static void
control_close(struct ctl_conn *c)
{
size_t *count;
count = tree_xget(&ctl_count, c->euid);
(*count)--;
if (*count == 0) {
tree_xpop(&ctl_count, c->euid);
free(count);
}
tree_xpop(&ctl_conns, c->id);
mproc_clear(&c->mproc);
free(c);
stat_backend->decrement("control.session", 1);
if (getdtablesize() - getdtablecount() < CONTROL_FD_RESERVE)
return;
if (!event_pending(&control_state.ev, EV_READ, NULL)) {
log_warnx("warn: re-enabling ctl connections");
event_add(&control_state.ev, NULL);
}
}
static void
filter_send_response(struct filter_session *s)
{
log_trace(TRACE_FILTERS, "filter-api:%s %016"PRIx64" %s filter_send_response() -> %d, %d, %s",
filter_name, s->id, query_to_str(s->qtype),
s->response.status,
s->response.code,
s->response.line);
tree_xpop(&queries, s->qid);
m_create(&fi.p, IMSG_FILTER_RESPONSE, 0, 0, -1);
m_add_id(&fi.p, s->qid);
m_add_int(&fi.p, s->qtype);
if (s->qtype == QUERY_EOM)
m_add_u32(&fi.p, s->datalen);
m_add_int(&fi.p, s->response.status);
m_add_int(&fi.p, s->response.code);
if (s->response.line) {
m_add_string(&fi.p, s->response.line);
free(s->response.line);
s->response.line = NULL;
}
m_close(&fi.p);
s->qid = 0;
s->response.ready = 0;
}
static struct mta_session *
mta_tree_pop(struct tree *wait, uint64_t reqid)
{
struct mta_session *s;
s = tree_xpop(wait, reqid);
if (s->flags & MTA_FREE) {
log_debug("debug: mta: %p: zombie session", s);
mta_free(s);
return (NULL);
}
s->flags &= ~MTA_WAIT;
return (s);
}
static void
filter_response(uint64_t qid, int status, int code, const char *line, int notify)
{
struct filter_query *q;
q = tree_xpop(&queries, qid);
free(q);
m_create(&fi.p, IMSG_FILTER_RESPONSE, 0, 0, -1);
m_add_id(&fi.p, qid);
m_add_int(&fi.p, status);
m_add_int(&fi.p, code);
m_add_int(&fi.p, notify);
if (line)
m_add_string(&fi.p, line);
m_close(&fi.p);
}
static int
queue_ram_envelope_delete(uint64_t evpid)
{
struct qr_envelope *evp;
struct qr_message *msg;
if ((msg = get_message(evpid_to_msgid(evpid))) == NULL)
return (0);
if ((evp = tree_pop(&msg->envelopes, evpid)) == NULL) {
log_warnx("warn: queue-ram: not found");
return (0);
}
stat_decrement("queue.ram.envelope.size", evp->len);
free(evp->buf);
free(evp);
if (tree_empty(&msg->envelopes)) {
tree_xpop(&messages, evpid_to_msgid(evpid));
stat_decrement("queue.ram.message.size", msg->len);
free(msg->buf);
free(msg);
}
return (1);
}
void
mta_imsg(struct imsgev *iev, struct imsg *imsg)
{
struct mta_route *route;
struct mta_batch2 *batch;
struct mta_task *task;
struct envelope *e;
struct ssl *ssl;
uint64_t id;
if (iev->proc == PROC_QUEUE) {
switch (imsg->hdr.type) {
case IMSG_BATCH_CREATE:
id = *(uint64_t*)(imsg->data);
batch = xmalloc(sizeof *batch, "mta_batch");
batch->id = id;
tree_init(&batch->tasks);
tree_xset(&batches, batch->id, batch);
log_trace(TRACE_MTA,
"mta: batch:%016" PRIx64 " created", batch->id);
return;
case IMSG_BATCH_APPEND:
e = xmemdup(imsg->data, sizeof *e, "mta:envelope");
route = mta_route_for(e);
batch = tree_xget(&batches, e->batch_id);
if ((task = tree_get(&batch->tasks, route->id)) == NULL) {
log_trace(TRACE_MTA, "mta: new task for %s",
mta_route_to_text(route));
task = xmalloc(sizeof *task, "mta_task");
TAILQ_INIT(&task->envelopes);
task->route = route;
tree_xset(&batch->tasks, route->id, task);
task->msgid = evpid_to_msgid(e->id);
task->sender = e->sender;
route->refcount += 1;
}
/* Technically, we could handle that by adding a msg
* level, but the batch sent by the scheduler should
* be valid.
*/
if (task->msgid != evpid_to_msgid(e->id))
errx(1, "msgid mismatch in batch");
/* XXX honour route->maxrcpt */
TAILQ_INSERT_TAIL(&task->envelopes, e, entry);
stat_increment("mta.envelope", 1);
log_debug("mta: received evp:%016" PRIx64 " for <%s@%s>",
e->id, e->dest.user, e->dest.domain);
return;
case IMSG_BATCH_CLOSE:
id = *(uint64_t*)(imsg->data);
batch = tree_xpop(&batches, id);
log_trace(TRACE_MTA, "mta: batch:%016" PRIx64 " closed",
batch->id);
/* for all tasks, queue them on there route */
while (tree_poproot(&batch->tasks, &id, (void**)&task)) {
if (id != task->route->id)
errx(1, "route id mismatch!");
task->route->refcount -= 1;
task->route->ntask += 1;
TAILQ_INSERT_TAIL(&task->route->tasks, task, entry);
stat_increment("mta.task", 1);
mta_route_drain(task->route);
}
free(batch);
return;
case IMSG_QUEUE_MESSAGE_FD:
mta_session_imsg(iev, imsg);
return;
}
}
if (iev->proc == PROC_LKA) {
switch (imsg->hdr.type) {
case IMSG_LKA_SECRET:
case IMSG_DNS_HOST:
case IMSG_DNS_HOST_END:
case IMSG_DNS_PTR:
mta_session_imsg(iev, imsg);
return;
}
}
if (iev->proc == PROC_PARENT) {
switch (imsg->hdr.type) {
case IMSG_CONF_START:
if (env->sc_flags & SMTPD_CONFIGURING)
return;
env->sc_flags |= SMTPD_CONFIGURING;
env->sc_ssl = xcalloc(1, sizeof *env->sc_ssl, "mta:sc_ssl");
return;
case IMSG_CONF_SSL:
if (!(env->sc_flags & SMTPD_CONFIGURING))
return;
ssl = xmemdup(imsg->data, sizeof *ssl, "mta:ssl");
ssl->ssl_cert = xstrdup((char*)imsg->data + sizeof *ssl,
"mta:ssl_cert");
ssl->ssl_key = xstrdup((char*)imsg->data +
sizeof *ssl + ssl->ssl_cert_len, "mta:ssl_key");
SPLAY_INSERT(ssltree, env->sc_ssl, ssl);
return;
case IMSG_CONF_END:
if (!(env->sc_flags & SMTPD_CONFIGURING))
return;
env->sc_flags &= ~SMTPD_CONFIGURING;
return;
case IMSG_CTL_VERBOSE:
log_verbose(*(int *)imsg->data);
return;
}
}
errx(1, "mta_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type));
}
static void
lka_resume(struct lka_session *lks)
{
struct envelope *ep;
struct expandnode *xn;
if (lks->error)
goto error;
/* pop next node and expand it */
while ((xn = TAILQ_FIRST(&lks->nodes))) {
TAILQ_REMOVE(&lks->nodes, xn, tq_entry);
lka_expand(lks, xn->rule, xn);
if (lks->flags & F_WAITING)
return;
if (lks->error)
goto error;
}
/* delivery list is empty, reject */
if (TAILQ_FIRST(&lks->deliverylist) == NULL) {
log_trace(TRACE_EXPAND, "expand: lka_done: expanded to empty "
"delivery list");
lks->error = LKA_PERMFAIL;
}
error:
if (lks->error) {
m_create(p_smtp, IMSG_LKA_EXPAND_RCPT, 0, 0, -1);
m_add_id(p_smtp, lks->id);
m_add_int(p_smtp, lks->error);
if (lks->errormsg)
m_add_string(p_smtp, lks->errormsg);
else {
if (lks->error == LKA_PERMFAIL)
m_add_string(p_smtp, "550 Invalid recipient");
else if (lks->error == LKA_TEMPFAIL)
m_add_string(p_smtp, "451 Temporary failure");
}
m_close(p_smtp);
while ((ep = TAILQ_FIRST(&lks->deliverylist)) != NULL) {
TAILQ_REMOVE(&lks->deliverylist, ep, entry);
free(ep);
}
}
else {
/* Process the delivery list and submit envelopes to queue */
while ((ep = TAILQ_FIRST(&lks->deliverylist)) != NULL) {
TAILQ_REMOVE(&lks->deliverylist, ep, entry);
m_create(p_queue, IMSG_QUEUE_SUBMIT_ENVELOPE, 0, 0, -1);
m_add_id(p_queue, lks->id);
m_add_envelope(p_queue, ep);
m_close(p_queue);
free(ep);
}
m_create(p_queue, IMSG_QUEUE_COMMIT_ENVELOPES, 0, 0, -1);
m_add_id(p_queue, lks->id);
m_close(p_queue);
}
expand_clear(&lks->expand);
tree_xpop(&sessions, lks->id);
free(lks);
}
static void
filter_dispatch(struct mproc *p, struct imsg *imsg)
{
struct filter_session *s;
struct filter_connect q_connect;
struct mailaddr maddr;
struct msg m;
const char *line, *name;
uint32_t v, datalen;
uint64_t id, qid;
int status, type;
int fds[2], fdin, fdout;
log_trace(TRACE_FILTERS, "filter-api:%s imsg %s", filter_name,
filterimsg_to_str(imsg->hdr.type));
switch (imsg->hdr.type) {
case IMSG_FILTER_REGISTER:
m_msg(&m, imsg);
m_get_u32(&m, &v);
m_get_string(&m, &name);
filter_name = strdup(name);
m_end(&m);
if (v != FILTER_API_VERSION) {
log_warnx("warn: filter-api:%s API mismatch", filter_name);
fatalx("filter-api: exiting");
}
m_create(p, IMSG_FILTER_REGISTER, 0, 0, -1);
m_add_int(p, fi.hooks);
m_add_int(p, fi.flags);
m_close(p);
break;
case IMSG_FILTER_EVENT:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_int(&m, &type);
m_end(&m);
switch (type) {
case EVENT_CONNECT:
s = xcalloc(1, sizeof(*s), "filter_dispatch");
s->id = id;
s->pipe.iev.sock = -1;
s->pipe.oev.sock = -1;
tree_xset(&sessions, id, s);
break;
case EVENT_DISCONNECT:
filter_dispatch_disconnect(id);
s = tree_xpop(&sessions, id);
free(s);
break;
case EVENT_RESET:
filter_dispatch_reset(id);
break;
case EVENT_COMMIT:
filter_dispatch_commit(id);
break;
case EVENT_ROLLBACK:
filter_dispatch_rollback(id);
break;
default:
log_warnx("warn: filter-api:%s bad event %d", filter_name, type);
fatalx("filter-api: exiting");
}
break;
case IMSG_FILTER_QUERY:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_get_id(&m, &qid);
m_get_int(&m, &type);
switch(type) {
case QUERY_CONNECT:
m_get_sockaddr(&m, (struct sockaddr*)&q_connect.local);
m_get_sockaddr(&m, (struct sockaddr*)&q_connect.remote);
m_get_string(&m, &q_connect.hostname);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_connect(id, &q_connect);
break;
case QUERY_HELO:
m_get_string(&m, &line);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_helo(id, line);
break;
case QUERY_MAIL:
m_get_mailaddr(&m, &maddr);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_mail(id, &maddr);
break;
case QUERY_RCPT:
m_get_mailaddr(&m, &maddr);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_rcpt(id, &maddr);
break;
case QUERY_DATA:
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_data(id);
break;
case QUERY_EOM:
m_get_u32(&m, &datalen);
m_end(&m);
filter_register_query(id, qid, type);
filter_dispatch_eom(id, datalen);
break;
default:
log_warnx("warn: filter-api:%s bad query %d", filter_name, type);
fatalx("filter-api: exiting");
}
break;
case IMSG_FILTER_PIPE:
m_msg(&m, imsg);
m_get_id(&m, &id);
m_end(&m);
fdout = imsg->fd;
fdin = -1;
if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, fds) == -1) {
log_warn("warn: filter-api:%s socketpair", filter_name);
close(fdout);
}
else {
s = tree_xget(&sessions, id);
s->pipe.eom_called = 0;
s->pipe.error = 0;
s->pipe.idatalen = 0;
s->pipe.odatalen = 0;
iobuf_init(&s->pipe.obuf, 0, 0);
io_init(&s->pipe.oev, fdout, s, filter_io_out, &s->pipe.obuf);
io_set_write(&s->pipe.oev);
iobuf_init(&s->pipe.ibuf, 0, 0);
io_init(&s->pipe.iev, fds[0], s, filter_io_in, &s->pipe.ibuf);
io_set_read(&s->pipe.iev);
fdin = fds[1];
}
log_trace(TRACE_FILTERS, "filter-api:%s %016"PRIx64" tx pipe %d -> %d",
filter_name, id, fdin, fdout);
m_create(&fi.p, IMSG_FILTER_PIPE, 0, 0, fdin);
m_add_id(&fi.p, id);
m_close(&fi.p);
break;
}
}
static void
mta_enter_state(struct mta_session *s, int newstate)
{
int oldstate;
struct secret secret;
struct mta_route *route;
struct mta_host *host;
struct sockaddr *sa;
int max_reuse;
ssize_t q;
#ifdef VALGRIND
bzero(&batch, sizeof(batch));
#endif
again:
oldstate = s->state;
log_trace(TRACE_MTA, "mta: %p: %s -> %s", s,
mta_strstate(oldstate),
mta_strstate(newstate));
s->state = newstate;
/* don't try this at home! */
#define mta_enter_state(_s, _st) do { newstate = _st; goto again; } while(0)
switch (s->state) {
case MTA_INIT:
if (s->route->auth)
mta_enter_state(s, MTA_SECRET);
else
mta_enter_state(s, MTA_MX);
break;
case MTA_DATA:
/*
* Obtain message body fd.
*/
imsg_compose_event(env->sc_ievs[PROC_QUEUE],
IMSG_QUEUE_MESSAGE_FD, s->task->msgid, 0, -1,
&s->id, sizeof(s->id));
break;
case MTA_SECRET:
/*
* Lookup AUTH secret.
*/
bzero(&secret, sizeof(secret));
secret.id = s->id;
strlcpy(secret.mapname, s->route->auth, sizeof(secret.mapname));
strlcpy(secret.host, s->route->hostname, sizeof(secret.host));
imsg_compose_event(env->sc_ievs[PROC_LKA], IMSG_LKA_SECRET,
0, 0, -1, &secret, sizeof(secret));
break;
case MTA_MX:
/*
* Lookup MX record.
*/
if (s->flags & MTA_FORCE_MX) /* XXX */
dns_query_host(s->route->hostname, s->route->port, s->id);
else
dns_query_mx(s->route->hostname, s->route->backupname, 0, s->id);
break;
case MTA_CONNECT:
/*
* Connect to the MX.
*/
/* cleanup previous connection if any */
iobuf_clear(&s->iobuf);
io_clear(&s->io);
if (s->flags & MTA_FORCE_ANYSSL)
max_reuse = 2;
else
max_reuse = 1;
/* pick next mx */
while ((host = TAILQ_FIRST(&s->hosts))) {
if (host->used == max_reuse) {
TAILQ_REMOVE(&s->hosts, host, entry);
free(host);
continue;
}
host->used++;
log_debug("mta: %p: connecting to %s...", s,
ss_to_text(&host->sa));
sa = (struct sockaddr *)&host->sa;
if (s->route->port)
sa_set_port(sa, s->route->port);
else if ((s->flags & MTA_FORCE_ANYSSL) && host->used == 1)
sa_set_port(sa, 465);
else if (s->flags & MTA_FORCE_SMTPS)
sa_set_port(sa, 465);
else
sa_set_port(sa, 25);
iobuf_xinit(&s->iobuf, 0, 0, "mta_enter_state");
io_init(&s->io, -1, s, mta_io, &s->iobuf);
io_set_timeout(&s->io, 10000);
if (io_connect(&s->io, sa, NULL) == -1) {
log_debug("mta: %p: connection failed: %s", s,
strerror(errno));
iobuf_clear(&s->iobuf);
/*
* This error is most likely a "no route",
* so there is no need to try the same
* relay again.
*/
TAILQ_REMOVE(&s->hosts, host, entry);
free(host);
continue;
}
return;
}
/* tried them all? */
mta_route_error(s->route, "150 Can not connect to MX");
mta_enter_state(s, MTA_DONE);
break;
case MTA_DONE:
/*
* Kill the mta session.
*/
log_debug("mta: %p: session done", s);
io_clear(&s->io);
iobuf_clear(&s->iobuf);
if (s->task)
fatalx("current task should have been deleted already");
if (s->datafp)
fclose(s->datafp);
s->datafp = NULL;
while ((host = TAILQ_FIRST(&s->hosts))) {
TAILQ_REMOVE(&s->hosts, host, entry);
free(host);
}
route = s->route;
tree_xpop(&sessions, s->id);
free(s);
stat_decrement("mta.session", 1);
mta_route_collect(route);
break;
case MTA_SMTP_BANNER:
/* just wait for banner */
s->is_reading = 1;
io_set_read(&s->io);
break;
case MTA_SMTP_EHLO:
s->ext = 0;
mta_send(s, "EHLO %s", env->sc_hostname);
break;
case MTA_SMTP_HELO:
s->ext = 0;
mta_send(s, "HELO %s", env->sc_hostname);
break;
case MTA_SMTP_STARTTLS:
if (s->flags & MTA_TLS) /* already started */
mta_enter_state(s, MTA_SMTP_AUTH);
else if ((s->ext & MTA_EXT_STARTTLS) == 0)
/* server doesn't support starttls, do not use it */
mta_enter_state(s, MTA_SMTP_AUTH);
else
mta_send(s, "STARTTLS");
break;
case MTA_SMTP_AUTH:
if (s->secret && s->flags & MTA_TLS)
mta_send(s, "AUTH PLAIN %s", s->secret);
else if (s->secret) {
log_debug("mta: %p: not using AUTH on non-TLS session",
s);
mta_enter_state(s, MTA_CONNECT);
} else {
mta_enter_state(s, MTA_SMTP_READY);
}
break;
case MTA_SMTP_READY:
/* ready to send a new mail */
if (s->ready == 0) {
s->ready = 1;
mta_route_ok(s->route);
}
if (s->msgcount >= s->route->maxmail) {
log_debug("mta: %p: cannot send more message to %s", s,
mta_route_to_text(s->route));
mta_enter_state(s, MTA_SMTP_QUIT);
} else if ((s->task = TAILQ_FIRST(&s->route->tasks))) {
log_debug("mta: %p: handling next task for %s", s,
mta_route_to_text(s->route));
TAILQ_REMOVE(&s->route->tasks, s->task, entry);
s->route->ntask -= 1;
s->task->session = s;
stat_decrement("mta.task", 1);
stat_increment("mta.task.running", 1);
mta_enter_state(s, MTA_DATA);
} else {
log_debug("mta: %p: no pending task for %s", s,
mta_route_to_text(s->route));
/* XXX stay open for a while? */
mta_enter_state(s, MTA_SMTP_QUIT);
}
break;
case MTA_SMTP_MAIL:
if (s->task->sender.user[0] && s->task->sender.domain[0])
mta_send(s, "MAIL FROM: <%s@%s>",
s->task->sender.user, s->task->sender.domain);
else
mta_send(s, "MAIL FROM: <>");
break;
case MTA_SMTP_RCPT:
if (s->currevp == NULL)
s->currevp = TAILQ_FIRST(&s->task->envelopes);
mta_send(s, "RCPT TO: <%s@%s>",
s->currevp->dest.user,
s->currevp->dest.domain);
break;
case MTA_SMTP_DATA:
fseek(s->datafp, 0, SEEK_SET);
mta_send(s, "DATA");
break;
case MTA_SMTP_BODY:
if (s->datafp == NULL) {
log_trace(TRACE_MTA, "mta: %p: end-of-file", s);
mta_enter_state(s, MTA_SMTP_DONE);
break;
}
if ((q = mta_queue_data(s)) == -1) {
mta_enter_state(s, MTA_DONE);
break;
}
log_trace(TRACE_MTA, "mta: %p: >>> [...%zi bytes...]", s, q);
break;
case MTA_SMTP_DONE:
mta_send(s, ".");
break;
case MTA_SMTP_QUIT:
mta_send(s, "QUIT");
break;
case MTA_SMTP_RSET:
mta_send(s, "RSET");
break;
default:
fatalx("mta_enter_state: unknown state");
}
#undef mta_enter_state
}
