)
{
struct submit_status *ss;
struct secret *secret;
struct mapel *mapel;
struct rule *rule;
struct map *map;
struct map *mp;
void *tmp;
if (imsg->hdr.type == IMSG_DNS_HOST || imsg->hdr.type == IMSG_DNS_MX ||
imsg->hdr.type == IMSG_DNS_PTR) {
dns_async(iev, imsg->hdr.type, imsg->data);
return;
}
if (iev->proc == PROC_MFA) {
switch (imsg->hdr.type) {
case IMSG_LKA_MAIL:
ss = imsg->data;
ss->code = 530;
if (ss->u.maddr.user[0] == '\0' &&
ss->u.maddr.domain[0] == '\0')
ss->code = 250;
else if (lka_verify_mail(&ss->u.maddr))
ss->code = 250;
imsg_compose_event(iev, IMSG_LKA_MAIL, 0, 0, -1, ss,
sizeof *ss);
return;
case IMSG_LKA_RULEMATCH:
ss = imsg->data;
rule = ruleset_match(&ss->envelope);
if (rule == NULL)
ss->code = (errno == EAGAIN) ? 451 : 530;
else
ss->code = (rule->r_decision == R_ACCEPT) ?
250 : 530;
imsg_compose_event(iev, IMSG_LKA_RULEMATCH, 0, 0, -1,
ss, sizeof *ss);
return;
case IMSG_LKA_RCPT:
lka_session(imsg->data);
return;
}
}
if (iev->proc == PROC_MTA) {
switch (imsg->hdr.type) {
case IMSG_LKA_SECRET: {
struct map_credentials *map_credentials;
secret = imsg->data;
map = map_findbyname(secret->mapname);
if (map == NULL) {
log_warn("warn: lka: credentials map %s is missing",
secret->mapname);
imsg_compose_event(iev, IMSG_LKA_SECRET, 0, 0,
-1, secret, sizeof *secret);
return;
}
map_credentials = map_lookup(map->m_id, secret->host,
K_CREDENTIALS);
log_debug("debug: lka: %s credentials lookup (%d)", secret->host,
map_credentials != NULL);
secret->secret[0] = '\0';
if (map_credentials == NULL)
log_warnx("warn: %s credentials not found",
secret->host);
else if (lka_encode_credentials(secret->secret,
sizeof secret->secret, map_credentials) == 0)
log_warnx("warn: %s credentials parse fail",
secret->host);
imsg_compose_event(iev, IMSG_LKA_SECRET, 0, 0, -1, secret,
sizeof *secret);
free(map_credentials);
return;
}
}
}
if (iev->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CONF_START:
env->sc_rules_reload = xcalloc(1, sizeof *env->sc_rules,
"lka:sc_rules_reload");
env->sc_maps_reload = xcalloc(1, sizeof *env->sc_maps,
"lka:sc_maps_reload");
TAILQ_INIT(env->sc_rules_reload);
TAILQ_INIT(env->sc_maps_reload);
return;
case IMSG_CONF_RULE:
rule = xmemdup(imsg->data, sizeof *rule, "lka:rule");
TAILQ_INSERT_TAIL(env->sc_rules_reload, rule, r_entry);
return;
case IMSG_CONF_MAP:
map = xmemdup(imsg->data, sizeof *map, "lka:map");
TAILQ_INIT(&map->m_contents);
TAILQ_INSERT_TAIL(env->sc_maps_reload, map, m_entry);
tmp = env->sc_maps;
env->sc_maps = env->sc_maps_reload;
mp = map_open(map);
if (mp == NULL)
errx(1, "lka: could not open map \"%s\"", map->m_name);
map_close(map, mp);
env->sc_maps = tmp;
return;
case IMSG_CONF_RULE_SOURCE:
rule = TAILQ_LAST(env->sc_rules_reload, rulelist);
tmp = env->sc_maps;
env->sc_maps = env->sc_maps_reload;
rule->r_sources = map_findbyname(imsg->data);
if (rule->r_sources == NULL)
fatalx("lka: maps inconsistency");
env->sc_maps = tmp;
return;
case IMSG_CONF_MAP_CONTENT:
map = TAILQ_LAST(env->sc_maps_reload, maplist);
mapel = xmemdup(imsg->data, sizeof *mapel, "lka:mapel");
TAILQ_INSERT_TAIL(&map->m_contents, mapel, me_entry);
return;
case IMSG_CONF_END:
if (env->sc_rules)
purge_config(PURGE_RULES);
if (env->sc_maps)
purge_config(PURGE_MAPS);
env->sc_rules = env->sc_rules_reload;
env->sc_maps = env->sc_maps_reload;
/* start fulfilling requests */
event_add(&env->sc_ievs[PROC_MTA]->ev, NULL);
event_add(&env->sc_ievs[PROC_MFA]->ev, NULL);
event_add(&env->sc_ievs[PROC_SMTP]->ev, NULL);
return;
case IMSG_CTL_VERBOSE:
log_verbose(*(int *)imsg->data);
return;
case IMSG_PARENT_FORWARD_OPEN:
lka_session_forward_reply(imsg->data, imsg->fd);
return;
}
}
if (iev->proc == PROC_CONTROL) {
switch (imsg->hdr.type) {
case IMSG_LKA_UPDATE_MAP:
map = map_findbyname(imsg->data);
if (map == NULL) {
log_warnx("warn: lka: no such map \"%s\"",
(char *)imsg->data);
return;
}
map_update(map);
return;
}
}
errx(1, "lka_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
