1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) The Exim Maintainers 2020 - 2022 */
6 /* Copyright (c) University of Cambridge 1995 - 2018 */
7 /* See the file NOTICE for conditions of use and distribution. */
9 /* A number of functions for driving outgoing SMTP calls. */
13 #include "transports/smtp.h"
17 /*************************************************
18 * Find an outgoing interface *
19 *************************************************/
21 /* This function is called from the smtp transport and also from the callout
22 code in verify.c. Its job is to expand a string to get a list of interfaces,
23 and choose a suitable one (IPv4 or IPv6) for the outgoing address.
26 istring string interface setting, may be NULL, meaning "any", in
27 which case the function does nothing
28 host_af AF_INET or AF_INET6 for the outgoing IP address
29 addr the mail address being handled (for setting errors)
30 interface point this to the interface if there is one defined
31 msg to add to any error message
33 Returns: TRUE on success, FALSE on failure, with error message
34 set in addr and transport_return set to PANIC
38 smtp_get_interface(uschar *istring, int host_af, address_item *addr,
39 uschar **interface, uschar *msg)
41 const uschar * expint;
45 if (!istring) return TRUE;
47 if (!(expint = expand_string(istring)))
49 if (f.expand_string_forcedfail) return TRUE;
50 addr->transport_return = PANIC;
51 addr->message = string_sprintf("failed to expand \"interface\" "
52 "option for %s: %s", msg, expand_string_message);
56 if (is_tainted(expint))
58 log_write(0, LOG_MAIN|LOG_PANIC,
59 "attempt to use tainted value '%s' from '%s' for interface",
61 addr->transport_return = PANIC;
62 addr->message = string_sprintf("failed to expand \"interface\" "
63 "option for %s: configuration error", msg);
67 Uskip_whitespace(&expint);
68 if (!*expint) return TRUE;
70 while ((iface = string_nextinlist(&expint, &sep, NULL, 0)))
72 int if_af = string_is_ip_address(iface, NULL);
75 addr->transport_return = PANIC;
76 addr->message = string_sprintf("\"%s\" is not a valid IP "
77 "address for the \"interface\" option for %s",
82 if ((if_af == 4 ? AF_INET : AF_INET6) == host_af)
92 /*************************************************
93 * Find an outgoing port *
94 *************************************************/
96 /* This function is called from the smtp transport and also from the callout
97 code in verify.c. Its job is to find a port number. Note that getservbyname()
98 produces the number in network byte order.
101 rstring raw (unexpanded) string representation of the port
102 addr the mail address being handled (for setting errors)
103 port stick the port in here
104 msg for adding to error message
106 Returns: TRUE on success, FALSE on failure, with error message set
107 in addr, and transport_return set to PANIC
111 smtp_get_port(uschar *rstring, address_item *addr, int *port, uschar *msg)
113 uschar *pstring = expand_string(rstring);
117 addr->transport_return = PANIC;
118 addr->message = string_sprintf("failed to expand \"%s\" (\"port\" option) "
119 "for %s: %s", rstring, msg, expand_string_message);
123 if (isdigit(*pstring))
126 *port = Ustrtol(pstring, &end, 0);
127 if (end != pstring + Ustrlen(pstring))
129 addr->transport_return = PANIC;
130 addr->message = string_sprintf("invalid port number for %s: %s", msg,
138 struct servent *smtp_service = getservbyname(CS pstring, "tcp");
141 addr->transport_return = PANIC;
142 addr->message = string_sprintf("TCP port \"%s\" is not defined for %s",
146 *port = ntohs(smtp_service->s_port);
156 /* Try to record if TFO was attmepted and if it was successfully used. */
159 tfo_out_check(int sock)
161 static BOOL done_once = FALSE;
163 if (done_once) return;
167 struct tcp_info tinfo;
168 socklen_t len = sizeof(tinfo);
170 /* A getsockopt TCP_FASTOPEN unfortunately returns "was-used" for a TFO/R as
171 well as a TFO/C. Use what we can of the Linux hack below; reliability issues ditto. */
172 switch (tcp_out_fastopen)
174 case TFO_ATTEMPTED_NODATA:
175 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
176 && tinfo.tcpi_state == TCPS_SYN_SENT
177 && tinfo.__tcpi_unacked > 0
180 DEBUG(D_transport|D_v)
181 debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.__tcpi_unacked);
182 tcp_out_fastopen = TFO_USED_NODATA;
186 case TFO_ATTEMPTED_DATA:
187 case TFO_ATTEMPTED_DATA:
188 if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA) XXX no equvalent as of 12.2
192 switch (tcp_out_fastopen)
194 case TFO_ATTEMPTED_DATA: tcp_out_fastopen = TFO_USED_DATA; break;
195 default: break; /* compiler quietening */
198 # else /* Linux & Apple */
199 # if defined(TCP_INFO) && defined(EXIM_HAVE_TCPI_UNACKED)
200 struct tcp_info tinfo;
201 socklen_t len = sizeof(tinfo);
203 switch (tcp_out_fastopen)
205 /* This is a somewhat dubious detection method; totally undocumented so likely
206 to fail in future kernels. There seems to be no documented way. What we really
207 want to know is if the server sent smtp-banner data before our ACK of his SYN,ACK
208 hit him. What this (possibly?) detects is whether we sent a TFO cookie with our
209 SYN, as distinct from a TFO request. This gets a false-positive when the server
210 key is rotated; we send the old one (which this test sees) but the server returns
211 the new one and does not send its SMTP banner before we ACK his SYN,ACK.
212 To force that rotation case:
213 '# echo -n "00000000-00000000-00000000-0000000" >/proc/sys/net/ipv4/tcp_fastopen_key'
214 The kernel seems to be counting unack'd packets. */
216 case TFO_ATTEMPTED_NODATA:
217 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
218 && tinfo.tcpi_state == TCP_SYN_SENT
219 && tinfo.tcpi_unacked > 1
222 DEBUG(D_transport|D_v)
223 debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.tcpi_unacked);
224 tcp_out_fastopen = TFO_USED_NODATA;
228 /* When called after waiting for received data we should be able
229 to tell if data we sent was accepted. */
231 case TFO_ATTEMPTED_DATA:
232 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
233 && tinfo.tcpi_state == TCP_ESTABLISHED
235 if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA)
237 DEBUG(D_transport|D_v) debug_printf("TFO: data was acked\n");
238 tcp_out_fastopen = TFO_USED_DATA;
242 DEBUG(D_transport|D_v) debug_printf("TFO: had to retransmit\n");
243 tcp_out_fastopen = TFO_NOT_USED;
247 default: break; /* compiler quietening */
250 # endif /* Linux & Apple */
255 /* Create and bind a socket, given the connect-args.
256 Update those with the state. Return the fd, or -1 with errno set.
260 smtp_boundsock(smtp_connect_args * sc)
262 transport_instance * tb = sc->tblock;
263 smtp_transport_options_block * ob =
264 (smtp_transport_options_block *)tb->options_block;
265 const uschar * dscp = ob->dscp;
266 int sock, dscp_value, dscp_level, dscp_option;
268 if ((sock = ip_socket(SOCK_STREAM, sc->host_af)) < 0)
271 /* Set TCP_NODELAY; Exim does its own buffering. */
273 if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on)))
274 HDEBUG(D_transport|D_acl|D_v)
275 debug_printf_indent("failed to set NODELAY: %s ", strerror(errno));
277 /* Set DSCP value, if we can. For now, if we fail to set the value, we don't
278 bomb out, just log it and continue in default traffic class. */
280 if (dscp && dscp_lookup(dscp, sc->host_af, &dscp_level, &dscp_option, &dscp_value))
282 HDEBUG(D_transport|D_acl|D_v)
283 debug_printf_indent("DSCP \"%s\"=%x ", dscp, dscp_value);
284 if (setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value)) < 0)
285 HDEBUG(D_transport|D_acl|D_v)
286 debug_printf_indent("failed to set DSCP: %s ", strerror(errno));
287 /* If the kernel supports IPv4 and IPv6 on an IPv6 socket, we need to set the
288 option for both; ignore failures here */
289 if (sc->host_af == AF_INET6 &&
290 dscp_lookup(dscp, AF_INET, &dscp_level, &dscp_option, &dscp_value))
291 (void) setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value));
294 /* Bind to a specific interface if requested. Caller must ensure the interface
295 is the same type (IPv4 or IPv6) as the outgoing address. */
299 union sockaddr_46 interface_sock;
300 EXIM_SOCKLEN_T size = sizeof(interface_sock);
302 if ( ip_bind(sock, sc->host_af, sc->interface, 0) < 0
303 || getsockname(sock, (struct sockaddr *) &interface_sock, &size) < 0
306 HDEBUG(D_transport|D_acl|D_v)
307 debug_printf_indent("unable to bind outgoing SMTP call to %s: %s", sc->interface,
312 sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
321 host host item containing name and address and port
322 host_af AF_INET or AF_INET6
324 interface outgoing interface address or NULL
326 timeout timeout value or 0
327 early_data if non-NULL, idempotent data to be sent -
328 preferably in the TCP SYN segment
329 Special case: non-NULL but with NULL blob.data - caller is
330 client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
333 Returns: connected socket number, or -1 with errno set
337 smtp_sock_connect(smtp_connect_args * sc, int timeout, const blob * early_data)
339 smtp_transport_options_block * ob =
340 (smtp_transport_options_block *)sc->tblock->options_block;
343 const blob * fastopen_blob = NULL;
346 #ifndef DISABLE_EVENT
347 deliver_host_address = sc->host->address;
348 deliver_host_port = sc->host->port;
349 if (event_raise(sc->tblock->event_action, US"tcp:connect", NULL, &errno)) return -1;
352 if ( (sock = sc->sock) < 0
353 && (sock = smtp_boundsock(sc)) < 0)
357 /* Connect to the remote host, and add keepalive to the socket before returning
358 it, if requested. If the build supports TFO, request it - and if the caller
359 requested some early-data then include that in the TFO request. If there is
360 early-data but no TFO support, send it after connecting. */
365 /* See if TCP Fast Open usable. Default is a traditional 3WHS connect */
366 if (verify_check_given_host(CUSS &ob->hosts_try_fastopen, sc->host) == OK)
369 fastopen_blob = &tcp_fastopen_nodata; /* TFO, with no data */
370 else if (early_data->data)
371 fastopen_blob = early_data; /* TFO, with data */
372 # ifdef TCP_FASTOPEN_CONNECT
374 { /* expecting client data */
375 debug_printf(" set up lazy-connect\n");
376 setsockopt(sock, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, US &on, sizeof(on));
377 /* fastopen_blob = NULL; lazy TFO, triggered by data write */
383 if (ip_connect(sock, sc->host_af, sc->host->address, sc->host->port, timeout, fastopen_blob) < 0)
385 else if (early_data && !fastopen_blob && early_data->data && early_data->len)
387 /* We had some early-data to send, but couldn't do TFO */
388 HDEBUG(D_transport|D_acl|D_v)
389 debug_printf("sending %ld nonTFO early-data\n", (long)early_data->len);
391 #ifdef TCP_QUICKACK_notdef
392 (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
394 if (send(sock, early_data->data, early_data->len, 0) < 0)
397 #ifdef TCP_QUICKACK_notdef
398 /* Under TFO (with openssl & pipe-conn; testcase 4069, as of
399 5.10.8-100.fc32.x86_64) this seems to be inop.
400 Perhaps overwritten when we (client) go -> ESTABLISHED on seeing the 3rd-ACK?
401 For that case, added at smtp_reap_banner(). */
402 (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
408 union sockaddr_46 interface_sock;
409 EXIM_SOCKLEN_T size = sizeof(interface_sock);
411 /* Both bind() and connect() succeeded, and any early-data */
413 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" connected\n");
414 if (getsockname(sock, (struct sockaddr *)(&interface_sock), &size) == 0)
415 sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
418 log_write(0, LOG_MAIN | ((errno == ECONNRESET)? 0 : LOG_PANIC),
419 "getsockname() failed: %s", strerror(errno));
424 if (ob->keepalive) ip_keepalive(sock, sc->host->address, TRUE);
431 /* Either bind() or connect() failed */
433 HDEBUG(D_transport|D_acl|D_v)
435 debug_printf_indent(" failed: %s", CUstrerror(save_errno));
436 if (save_errno == ETIMEDOUT)
437 debug_printf(" (timeout=%s)", readconf_printtime(timeout));
450 smtp_port_for_connect(host_item * host, int port)
452 if (host->port != PORT_NONE)
454 HDEBUG(D_transport|D_acl|D_v) if (port != host->port)
455 debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
459 else host->port = port; /* Set the port actually used */
463 /*************************************************
464 * Connect to remote host *
465 *************************************************/
467 /* Create a socket, and connect it to a remote host. IPv6 addresses are
468 detected by checking for a colon in the address. AF_INET6 is defined even on
469 non-IPv6 systems, to enable the code to be less messy. However, on such systems
470 host->address will always be an IPv4 address.
473 sc details for making connection: host, af, interface, transport
474 early_data if non-NULL, data to be sent - preferably in the TCP SYN segment
475 Special case: non-NULL but with NULL blob.data - caller is
476 client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
479 Returns: connected socket number, or -1 with errno set
483 smtp_connect(smtp_connect_args * sc, const blob * early_data)
485 int port = sc->host->port;
486 smtp_transport_options_block * ob = sc->ob;
488 callout_address = string_sprintf("[%s]:%d", sc->host->address, port);
490 HDEBUG(D_transport|D_acl|D_v)
493 if (sc->interface) s = string_sprintf(" from %s ", sc->interface);
495 if (ob->socks_proxy) s = string_sprintf("%svia proxy ", s);
497 debug_printf_indent("Connecting to %s %s%s... ", sc->host->name, callout_address, s);
500 /* Create and connect the socket */
505 int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface,
506 sc->tblock, ob->connect_timeout);
510 if (early_data && early_data->data && early_data->len)
511 if (send(sock, early_data->data, early_data->len, 0) < 0)
513 int save_errno = errno;
514 HDEBUG(D_transport|D_acl|D_v)
516 debug_printf_indent("failed: %s", CUstrerror(save_errno));
517 if (save_errno == ETIMEDOUT)
518 debug_printf(" (timeout=%s)", readconf_printtime(ob->connect_timeout));
530 return smtp_sock_connect(sc, ob->connect_timeout, early_data);
534 /*************************************************
535 * Flush outgoing command buffer *
536 *************************************************/
538 /* This function is called only from smtp_write_command() below. It flushes
539 the buffer of outgoing commands. There is more than one in the buffer only when
543 outblock the SMTP output block
544 mode further data expected, or plain
546 Returns: TRUE if OK, FALSE on error, with errno set
550 flush_buffer(smtp_outblock * outblock, int mode)
553 int n = outblock->ptr - outblock->buffer;
554 BOOL more = mode == SCMD_MORE;
555 client_conn_ctx * cctx;
557 HDEBUG(D_transport|D_acl) debug_printf_indent("cmd buf flush %d bytes%s\n", n,
558 more ? " (more expected)" : "");
560 if (!(cctx = outblock->cctx))
562 log_write(0, LOG_MAIN|LOG_PANIC, "null conn-context pointer");
568 if (cctx->tls_ctx) /*XXX have seen a null cctx here, rvfy sending QUIT, hence check above */
569 rc = tls_write(cctx->tls_ctx, outblock->buffer, n, more);
574 if (outblock->conn_args)
576 blob early_data = { .data = outblock->buffer, .len = n };
578 /* We ignore the more-flag if we're doing a connect with early-data, which
579 means we won't get BDAT+data. A pity, but wise due to the idempotency
580 requirement: TFO with data can, in rare cases, replay the data to the
583 if ( (cctx->sock = smtp_connect(outblock->conn_args, &early_data))
586 outblock->conn_args = NULL;
591 rc = send(cctx->sock, outblock->buffer, n,
599 #if defined(__linux__)
600 /* This is a workaround for a current linux kernel bug: as of
601 5.6.8-200.fc31.x86_64 small (<MSS) writes get delayed by about 200ms,
602 This is despite NODELAY being active.
603 https://bugzilla.redhat.com/show_bug.cgi?id=1803806 */
606 setsockopt(cctx->sock, IPPROTO_TCP, TCP_CORK, &off, sizeof(off));
613 HDEBUG(D_transport|D_acl) debug_printf_indent("send failed: %s\n", strerror(errno));
617 outblock->ptr = outblock->buffer;
618 outblock->cmd_count = 0;
624 /* This might be called both due to callout and then from delivery.
625 Use memory that will not be released between those phases.
628 smtp_debug_resp(const uschar * buf)
630 #ifndef DISABLE_CLIENT_CMD_LOG
631 int old_pool = store_pool;
632 store_pool = POOL_PERM;
633 client_cmd_log = string_append_listele_n(client_cmd_log, ':', buf,
634 buf[3] == ' ' ? 3 : 4);
635 store_pool = old_pool;
640 /*************************************************
641 * Write SMTP command *
642 *************************************************/
644 /* The formatted command is left in big_buffer so that it can be reflected in
648 sx SMTP connection, contains buffer for pipelining, and socket
649 mode buffer, write-with-more-likely, write
650 format a format, starting with one of
651 of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT.
652 If NULL, flush pipeline buffer only.
653 ... data for the format
655 Returns: 0 if command added to pipelining buffer, with nothing transmitted
656 +n if n commands transmitted (may still have buffered the new one)
657 -1 on error, with errno set
661 smtp_write_command(void * sx, int mode, const char * format, ...)
663 smtp_outblock * outblock = &((smtp_context *)sx)->outblock;
668 gstring gs = { .size = big_buffer_size, .ptr = 0, .s = big_buffer };
671 /* Use taint-unchecked routines for writing into big_buffer, trusting that
672 we'll never expand the results. Actually, the error-message use - leaving
673 the results in big_buffer for potential later use - is uncomfortably distant.
674 XXX Would be better to assume all smtp commands are short, use normal pool
675 alloc rather than big_buffer, and another global for the data-for-error. */
677 va_start(ap, format);
678 if (!string_vformat(&gs, SVFMT_TAINT_NOCHK, CS format, ap))
679 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
682 string_from_gstring(&gs);
684 if (gs.ptr > outblock->buffersize)
685 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
688 if (gs.ptr > outblock->buffersize - (outblock->ptr - outblock->buffer))
690 rc = outblock->cmd_count; /* flush resets */
691 if (!flush_buffer(outblock, SCMD_FLUSH)) return -1;
694 Ustrncpy(outblock->ptr, gs.s, gs.ptr);
695 outblock->ptr += gs.ptr;
696 outblock->cmd_count++;
697 gs.ptr -= 2; string_from_gstring(&gs); /* remove \r\n for error message */
699 /* We want to hide the actual data sent in AUTH transactions from reflections
700 and logs. While authenticating, a flag is set in the outblock to enable this.
701 The AUTH command itself gets any data flattened. Other lines are flattened
704 if (outblock->authenticating)
706 uschar *p = big_buffer;
707 if (Ustrncmp(big_buffer, "AUTH ", 5) == 0)
710 while (isspace(*p)) p++;
711 while (!isspace(*p)) p++;
712 while (isspace(*p)) p++;
714 while (*p) *p++ = '*';
717 smtp_debug_cmd(big_buffer, mode);
720 if (mode != SCMD_BUFFER)
722 rc += outblock->cmd_count; /* flush resets */
723 if (!flush_buffer(outblock, mode)) return -1;
731 /*************************************************
732 * Read one line of SMTP response *
733 *************************************************/
735 /* This function reads one line of SMTP response from the server host. This may
736 not be a complete response - it could be just part of a multiline response. We
737 have to use a buffer for incoming packets, because when pipelining or using
738 LMTP, there may well be more than one response in a single packet. This
739 function is called only from the one that follows.
742 inblock the SMTP input block (contains holding buffer, socket, etc.)
743 buffer where to put the line
744 size space available for the line
745 timelimit deadline for reading the lime, seconds past epoch
747 Returns: length of a line that has been put in the buffer
748 -1 otherwise, with errno set, and inblock->ptr adjusted
752 read_response_line(smtp_inblock *inblock, uschar *buffer, int size, time_t timelimit)
755 uschar *ptr = inblock->ptr;
756 uschar *ptrend = inblock->ptrend;
757 client_conn_ctx * cctx = inblock->cctx;
759 /* Loop for reading multiple packets or reading another packet after emptying
760 a previously-read one. */
766 /* If there is data in the input buffer left over from last time, copy
767 characters from it until the end of a line, at which point we can return,
768 having removed any whitespace (which will include CR) at the end of the line.
769 The rules for SMTP say that lines end in CRLF, but there are have been cases
770 of hosts using just LF, and other MTAs are reported to handle this, so we
771 just look for LF. If we run out of characters before the end of a line,
772 carry on to read the next incoming packet. */
779 while (p > buffer && isspace(p[-1])) p--;
787 *p = 0; /* Leave malformed line for error message */
788 errno = ERRNO_SMTPFORMAT;
794 /* Need to read a new input packet. */
796 if((rc = ip_recv(cctx, inblock->buffer, inblock->buffersize, timelimit)) <= 0)
798 DEBUG(D_deliver|D_transport|D_acl|D_v)
799 debug_printf_indent(errno ? " SMTP(%s)<<\n" : " SMTP(closed)<<\n",
804 /* Another block of data has been successfully read. Set up the pointers
805 and let the loop continue. */
807 ptrend = inblock->ptrend = inblock->buffer + rc;
808 ptr = inblock->buffer;
809 DEBUG(D_transport|D_acl) debug_printf_indent("read response data: size=%d\n", rc);
812 /* Get here if there has been some kind of recv() error; errno is set, but we
813 ensure that the result buffer is empty before returning. */
815 inblock->ptr = inblock->ptrend = inblock->buffer;
824 /*************************************************
825 * Read SMTP response *
826 *************************************************/
828 /* This function reads an SMTP response with a timeout, and returns the
829 response in the given buffer, as a string. A multiline response will contain
830 newline characters between the lines. The function also analyzes the first
831 digit of the reply code and returns FALSE if it is not acceptable. FALSE is
832 also returned after a reading error. In this case buffer[0] will be zero, and
833 the error code will be in errno.
836 sx the SMTP connection (contains input block with holding buffer,
838 buffer where to put the response
839 size the size of the buffer
840 okdigit the expected first digit of the response
841 timeout the timeout to use, in seconds
843 Returns: TRUE if a valid, non-error response was received; else FALSE
845 /*XXX could move to smtp transport; no other users */
848 smtp_read_response(void * sx0, uschar * buffer, int size, int okdigit,
851 smtp_context * sx = sx0;
852 uschar * ptr = buffer;
854 time_t timelimit = time(NULL) + timeout;
857 errno = 0; /* Ensure errno starts out zero */
860 #ifndef DISABLE_PIPE_CONNECT
861 if (sx->pending_BANNER || sx->pending_EHLO)
864 if ((rc = smtp_reap_early_pipe(sx, &count)) != OK)
866 DEBUG(D_transport) debug_printf("failed reaping pipelined cmd responsess\n");
867 if (rc == DEFER) errno = ERRNO_TLSFAILURE;
873 /* This is a loop to read and concatenate the lines that make up a multi-line
878 if ((count = read_response_line(&sx->inblock, ptr, size, timelimit)) < 0)
881 HDEBUG(D_transport|D_acl|D_v)
882 debug_printf_indent(" %s %s\n", ptr == buffer ? "SMTP<<" : " ", ptr);
884 /* Check the format of the response: it must start with three digits; if
885 these are followed by a space or end of line, the response is complete. If
886 they are followed by '-' this is a multi-line response and we must look for
887 another line until the final line is reached. The only use made of multi-line
888 responses is to pass them back as error messages. We therefore just
889 concatenate them all within the buffer, which should be large enough to
890 accept any reasonable number of lines. */
896 (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0))
898 errno = ERRNO_SMTPFORMAT; /* format error */
902 /* If the line we have just read is a terminal line, line, we are done.
903 Otherwise more data has to be read. */
905 if (ptr[3] != '-') break;
907 /* Move the reading pointer upwards in the buffer and insert \n between the
908 components of a multiline response. Space is left for this by read_response_
917 tfo_out_check(sx->cctx.sock);
920 /* Return a value that depends on the SMTP return code. On some systems a
921 non-zero value of errno has been seen at this point, so ensure it is zero,
922 because the caller of this function looks at errno when FALSE is returned, to
923 distinguish between an unexpected return code and other errors such as
924 timeouts, lost connections, etc. */
927 yield = buffer[0] == okdigit;
930 smtp_debug_resp(buffer);
934 /* End of smtp_out.c */