int smtp_session_passivate(SMTP_SESSION *session, VSTRING *dest_prop,
VSTRING *endp_prop)
{
int fd;
/*
* Encode the local-to-physical binding properties: whether or not this
* server is best MX host for the next-hop or fall-back logical
* destination (this information is needed for loop handling in
* smtp_proto()).
*
* XXX It would be nice to have a VSTRING to VSTREAM adapter so that we can
* serialize the properties with attr_print() instead of using ad-hoc,
* non-reusable, code and hard-coded format strings.
*/
vstring_sprintf(dest_prop, "%u",
session->features & SMTP_FEATURE_DESTINATION_MASK);
/*
* Encode the physical endpoint properties: all the session properties
* except for "session from cache", "best MX", or "RSET failure".
*
* XXX It would be nice to have a VSTRING to VSTREAM adapter so that we can
* serialize the properties with attr_print() instead of using obscure
* hard-coded format strings.
*
* XXX Should also record an absolute time when a session must be closed,
* how many non-delivering mail transactions there were during this
* session, and perhaps other statistics, so that we don't reuse a
* session too much.
*
* XXX Be sure to use unsigned types in the format string. Sign characters
* would be rejected by the alldig() test on the reading end.
*/
vstring_sprintf(endp_prop, "%u\n%s\n%s\n%s\n%u\n%u\n%lu",
session->reuse_count,
session->dest, session->host,
session->addr, session->port,
session->features & SMTP_FEATURE_ENDPOINT_MASK,
(long) session->expire_time);
/*
* Append the passivated SASL attributes.
*/
#ifdef notdef
if (smtp_sasl_enable)
smtp_sasl_passivate(endp_prop, session);
#endif
/*
* Salvage the underlying file descriptor, and destroy the session
* object.
*/
fd = vstream_fileno(session->stream);
vstream_fdclose(session->stream);
session->stream = 0;
smtp_session_free(session);
return (fd);
}
static SMTP_SESSION *smtp_reuse_common(SMTP_STATE *state, int fd,
const char *label)
{
const char *myname = "smtp_reuse_common";
SMTP_ITERATOR *iter = state->iterator;
SMTP_SESSION *session;
/*
* Can't happen. Both smtp_reuse_nexthop() and smtp_reuse_addr() decline
* the request when the TLS policy is not TLS_LEV_NONE.
*/
#ifdef USE_TLS
if (state->tls->level > TLS_LEV_NONE)
msg_panic("%s: unexpected plain-text cached session to %s",
myname, label);
#endif
/*
* Re-activate the SMTP_SESSION object.
*/
session = smtp_session_activate(fd, state->iterator, state->dest_prop,
state->endp_prop);
if (session == 0) {
msg_warn("%s: bad cached session attribute for %s", myname, label);
(void) close(fd);
return (0);
}
state->session = session;
session->state = state;
#ifdef USE_TLS
session->tls = state->tls; /* TEMPORARY */
#endif
/*
* Send an RSET probe to verify that the session is still good.
*/
if (smtp_rset(state) < 0
|| (session->features & SMTP_FEATURE_RSET_REJECTED) != 0) {
smtp_session_free(session);
return (state->session = 0);
}
/*
* Avoid poor performance when TCP MSS > VSTREAM_BUFSIZE.
*/
vstream_tweak_sock(session->stream);
/*
* Update the list of used cached addresses.
*/
htable_enter(state->cache_used, STR(iter->addr), (char *) 0);
return (session);
}
static void smtp_cleanup_session(SMTP_STATE *state)
{
DELIVER_REQUEST *request = state->request;
SMTP_SESSION *session = state->session;
int throttled;
/*
* Inform the postmaster of trouble.
*
* XXX Don't send notifications about errors while sending notifications.
*/
#define POSSIBLE_NOTIFICATION(sender) \
(*sender == 0 || strcmp(sender, mail_addr_double_bounce()) == 0)
if (session->history != 0
&& (session->error_mask & name_mask(VAR_NOTIFY_CLASSES,
mail_error_masks,
var_notify_classes)) != 0
&& POSSIBLE_NOTIFICATION(request->sender) == 0)
smtp_chat_notify(session);
/*
* When session caching is enabled, cache the first good session for this
* delivery request under the next-hop destination, and cache all good
* sessions under their server network address (destroying the session in
* the process).
*
* Caching under the next-hop destination name (rather than the fall-back
* destination) allows us to skip over non-responding primary or backup
* hosts. In fact, this is the only benefit of caching logical to
* physical bindings; caching a session under its own hostname provides
* no performance benefit, given the way smtp_connect() works.
*/
throttled = THIS_SESSION_IS_THROTTLED; /* smtp_quit() may fail */
if (THIS_SESSION_IS_EXPIRED)
smtp_quit(state); /* also disables caching */
if (THIS_SESSION_IS_CACHED
/* Redundant tests for safety... */
&& vstream_ferror(session->stream) == 0
&& vstream_feof(session->stream) == 0) {
smtp_save_session(state, SMTP_KEY_MASK_SCACHE_DEST_LABEL,
SMTP_KEY_MASK_SCACHE_ENDP_LABEL);
} else {
smtp_session_free(session);
}
state->session = 0;
/*
* If this session was good, reset the logical next-hop state, so that we
* won't cache connections to alternate servers under the logical
* next-hop destination. Otherwise we could end up skipping over the
* available and more preferred servers.
*/
if (HAVE_NEXTHOP_STATE(state) && !throttled)
FREE_NEXTHOP_STATE(state);
/*
* Clean up the lists with todo and dropped recipients.
*/
smtp_rcpt_cleanup(state);
/*
* Reset profiling info.
*
* XXX When one delivery request results in multiple sessions, the set-up
* and transmission latencies of the earlier sessions will count as
* connection set-up time for the later sessions.
*
* XXX On the other hand, when we first try to connect to one or more dead
* hosts before we reach a good host, then all that time must be counted
* as connection set-up time for the session with the good host.
*
* XXX So this set-up attribution problem exists only when we actually
* engage in a session, spend a lot of time delivering a message, find
* that it fails, and then connect to an alternate host.
*/
memset((void *) &request->msg_stats.conn_setup_done, 0,
sizeof(request->msg_stats.conn_setup_done));
memset((void *) &request->msg_stats.deliver_done, 0,
sizeof(request->msg_stats.deliver_done));
request->msg_stats.reuse_count = 0;
}
SMTP_SESSION *smtp_session_activate(int fd, VSTRING *dest_prop,
VSTRING *endp_prop)
{
const char *myname = "smtp_session_activate";
SMTP_SESSION *session;
char *dest_props;
char *endp_props;
const char *prop;
const char *dest;
const char *host;
const char *addr;
unsigned port;
unsigned features; /* server features */
time_t expire_time; /* session re-use expiration time */
unsigned reuse_count; /* # times reused */
/*
* XXX it would be nice to have a VSTRING to VSTREAM adapter so that we
* can de-serialize the properties with attr_scan(), instead of using
* ad-hoc, non-reusable code.
*
* XXX As a preliminary solution we use mystrtok(), but that function is not
* suitable for zero-length fields.
*/
endp_props = STR(endp_prop);
if ((prop = mystrtok(&endp_props, "\n")) == 0 || !alldig(prop)) {
msg_warn("%s: bad cached session reuse count property", myname);
return (0);
}
reuse_count = atoi(prop);
if ((dest = mystrtok(&endp_props, "\n")) == 0) {
msg_warn("%s: missing cached session destination property", myname);
return (0);
}
if ((host = mystrtok(&endp_props, "\n")) == 0) {
msg_warn("%s: missing cached session hostname property", myname);
return (0);
}
if ((addr = mystrtok(&endp_props, "\n")) == 0) {
msg_warn("%s: missing cached session address property", myname);
return (0);
}
if ((prop = mystrtok(&endp_props, "\n")) == 0 || !alldig(prop)) {
msg_warn("%s: bad cached session port property", myname);
return (0);
}
port = atoi(prop);
if ((prop = mystrtok(&endp_props, "\n")) == 0 || !alldig(prop)) {
msg_warn("%s: bad cached session features property", myname);
return (0);
}
features = atoi(prop);
if ((prop = mystrtok(&endp_props, "\n")) == 0 || !alldig(prop)) {
msg_warn("%s: bad cached session expiration time property", myname);
return (0);
}
#ifdef MISSING_STRTOUL
expire_time = strtol(prop, 0, 10);
#else
expire_time = strtoul(prop, 0, 10);
#endif
if (dest_prop && VSTRING_LEN(dest_prop)) {
dest_props = STR(dest_prop);
if ((prop = mystrtok(&dest_props, "\n")) == 0 || !alldig(prop)) {
msg_warn("%s: bad cached destination features property", myname);
return (0);
}
features |= atoi(prop);
}
/*
* Allright, bundle up what we have sofar.
*/
#define NO_FLAGS 0
session = smtp_session_alloc(vstream_fdopen(fd, O_RDWR), dest, host,
addr, port, (time_t) 0, NO_FLAGS);
session->features = (features | SMTP_FEATURE_FROM_CACHE);
CACHE_THIS_SESSION_UNTIL(expire_time);
session->reuse_count = ++reuse_count;
if (msg_verbose)
msg_info("%s: dest=%s host=%s addr=%s port=%u features=0x%x, "
"ttl=%ld, reuse=%d",
myname, dest, host, addr, ntohs(port), features,
(long) (expire_time - time((time_t *) 0)), reuse_count);
/*
* Re-activate the SASL attributes.
*/
#ifdef notdef
if (smtp_sasl_enable && smtp_sasl_activate(session, endp_props) < 0) {
vstream_fdclose(session->stream);
session->stream = 0;
smtp_session_free(session);
return (0);
}
#endif
return (session);
}
int smtp_session_passivate(SMTP_SESSION *session, VSTRING *dest_prop,
VSTRING *endp_prop)
{
SMTP_ITERATOR *iter = session->iterator;
VSTREAM *mp;
int fd;
/*
* Encode the delivery request next-hop to endpoint binding properties:
* whether or not this server is best MX host for the delivery request
* next-hop or fall-back logical destination (this information is needed
* for loop handling in smtp_proto()).
*
* TODO: save SASL username and password information so that we can
* correctly save a reused authenticated connection.
*
* These memory writes should never fail.
*/
if ((mp = vstream_memopen(dest_prop, O_WRONLY)) == 0
|| attr_print_plain(mp, ATTR_FLAG_NONE,
SEND_ATTR_STR(SESS_ATTR_DEST, STR(iter->dest)),
SEND_ATTR_STR(SESS_ATTR_HOST, STR(iter->host)),
SEND_ATTR_STR(SESS_ATTR_ADDR, STR(iter->addr)),
SEND_ATTR_INT(SESS_ATTR_DEST_FEATURES,
session->features & SMTP_FEATURE_DESTINATION_MASK),
ATTR_TYPE_END) != 0
|| vstream_fclose(mp) != 0)
msg_fatal("smtp_session_passivate: can't save dest properties: %m");
/*
* Encode the physical endpoint properties: all the session properties
* except for "session from cache", "best MX", or "RSET failure". Plus
* the TLS level, reuse count, and connection expiration time.
*
* XXX Should also record how many non-delivering mail transactions there
* were during this session, and perhaps other statistics, so that we
* don't reuse a session too much.
*
* TODO: passivate SASL username and password information so that we can
* correctly save a reused authenticated connection.
*
* These memory writes should never fail.
*/
if ((mp = vstream_memopen(endp_prop, O_WRONLY)) == 0
|| attr_print_plain(mp, ATTR_FLAG_NONE,
#ifdef USE_TLS
SEND_ATTR_INT(SESS_ATTR_TLS_LEVEL,
session->state->tls->level),
#endif
SEND_ATTR_INT(SESS_ATTR_REUSE_COUNT,
session->reuse_count),
SEND_ATTR_INT(SESS_ATTR_ENDP_FEATURES,
session->features & SMTP_FEATURE_ENDPOINT_MASK),
SEND_ATTR_LONG(SESS_ATTR_EXPIRE_TIME,
(long) session->expire_time),
ATTR_TYPE_END) != 0
/*
* Append the passivated TLS context. These memory writes should never
* fail.
*/
#ifdef USE_TLS
|| (session->tls_context
&& attr_print_plain(mp, ATTR_FLAG_NONE,
SEND_ATTR_FUNC(tls_proxy_context_print,
(void *) session->tls_context),
ATTR_TYPE_END) != 0)
#endif
|| vstream_fclose(mp) != 0)
msg_fatal("smtp_session_passivate: cannot save TLS context: %m");
/*
* Salvage the underlying file descriptor, and destroy the session
* object.
*/
fd = vstream_fileno(session->stream);
vstream_fdclose(session->stream);
session->stream = 0;
smtp_session_free(session);
return (fd);
}
