void
lka_session(uint64_t id, struct envelope *envelope)
{
struct lka_session *lks;
struct expandnode xn;
if (init == 0) {
init = 1;
tree_init(&sessions);
}
lks = xcalloc(1, sizeof(*lks), "lka_session");
lks->id = id;
RB_INIT(&lks->expand.tree);
TAILQ_INIT(&lks->deliverylist);
tree_xset(&sessions, lks->id, lks);
lks->envelope = *envelope;
TAILQ_INIT(&lks->nodes);
bzero(&xn, sizeof xn);
xn.type = EXPAND_ADDRESS;
xn.u.mailaddr = lks->envelope.rcpt;
lks->expand.rule = NULL;
lks->expand.queue = &lks->nodes;
expand_insert(&lks->expand, &xn);
lka_resume(lks);
}
static int
queue_ram_envelope_create(uint32_t msgid, const char *buf, size_t len,
uint64_t *evpid)
{
struct qr_envelope *evp;
struct qr_message *msg;
if ((msg = get_message(msgid)) == NULL)
return (0);
do {
*evpid = queue_generate_evpid(msgid);
} while (tree_check(&msg->envelopes, *evpid));
evp = calloc(1, sizeof *evp);
if (evp == NULL) {
log_warn("warn: queue-ram: calloc");
return (0);
}
evp->len = len;
evp->buf = malloc(len);
if (evp->buf == NULL) {
log_warn("warn: queue-ram: malloc");
free(evp);
return (0);
}
memmove(evp->buf, buf, len);
tree_xset(&msg->envelopes, *evpid, evp);
stat_increment("queue.ram.envelope.size", len);
return (1);
}
void
mta_session(struct mta_relay *relay, struct mta_route *route)
{
struct mta_session *s;
struct timeval tv;
mta_session_init();
s = xcalloc(1, sizeof *s, "mta_session");
s->id = generate_uid();
s->relay = relay;
s->route = route;
s->io.sock = -1;
if (relay->flags & RELAY_SSL && relay->flags & RELAY_AUTH)
s->flags |= MTA_USE_AUTH;
if (relay->pki_name)
s->flags |= MTA_USE_CERT;
if (relay->flags & RELAY_LMTP)
s->flags |= MTA_LMTP;
switch (relay->flags & (RELAY_SSL|RELAY_TLS_OPTIONAL)) {
case RELAY_SSL:
s->flags |= MTA_FORCE_ANYSSL;
s->flags |= MTA_WANT_SECURE;
break;
case RELAY_SMTPS:
s->flags |= MTA_FORCE_SMTPS;
s->flags |= MTA_WANT_SECURE;
break;
case RELAY_STARTTLS:
s->flags |= MTA_FORCE_TLS;
s->flags |= MTA_WANT_SECURE;
break;
case RELAY_TLS_OPTIONAL:
/* do not force anything, try tls then smtp */
break;
default:
s->flags |= MTA_FORCE_PLAIN;
}
log_debug("debug: mta: %p: spawned for relay %s", s,
mta_relay_to_text(relay));
stat_increment("mta.session", 1);
if (route->dst->ptrname || route->dst->lastptrquery) {
/* We want to delay the connection since to always notify
* the relay asynchronously.
*/
tv.tv_sec = 0;
tv.tv_usec = 0;
evtimer_set(&s->io.ev, mta_start, s);
evtimer_add(&s->io.ev, &tv);
} else if (waitq_wait(&route->dst->ptrname, mta_on_ptr, s)) {
dns_query_ptr(s->id, s->route->dst->sa);
tree_xset(&wait_ptr, s->id, s);
s->flags |= MTA_WAIT;
}
}
static void
queue_envelope_cache_add(struct envelope *e)
{
struct envelope *cached;
while (tree_count(&evpcache_tree) >= env->sc_queue_evpcache_size)
queue_envelope_cache_del(TAILQ_LAST(&evpcache_list, evplst)->id);
cached = xcalloc(1, sizeof *cached, "queue_envelope_cache_add");
*cached = *e;
TAILQ_INSERT_HEAD(&evpcache_list, cached, entry);
tree_xset(&evpcache_tree, e->id, cached);
stat_increment("queue.evpcache.size", 1);
}
static void
filter_register_query(uint64_t id, uint64_t qid, int type)
{
struct filter_session *s;
log_trace(TRACE_FILTERS, "filter-api:%s %016"PRIx64" %s", filter_name, id, query_to_str(type));
s = tree_xget(&sessions, id);
if (s->qid) {
log_warnx("warn: filter-api:%s query already in progess",
filter_name);
fatalx("filter-api: exiting");
}
s->qid = qid;
s->qtype = type;
s->response.ready = 0;
tree_xset(&queries, qid, s);
}
static void
mta_start_tls(struct mta_session *s)
{
struct ca_cert_req_msg req_ca_cert;
const char *certname;
if (s->relay->pki_name)
certname = s->relay->pki_name;
else
certname = s->helo;
req_ca_cert.reqid = s->id;
strlcpy(req_ca_cert.name, certname, sizeof req_ca_cert.name);
m_compose(p_lka, IMSG_LKA_SSL_INIT, 0, 0, -1,
&req_ca_cert, sizeof(req_ca_cert));
tree_xset(&wait_ssl_init, s->id, s);
s->flags |= MTA_WAIT;
return;
}
static int
queue_ram_message_create(uint32_t *msgid)
{
struct qr_message *msg;
msg = calloc(1, sizeof(*msg));
if (msg == NULL) {
log_warn("warn: queue-ram: calloc");
return (0);
}
tree_init(&msg->envelopes);
do {
*msgid = queue_generate_msgid();
} while (tree_check(&messages, *msgid));
tree_xset(&messages, *msgid, msg);
return (1);
}
/* ARGSUSED */
static void
control_accept(int listenfd, short event, void *arg)
{
int connfd;
socklen_t len;
struct sockaddr_un sun;
struct ctl_conn *c;
if (getdtablesize() - getdtablecount() < CONTROL_FD_RESERVE)
goto pause;
len = sizeof(sun);
if ((connfd = accept(listenfd, (struct sockaddr *)&sun, &len)) == -1) {
if (errno == ENFILE || errno == EMFILE)
goto pause;
if (errno == EINTR || errno == EWOULDBLOCK ||
errno == ECONNABORTED)
return;
fatal("control_accept: accept");
}
session_socket_blockmode(connfd, BM_NONBLOCK);
c = xcalloc(1, sizeof(*c), "control_accept");
if (getpeereid(connfd, &c->euid, &c->egid) == -1)
fatal("getpeereid");
c->id = ++connid;
c->mproc.proc = PROC_CLIENT;
c->mproc.handler = control_dispatch_ext;
c->mproc.data = c;
mproc_init(&c->mproc, connfd);
mproc_enable(&c->mproc);
tree_xset(&ctl_conns, c->id, c);
stat_backend->increment("control.session", 1);
return;
pause:
log_warnx("warn: ctl client limit hit, disabling new connections");
event_del(&control_state.ev);
}
void
mta_session(struct mta_route *route)
{
struct mta_session *session;
session = xcalloc(1, sizeof *session, "mta_session");
session->id = generate_uid();
session->route = route;
session->state = MTA_INIT;
session->io.sock = -1;
tree_xset(&sessions, session->id, session);
TAILQ_INIT(&session->hosts);
if (route->flags & ROUTE_MX)
session->flags |= MTA_FORCE_MX;
if (route->flags & ROUTE_SSL && route->flags & ROUTE_AUTH)
session->flags |= MTA_USE_AUTH;
if (route->cert)
session->flags |= MTA_USE_CERT;
switch (route->flags & ROUTE_SSL) {
case ROUTE_SSL:
session->flags |= MTA_FORCE_ANYSSL;
break;
case ROUTE_SMTPS:
session->flags |= MTA_FORCE_SMTPS;
break;
case ROUTE_STARTTLS:
/* STARTTLS is tried by default */
break;
default:
session->flags |= MTA_ALLOW_PLAIN;
}
log_debug("mta: %p: spawned for %s", session, mta_route_to_text(route));
stat_increment("mta.session", 1);
mta_enter_state(session, MTA_INIT);
}
void
mta_imsg(struct imsgev *iev, struct imsg *imsg)
{
struct mta_route *route;
struct mta_batch2 *batch;
struct mta_task *task;
struct envelope *e;
struct ssl *ssl;
uint64_t id;
if (iev->proc == PROC_QUEUE) {
switch (imsg->hdr.type) {
case IMSG_BATCH_CREATE:
id = *(uint64_t*)(imsg->data);
batch = xmalloc(sizeof *batch, "mta_batch");
batch->id = id;
tree_init(&batch->tasks);
tree_xset(&batches, batch->id, batch);
log_trace(TRACE_MTA,
"mta: batch:%016" PRIx64 " created", batch->id);
return;
case IMSG_BATCH_APPEND:
e = xmemdup(imsg->data, sizeof *e, "mta:envelope");
route = mta_route_for(e);
batch = tree_xget(&batches, e->batch_id);
if ((task = tree_get(&batch->tasks, route->id)) == NULL) {
log_trace(TRACE_MTA, "mta: new task for %s",
mta_route_to_text(route));
task = xmalloc(sizeof *task, "mta_task");
TAILQ_INIT(&task->envelopes);
task->route = route;
tree_xset(&batch->tasks, route->id, task);
task->msgid = evpid_to_msgid(e->id);
task->sender = e->sender;
route->refcount += 1;
}
/* Technically, we could handle that by adding a msg
* level, but the batch sent by the scheduler should
* be valid.
*/
if (task->msgid != evpid_to_msgid(e->id))
errx(1, "msgid mismatch in batch");
/* XXX honour route->maxrcpt */
TAILQ_INSERT_TAIL(&task->envelopes, e, entry);
stat_increment("mta.envelope", 1);
log_debug("mta: received evp:%016" PRIx64 " for <%s@%s>",
e->id, e->dest.user, e->dest.domain);
return;
case IMSG_BATCH_CLOSE:
id = *(uint64_t*)(imsg->data);
batch = tree_xpop(&batches, id);
log_trace(TRACE_MTA, "mta: batch:%016" PRIx64 " closed",
batch->id);
/* for all tasks, queue them on there route */
while (tree_poproot(&batch->tasks, &id, (void**)&task)) {
if (id != task->route->id)
errx(1, "route id mismatch!");
task->route->refcount -= 1;
task->route->ntask += 1;
TAILQ_INSERT_TAIL(&task->route->tasks, task, entry);
stat_increment("mta.task", 1);
mta_route_drain(task->route);
}
free(batch);
return;
case IMSG_QUEUE_MESSAGE_FD:
mta_session_imsg(iev, imsg);
return;
}
}
if (iev->proc == PROC_LKA) {
switch (imsg->hdr.type) {
case IMSG_LKA_SECRET:
case IMSG_DNS_HOST:
case IMSG_DNS_HOST_END:
case IMSG_DNS_PTR:
mta_session_imsg(iev, imsg);
return;
}
}
if (iev->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CONF_START:
if (env->sc_flags & SMTPD_CONFIGURING)
return;
env->sc_flags |= SMTPD_CONFIGURING;
env->sc_ssl = xcalloc(1, sizeof *env->sc_ssl, "mta:sc_ssl");
return;
case IMSG_CONF_SSL:
if (!(env->sc_flags & SMTPD_CONFIGURING))
return;
ssl = xmemdup(imsg->data, sizeof *ssl, "mta:ssl");
ssl->ssl_cert = xstrdup((char*)imsg->data + sizeof *ssl,
"mta:ssl_cert");
ssl->ssl_key = xstrdup((char*)imsg->data +
sizeof *ssl + ssl->ssl_cert_len, "mta:ssl_key");
SPLAY_INSERT(ssltree, env->sc_ssl, ssl);
return;
case IMSG_CONF_END:
if (!(env->sc_flags & SMTPD_CONFIGURING))
return;
env->sc_flags &= ~SMTPD_CONFIGURING;
return;
case IMSG_CTL_VERBOSE:
log_verbose(*(int *)imsg->data);
return;
}
}
errx(1, "mta_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
static void
mta_enter_state(struct mta_session *s, int newstate)
{
struct mta_envelope *e;
size_t envid_sz;
int oldstate;
ssize_t q;
char ibuf[SMTPD_MAXLINESIZE];
char obuf[SMTPD_MAXLINESIZE];
int offset;
again:
oldstate = s->state;
log_trace(TRACE_MTA, "mta: %p: %s -> %s", s,
mta_strstate(oldstate),
mta_strstate(newstate));
s->state = newstate;
/* don't try this at home! */
#define mta_enter_state(_s, _st) do { newstate = _st; goto again; } while (0)
switch (s->state) {
case MTA_INIT:
case MTA_BANNER:
break;
case MTA_EHLO:
s->ext = 0;
mta_send(s, "EHLO %s", s->helo);
break;
case MTA_HELO:
s->ext = 0;
mta_send(s, "HELO %s", s->helo);
break;
case MTA_LHLO:
s->ext = 0;
mta_send(s, "LHLO %s", s->helo);
break;
case MTA_STARTTLS:
if (s->flags & MTA_TLS) /* already started */
mta_enter_state(s, MTA_AUTH);
else if ((s->ext & MTA_EXT_STARTTLS) == 0) {
if (s->flags & MTA_FORCE_TLS || s->flags & MTA_WANT_SECURE) {
mta_error(s, "TLS required but not supported by remote host");
mta_connect(s);
}
else
/* server doesn't support starttls, do not use it */
mta_enter_state(s, MTA_AUTH);
}
else
mta_send(s, "STARTTLS");
break;
case MTA_AUTH:
if (s->relay->secret && s->flags & MTA_TLS) {
if (s->ext & MTA_EXT_AUTH) {
if (s->ext & MTA_EXT_AUTH_PLAIN) {
mta_enter_state(s, MTA_AUTH_PLAIN);
break;
}
if (s->ext & MTA_EXT_AUTH_LOGIN) {
mta_enter_state(s, MTA_AUTH_LOGIN);
break;
}
log_debug("debug: mta: %p: no supported AUTH method on session", s);
mta_error(s, "no supported AUTH method");
}
else {
log_debug("debug: mta: %p: AUTH not advertised on session", s);
mta_error(s, "AUTH not advertised");
}
}
else if (s->relay->secret) {
log_debug("debug: mta: %p: not using AUTH on non-TLS "
"session", s);
mta_error(s, "Refuse to AUTH over unsecure channel");
mta_connect(s);
} else {
mta_enter_state(s, MTA_READY);
}
break;
case MTA_AUTH_PLAIN:
mta_send(s, "AUTH PLAIN %s", s->relay->secret);
break;
case MTA_AUTH_LOGIN:
mta_send(s, "AUTH LOGIN");
break;
case MTA_AUTH_LOGIN_USER:
memset(ibuf, 0, sizeof ibuf);
if (base64_decode(s->relay->secret, (unsigned char *)ibuf,
sizeof(ibuf)-1) == -1) {
log_debug("debug: mta: %p: credentials too large on session", s);
mta_error(s, "Credentials too large");
break;
}
memset(obuf, 0, sizeof obuf);
base64_encode((unsigned char *)ibuf + 1, strlen(ibuf + 1), obuf, sizeof obuf);
mta_send(s, "%s", obuf);
memset(ibuf, 0, sizeof ibuf);
memset(obuf, 0, sizeof obuf);
break;
case MTA_AUTH_LOGIN_PASS:
memset(ibuf, 0, sizeof ibuf);
if (base64_decode(s->relay->secret, (unsigned char *)ibuf,\
sizeof(ibuf)-1) == -1) {
log_debug("debug: mta: %p: credentials too large on session", s);
mta_error(s, "Credentials too large");
break;
}
offset = strlen(ibuf+1)+2;
memset(obuf, 0, sizeof obuf);
base64_encode((unsigned char *)ibuf + offset, strlen(ibuf + offset), obuf, sizeof obuf);
mta_send(s, "%s", obuf);
memset(ibuf, 0, sizeof ibuf);
memset(obuf, 0, sizeof obuf);
break;
case MTA_READY:
/* Ready to send a new mail */
if (s->ready == 0) {
s->ready = 1;
s->relay->nconn_ready += 1;
mta_route_ok(s->relay, s->route);
}
if (s->msgtried >= MAX_TRYBEFOREDISABLE) {
log_info("smtp-out: Remote host seems to reject all mails on session %016"PRIx64,
s->id);
mta_route_down(s->relay, s->route);
mta_enter_state(s, MTA_QUIT);
break;
}
if (s->msgcount >= s->relay->limits->max_mail_per_session) {
log_debug("debug: mta: "
"%p: cannot send more message to relay %s", s,
mta_relay_to_text(s->relay));
mta_enter_state(s, MTA_QUIT);
break;
}
s->task = mta_route_next_task(s->relay, s->route);
if (s->task == NULL) {
log_debug("debug: mta: %p: no task for relay %s",
s, mta_relay_to_text(s->relay));
if (s->relay->nconn > 1 ||
s->hangon >= s->relay->limits->sessdelay_keepalive) {
mta_enter_state(s, MTA_QUIT);
break;
}
log_debug("mta: debug: last connection: hanging on for %llds",
(long long)(s->relay->limits->sessdelay_keepalive -
s->hangon));
s->flags |= MTA_HANGON;
runq_schedule(hangon, time(NULL) + 1, NULL, s);
break;
}
log_debug("debug: mta: %p: handling next task for relay %s", s,
mta_relay_to_text(s->relay));
stat_increment("mta.task.running", 1);
m_create(p_queue, IMSG_QUEUE_MESSAGE_FD, 0, 0, -1);
m_add_id(p_queue, s->id);
m_add_msgid(p_queue, s->task->msgid);
m_close(p_queue);
tree_xset(&wait_fd, s->id, s);
s->flags |= MTA_WAIT;
break;
case MTA_MAIL:
if (s->currevp == NULL)
s->currevp = TAILQ_FIRST(&s->task->envelopes);
e = s->currevp;
s->hangon = 0;
s->msgtried++;
envid_sz = strlen(e->dsn_envid);
if (s->ext & MTA_EXT_DSN) {
mta_send(s, "MAIL FROM:<%s> %s%s %s%s",
s->task->sender,
e->dsn_ret ? "RET=" : "",
e->dsn_ret ? dsn_strret(e->dsn_ret) : "",
envid_sz ? "ENVID=" : "",
envid_sz ? e->dsn_envid : "");
} else
mta_send(s, "MAIL FROM:<%s>", s->task->sender);
break;
case MTA_RCPT:
if (s->currevp == NULL)
s->currevp = TAILQ_FIRST(&s->task->envelopes);
e = s->currevp;
if (s->ext & MTA_EXT_DSN) {
mta_send(s, "RCPT TO:<%s> %s%s %s%s",
e->dest,
e->dsn_notify ? "NOTIFY=" : "",
e->dsn_notify ? dsn_strnotify(e->dsn_notify) : "",
e->dsn_orcpt ? "ORCPT=" : "",
e->dsn_orcpt ? e->dsn_orcpt : "");
} else
mta_send(s, "RCPT TO:<%s>", e->dest);
s->rcptcount++;
break;
case MTA_DATA:
fseek(s->datafp, 0, SEEK_SET);
mta_send(s, "DATA");
break;
case MTA_BODY:
if (s->datafp == NULL) {
log_trace(TRACE_MTA, "mta: %p: end-of-file", s);
mta_enter_state(s, MTA_EOM);
break;
}
if ((q = mta_queue_data(s)) == -1) {
s->flags |= MTA_FREE;
break;
}
if (q == 0) {
mta_enter_state(s, MTA_BODY);
break;
}
log_trace(TRACE_MTA, "mta: %p: >>> [...%zi bytes...]", s, q);
break;
case MTA_EOM:
mta_send(s, ".");
break;
case MTA_LMTP_EOM:
/* LMTP reports status of each delivery, so enable read */
io_set_read(&s->io);
break;
case MTA_RSET:
if (s->datafp) {
fclose(s->datafp);
s->datafp = NULL;
}
mta_send(s, "RSET");
break;
case MTA_QUIT:
mta_send(s, "QUIT");
break;
default:
fatalx("mta_enter_state: unknown state");
}
#undef mta_enter_state
}
static void
filter_dispatch(struct mproc *p, struct imsg *imsg)
{
struct filter_connect q_connect;
struct mailaddr maddr;
struct msg m;
const char *line;
uint32_t v;
uint64_t id, qid;
int status, event, hook;
log_debug("debug: %s: imsg %i", filter_name, imsg->hdr.type);
switch (imsg->hdr.type) {
case IMSG_FILTER_REGISTER:
m_msg(&m, imsg);
m_get_u32(&m, &v);
m_end(&m);
if (v != FILTER_API_VERSION)
errx(1, "API version mismatch");
m_create(p, IMSG_FILTER_REGISTER, 0, 0, -1);
m_add_int(p, fi.hooks);
m_add_int(p, fi.flags);
m_close(p);
break;
case IMSG_FILTER_EVENT:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_int(&m, &event);
m_end(&m);
filter_dispatch_event(id, event);
break;
case IMSG_FILTER_QUERY:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_id(&m, &qid);
m_get_int(&m, &hook);
tree_xset(&queries, qid, NULL);
switch(hook) {
case HOOK_CONNECT:
m_get_sockaddr(&m, (struct sockaddr*)&q_connect.local);
m_get_sockaddr(&m, (struct sockaddr*)&q_connect.remote);
m_get_string(&m, &q_connect.hostname);
m_end(&m);
filter_dispatch_connect(id, qid, &q_connect);
break;
case HOOK_HELO:
m_get_string(&m, &line);
m_end(&m);
filter_dispatch_helo(id, qid, line);
break;
case HOOK_MAIL:
m_get_mailaddr(&m, &maddr);
m_end(&m);
filter_dispatch_mail(id, qid, &maddr);
break;
case HOOK_RCPT:
m_get_mailaddr(&m, &maddr);
m_end(&m);
filter_dispatch_rcpt(id, qid, &maddr);
break;
case HOOK_DATA:
m_end(&m);
filter_dispatch_data(id, qid);
break;
case HOOK_EOM:
m_end(&m);
filter_dispatch_eom(id, qid);
break;
default:
errx(1, "bad query hook: %d", hook);
}
break;
case IMSG_FILTER_NOTIFY:
m_msg(&m, imsg);
m_get_id(&m, &qid);
m_get_int(&m, &status);
m_end(&m);
filter_dispatch_notify(qid, status);
break;
case IMSG_FILTER_DATA:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_string(&m, &line);
m_end(&m);
filter_dispatch_dataline(id, line);
break;
}
}
static void
mta_connect(struct mta_session *s)
{
struct sockaddr_storage ss;
struct sockaddr *sa;
int portno;
const char *schema = "smtp+tls://";
if (s->helo == NULL) {
if (s->relay->helotable && s->route->src->sa) {
m_create(p_lka, IMSG_LKA_HELO, 0, 0, -1);
m_add_id(p_lka, s->id);
m_add_string(p_lka, s->relay->helotable);
m_add_sockaddr(p_lka, s->route->src->sa);
m_close(p_lka);
tree_xset(&wait_helo, s->id, s);
s->flags |= MTA_WAIT;
return;
}
else if (s->relay->heloname)
s->helo = xstrdup(s->relay->heloname, "mta_connect");
else
s->helo = xstrdup(env->sc_hostname, "mta_connect");
}
io_clear(&s->io);
iobuf_clear(&s->iobuf);
s->use_smtps = s->use_starttls = s->use_smtp_tls = 0;
switch (s->attempt) {
case 0:
if (s->flags & MTA_FORCE_SMTPS)
s->use_smtps = 1; /* smtps */
else if (s->flags & (MTA_FORCE_TLS|MTA_FORCE_ANYSSL))
s->use_starttls = 1; /* tls, tls+smtps */
else if (!(s->flags & MTA_FORCE_PLAIN))
s->use_smtp_tls = 1;
break;
case 1:
if (s->flags & MTA_FORCE_ANYSSL) {
s->use_smtps = 1; /* tls+smtps */
break;
}
default:
mta_free(s);
return;
}
portno = s->use_smtps ? 465 : 25;
/* Override with relay-specified port */
if (s->relay->port)
portno = s->relay->port;
memmove(&ss, s->route->dst->sa, s->route->dst->sa->sa_len);
sa = (struct sockaddr *)&ss;
if (sa->sa_family == AF_INET)
((struct sockaddr_in *)sa)->sin_port = htons(portno);
else if (sa->sa_family == AF_INET6)
((struct sockaddr_in6 *)sa)->sin6_port = htons(portno);
s->attempt += 1;
if (s->use_smtp_tls)
schema = "smtp+tls://";
else if (s->use_starttls)
schema = "tls://";
else if (s->use_smtps)
schema = "smtps://";
else if (s->flags & MTA_LMTP)
schema = "lmtp://";
else
schema = "smtp://";
log_info("smtp-out: Connecting to %s%s:%d (%s) on session"
" %016"PRIx64"...", schema, sa_to_text(s->route->dst->sa),
portno, s->route->dst->ptrname, s->id);
mta_enter_state(s, MTA_INIT);
iobuf_xinit(&s->iobuf, 0, 0, "mta_connect");
io_init(&s->io, -1, s, mta_io, &s->iobuf);
io_set_timeout(&s->io, 300000);
if (io_connect(&s->io, sa, s->route->src->sa) == -1) {
/*
* This error is most likely a "no route",
* so there is no need to try again.
*/
log_debug("debug: mta: io_connect failed: %s", s->io.error);
if (errno == EADDRNOTAVAIL)
mta_source_error(s->relay, s->route, s->io.error);
else
mta_error(s, "Connection failed: %s", s->io.error);
mta_free(s);
}
}
static int
mta_verify_certificate(struct mta_session *s)
{
#define MAX_CERTS 16
#define MAX_CERT_LEN (MAX_IMSGSIZE - (IMSG_HEADER_SIZE + sizeof(req_ca_vrfy)))
struct ca_vrfy_req_msg req_ca_vrfy;
struct iovec iov[2];
X509 *x;
STACK_OF(X509) *xchain;
const char *name;
unsigned char *cert_der[MAX_CERTS];
int cert_len[MAX_CERTS];
int i, cert_count, res;
res = 0;
memset(cert_der, 0, sizeof(cert_der));
memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy);
/* Send the client certificate */
if (s->relay->ca_name) {
name = s->relay->ca_name;
req_ca_vrfy.fallback = 0;
}
else {
name = s->helo;
req_ca_vrfy.fallback = 1;
}
if (strlcpy(req_ca_vrfy.name, name, sizeof req_ca_vrfy.name)
>= sizeof req_ca_vrfy.name)
return 0;
x = SSL_get_peer_certificate(s->io.ssl);
if (x == NULL)
return 0;
xchain = SSL_get_peer_cert_chain(s->io.ssl);
/*
* Client provided a certificate and possibly a certificate chain.
* SMTP can't verify because it does not have the information that
* it needs, instead it will pass the certificate and chain to the
* lookup process and wait for a reply.
*
*/
cert_len[0] = i2d_X509(x, &cert_der[0]);
X509_free(x);
if (cert_len[0] < 0) {
log_warnx("warn: failed to encode certificate");
goto end;
}
log_debug("debug: certificate 0: len=%d", cert_len[0]);
if (cert_len[0] > (int)MAX_CERT_LEN) {
log_warnx("warn: certificate too long");
goto end;
}
if (xchain) {
cert_count = sk_X509_num(xchain);
log_debug("debug: certificate chain len: %d", cert_count);
if (cert_count >= MAX_CERTS) {
log_warnx("warn: certificate chain too long");
goto end;
}
}
else
cert_count = 0;
for (i = 0; i < cert_count; ++i) {
x = sk_X509_value(xchain, i);
cert_len[i+1] = i2d_X509(x, &cert_der[i+1]);
if (cert_len[i+1] < 0) {
log_warnx("warn: failed to encode certificate");
goto end;
}
log_debug("debug: certificate %i: len=%d", i+1, cert_len[i+1]);
if (cert_len[i+1] > (int)MAX_CERT_LEN) {
log_warnx("warn: certificate too long");
goto end;
}
}
tree_xset(&wait_ssl_verify, s->id, s);
s->flags |= MTA_WAIT;
/* Send the client certificate */
req_ca_vrfy.reqid = s->id;
req_ca_vrfy.cert_len = cert_len[0];
req_ca_vrfy.n_chain = cert_count;
iov[0].iov_base = &req_ca_vrfy;
iov[0].iov_len = sizeof(req_ca_vrfy);
iov[1].iov_base = cert_der[0];
iov[1].iov_len = cert_len[0];
m_composev(p_lka, IMSG_MTA_TLS_VERIFY_CERT, 0, 0, -1,
iov, nitems(iov));
memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy);
req_ca_vrfy.reqid = s->id;
/* Send the chain, one cert at a time */
for (i = 0; i < cert_count; ++i) {
req_ca_vrfy.cert_len = cert_len[i+1];
iov[1].iov_base = cert_der[i+1];
iov[1].iov_len = cert_len[i+1];
m_composev(p_lka, IMSG_MTA_TLS_VERIFY_CHAIN, 0, 0, -1,
iov, nitems(iov));
}
/* Tell lookup process that it can start verifying, we're done */
memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy);
req_ca_vrfy.reqid = s->id;
m_compose(p_lka, IMSG_MTA_TLS_VERIFY, 0, 0, -1,
&req_ca_vrfy, sizeof req_ca_vrfy);
res = 1;
end:
for (i = 0; i < MAX_CERTS; ++i)
free(cert_der[i]);
return res;
}
static int
mta_verify_certificate(struct mta_session *s)
{
struct ca_vrfy_req_msg req_ca_vrfy;
struct iovec iov[2];
X509 *x;
STACK_OF(X509) *xchain;
int i;
const char *pkiname;
x = SSL_get_peer_certificate(s->io.ssl);
if (x == NULL)
return 0;
xchain = SSL_get_peer_cert_chain(s->io.ssl);
/*
* Client provided a certificate and possibly a certificate chain.
* SMTP can't verify because it does not have the information that
* it needs, instead it will pass the certificate and chain to the
* lookup process and wait for a reply.
*
*/
tree_xset(&wait_ssl_verify, s->id, s);
s->flags |= MTA_WAIT;
/* Send the client certificate */
memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy);
if (s->relay->pki_name)
pkiname = s->relay->pki_name;
else
pkiname = s->helo;
if (strlcpy(req_ca_vrfy.pkiname, pkiname, sizeof req_ca_vrfy.pkiname)
>= sizeof req_ca_vrfy.pkiname)
return 0;
req_ca_vrfy.reqid = s->id;
req_ca_vrfy.cert_len = i2d_X509(x, &req_ca_vrfy.cert);
if (xchain)
req_ca_vrfy.n_chain = sk_X509_num(xchain);
iov[0].iov_base = &req_ca_vrfy;
iov[0].iov_len = sizeof(req_ca_vrfy);
iov[1].iov_base = req_ca_vrfy.cert;
iov[1].iov_len = req_ca_vrfy.cert_len;
m_composev(p_lka, IMSG_LKA_SSL_VERIFY_CERT, 0, 0, -1,
iov, nitems(iov));
free(req_ca_vrfy.cert);
X509_free(x);
if (xchain) {
/* Send the chain, one cert at a time */
for (i = 0; i < sk_X509_num(xchain); ++i) {
memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy);
req_ca_vrfy.reqid = s->id;
x = sk_X509_value(xchain, i);
req_ca_vrfy.cert_len = i2d_X509(x, &req_ca_vrfy.cert);
iov[0].iov_base = &req_ca_vrfy;
iov[0].iov_len = sizeof(req_ca_vrfy);
iov[1].iov_base = req_ca_vrfy.cert;
iov[1].iov_len = req_ca_vrfy.cert_len;
m_composev(p_lka, IMSG_LKA_SSL_VERIFY_CHAIN, 0, 0, -1,
iov, nitems(iov));
free(req_ca_vrfy.cert);
}
}
/* Tell lookup process that it can start verifying, we're done */
memset(&req_ca_vrfy, 0, sizeof req_ca_vrfy);
req_ca_vrfy.reqid = s->id;
m_compose(p_lka, IMSG_LKA_SSL_VERIFY, 0, 0, -1,
&req_ca_vrfy, sizeof req_ca_vrfy);
return 1;
}
static void
filter_dispatch(struct mproc *p, struct imsg *imsg)
{
struct filter_session *s;
struct filter_connect q_connect;
struct mailaddr maddr;
struct msg m;
const char *line, *name;
uint32_t v, datalen;
uint64_t id, qid;
int status, type;
int fds[2], fdin, fdout;
log_trace(TRACE_FILTERS, "filter-api:%s imsg %s", filter_name,
filterimsg_to_str(imsg->hdr.type));
switch (imsg->hdr.type) {
case IMSG_FILTER_REGISTER:
m_msg(&m, imsg);
m_get_u32(&m, &v);
m_get_string(&m, &name);
filter_name = strdup(name);
m_end(&m);
if (v != FILTER_API_VERSION) {
log_warnx("warn: filter-api:%s API mismatch", filter_name);
fatalx("filter-api: exiting");
}
m_create(p, IMSG_FILTER_REGISTER, 0, 0, -1);
m_add_int(p, fi.hooks);
m_add_int(p, fi.flags);
m_close(p);
break;
case IMSG_FILTER_EVENT:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_int(&m, &type);
m_end(&m);
switch (type) {
case EVENT_CONNECT:
s = xcalloc(1, sizeof(*s), "filter_dispatch");
s->id = id;
s->pipe.iev.sock = -1;
s->pipe.oev.sock = -1;
tree_xset(&sessions, id, s);
break;
case EVENT_DISCONNECT:
filter_dispatch_disconnect(id);
s = tree_xpop(&sessions, id);
free(s);
break;
case EVENT_RESET:
filter_dispatch_reset(id);
break;
case EVENT_COMMIT:
filter_dispatch_commit(id);
break;
case EVENT_ROLLBACK:
filter_dispatch_rollback(id);
break;
default:
log_warnx("warn: filter-api:%s bad event %d", filter_name, type);
fatalx("filter-api: exiting");
}
break;
case IMSG_FILTER_QUERY:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_id(&m, &qid);
m_get_int(&m, &type);
switch(type) {
case QUERY_CONNECT:
m_get_sockaddr(&m, (struct sockaddr*)&q_connect.local);
m_get_sockaddr(&m, (struct sockaddr*)&q_connect.remote);
m_get_string(&m, &q_connect.hostname);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_connect(id, &q_connect);
break;
case QUERY_HELO:
m_get_string(&m, &line);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_helo(id, line);
break;
case QUERY_MAIL:
m_get_mailaddr(&m, &maddr);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_mail(id, &maddr);
break;
case QUERY_RCPT:
m_get_mailaddr(&m, &maddr);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_rcpt(id, &maddr);
break;
case QUERY_DATA:
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_data(id);
break;
case QUERY_EOM:
m_get_u32(&m, &datalen);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_eom(id, datalen);
break;
default:
log_warnx("warn: filter-api:%s bad query %d", filter_name, type);
fatalx("filter-api: exiting");
}
break;
case IMSG_FILTER_PIPE:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_end(&m);
fdout = imsg->fd;
fdin = -1;
if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, fds) == -1) {
log_warn("warn: filter-api:%s socketpair", filter_name);
close(fdout);
}
else {
s = tree_xget(&sessions, id);
s->pipe.eom_called = 0;
s->pipe.error = 0;
s->pipe.idatalen = 0;
s->pipe.odatalen = 0;
iobuf_init(&s->pipe.obuf, 0, 0);
io_init(&s->pipe.oev, fdout, s, filter_io_out, &s->pipe.obuf);
io_set_write(&s->pipe.oev);
iobuf_init(&s->pipe.ibuf, 0, 0);
io_init(&s->pipe.iev, fds[0], s, filter_io_in, &s->pipe.ibuf);
io_set_read(&s->pipe.iev);
fdin = fds[1];
}
log_trace(TRACE_FILTERS, "filter-api:%s %016"PRIx64" tx pipe %d -> %d",
filter_name, id, fdin, fdout);
m_create(&fi.p, IMSG_FILTER_PIPE, 0, 0, fdin);
m_add_id(&fi.p, id);
m_close(&fi.p);
break;
}
}
/* ARGSUSED */
static void
control_accept(int listenfd, short event, void *arg)
{
int connfd;
socklen_t len;
struct sockaddr_un s_un;
struct ctl_conn *c;
size_t *count;
uid_t euid;
gid_t egid;
if (getdtablesize() - getdtablecount() < CONTROL_FD_RESERVE)
goto pause;
len = sizeof(s_un);
if ((connfd = accept(listenfd, (struct sockaddr *)&s_un, &len)) == -1) {
if (errno == ENFILE || errno == EMFILE)
goto pause;
if (errno == EINTR || errno == EWOULDBLOCK ||
errno == ECONNABORTED)
return;
fatal("control_accept: accept");
}
io_set_nonblocking(connfd);
if (getpeereid(connfd, &euid, &egid) == -1)
fatal("getpeereid");
count = tree_get(&ctl_count, euid);
if (count == NULL) {
count = xcalloc(1, sizeof *count, "control_accept");
tree_xset(&ctl_count, euid, count);
}
if (*count == CONTROL_MAXCONN_PER_CLIENT) {
close(connfd);
log_warnx("warn: too many connections to control socket "
"from user with uid %lu", (unsigned long int)euid);
return;
}
(*count)++;
do {
++connid;
} while (tree_get(&ctl_conns, connid));
c = xcalloc(1, sizeof(*c), "control_accept");
c->euid = euid;
c->egid = egid;
c->id = connid;
c->mproc.proc = PROC_CLIENT;
c->mproc.handler = control_dispatch_ext;
c->mproc.data = c;
mproc_init(&c->mproc, connfd);
mproc_enable(&c->mproc);
tree_xset(&ctl_conns, c->id, c);
stat_backend->increment("control.session", 1);
return;
pause:
log_warnx("warn: ctl client limit hit, disabling new connections");
event_del(&control_state.ev);
}
