1 /* $Cambridge: exim/src/src/transports/lmtp.c,v 1.6 2005/08/02 11:22:24 ph10 Exp $ */
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
7 /* Copyright (c) University of Cambridge 1995 - 2005 */
8 /* See the file NOTICE for conditions of use and distribution. */
14 #define PENDING_OK 256
17 /* Options specific to the lmtp transport. They must be in alphabetic
18 order (note that "_" comes before the lower case letters). Those starting
19 with "*" are not settable by the user but are used by the option-reading
20 software for alternative value types. Some options are stored in the transport
21 instance block so as to be publicly visible; these are flagged with opt_public.
24 optionlist lmtp_transport_options[] = {
25 { "batch_id", opt_stringptr | opt_public,
26 (void *)offsetof(transport_instance, batch_id) },
27 { "batch_max", opt_int | opt_public,
28 (void *)offsetof(transport_instance, batch_max) },
29 { "command", opt_stringptr,
30 (void *)offsetof(lmtp_transport_options_block, cmd) },
31 { "ignore_quota", opt_bool,
32 (void *)offsetof(lmtp_transport_options_block, ignore_quota) },
33 { "socket", opt_stringptr,
34 (void *)offsetof(lmtp_transport_options_block, skt) },
35 { "timeout", opt_time,
36 (void *)offsetof(lmtp_transport_options_block, timeout) }
39 /* Size of the options list. An extern variable has to be used so that its
40 address can appear in the tables drtables.c. */
42 int lmtp_transport_options_count =
43 sizeof(lmtp_transport_options)/sizeof(optionlist);
45 /* Default private options block for the lmtp transport. */
47 lmtp_transport_options_block lmtp_transport_option_defaults = {
52 FALSE /* ignore_quota */
57 /*************************************************
58 * Initialization entry point *
59 *************************************************/
61 /* Called for each instance, after its options have been read, to
62 enable consistency checks to be done, or anything else that needs
66 lmtp_transport_init(transport_instance *tblock)
68 lmtp_transport_options_block *ob =
69 (lmtp_transport_options_block *)(tblock->options_block);
71 /* Either the command field or the socket field must be set */
73 if ((ob->cmd == NULL) == (ob->skt == NULL))
74 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
75 "one (and only one) of command or socket must be set for the %s transport",
78 /* If a fixed uid field is set, then a gid field must also be set. */
80 if (tblock->uid_set && !tblock->gid_set && tblock->expand_gid == NULL)
81 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
82 "user set without group for the %s transport", tblock->name);
84 /* Set up the bitwise options for transport_write_message from the various
85 driver options. Only one of body_only and headers_only can be set. */
88 (tblock->body_only? topt_no_headers : 0) |
89 (tblock->headers_only? topt_no_body : 0) |
90 (tblock->return_path_add? topt_add_return_path : 0) |
91 (tblock->delivery_date_add? topt_add_delivery_date : 0) |
92 (tblock->envelope_to_add? topt_add_envelope_to : 0) |
93 topt_use_crlf | topt_end_dot;
97 /*************************************************
98 * Check an LMTP response *
99 *************************************************/
101 /* This function is given an errno code and the LMTP response buffer to
102 analyse. It sets an appropriate message and puts the first digit of the
103 response code into the yield variable. If no response was actually read, a
104 suitable digit is chosen.
107 errno_value pointer to the errno value
108 more_errno from the top address for use with ERRNO_FILTER_FAIL
109 buffer the LMTP response buffer
110 yield where to put a one-digit LMTP response code
111 message where to put an errror message
113 Returns: TRUE if a "QUIT" command should be sent, else FALSE
116 static BOOL check_response(int *errno_value, int more_errno, uschar *buffer,
117 int *yield, uschar **message)
119 *yield = '4'; /* Default setting is to give a temporary error */
121 /* Handle response timeout */
123 if (*errno_value == ETIMEDOUT)
125 *message = string_sprintf("LMTP timeout after %s", big_buffer);
126 if (transport_count > 0)
127 *message = string_sprintf("%s (%d bytes written)", *message,
133 /* Handle malformed LMTP response */
135 if (*errno_value == ERRNO_SMTPFORMAT)
137 *message = string_sprintf("Malformed LMTP response after %s: %s",
138 big_buffer, string_printing(buffer));
142 /* Handle a failed filter process error; can't send QUIT as we mustn't
145 if (*errno_value == ERRNO_FILTER_FAIL)
147 *message = string_sprintf("transport filter process failed (%d)%s",
149 (more_errno == EX_EXECFAILED)? ": unable to execute command" : "");
153 /* Handle a failed add_headers expansion; can't send QUIT as we mustn't
156 if (*errno_value == ERRNO_CHHEADER_FAIL)
159 string_sprintf("failed to expand headers_add or headers_remove: %s",
160 expand_string_message);
164 /* Handle failure to write a complete data block */
166 if (*errno_value == ERRNO_WRITEINCOMPLETE)
168 *message = string_sprintf("failed to write a data block");
172 /* Handle error responses from the remote process. */
176 uschar *s = string_printing(buffer);
177 *message = string_sprintf("LMTP error after %s: %s", big_buffer, s);
182 /* No data was read. If there is no errno, this must be the EOF (i.e.
183 connection closed) case, which causes deferral. Otherwise, leave the errno
184 value to be interpreted. In all cases, we have to assume the connection is now
187 if (*errno_value == 0)
189 *errno_value = ERRNO_SMTPCLOSED;
190 *message = string_sprintf("LMTP connection closed after %s", big_buffer);
198 /*************************************************
199 * Write LMTP command *
200 *************************************************/
202 /* The formatted command is left in big_buffer so that it can be reflected in
206 fd the fd to write to
207 format a format, starting with one of
208 of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT.
209 ... data for the format
211 Returns: TRUE if successful, FALSE if not, with errno set
215 lmtp_write_command(int fd, char *format, ...)
219 va_start(ap, format);
220 if (!string_vformat(big_buffer, big_buffer_size, CS format, ap))
222 errno = ERRNO_SMTPFORMAT;
226 count = Ustrlen(big_buffer);
227 DEBUG(D_transport|D_v) debug_printf(" LMTP>> %s", big_buffer);
228 rc = write(fd, big_buffer, count);
229 big_buffer[count-2] = 0; /* remove \r\n for debug and error message */
230 if (rc > 0) return TRUE;
231 DEBUG(D_transport) debug_printf("write failed: %s\n", strerror(errno));
238 /*************************************************
239 * Read LMTP response *
240 *************************************************/
242 /* This function reads an LMTP response with a timeout, and returns the
243 response in the given buffer. It also analyzes the first digit of the reply
244 code and returns FALSE if it is not acceptable.
246 FALSE is also returned after a reading error. In this case buffer[0] will be
247 zero, and the error code will be in errno.
250 f a file to read from
251 buffer where to put the response
252 size the size of the buffer
253 okdigit the expected first digit of the response
254 timeout the timeout to use
256 Returns: TRUE if a valid, non-error response was received; else FALSE
260 lmtp_read_response(FILE *f, uschar *buffer, int size, int okdigit, int timeout)
263 uschar *ptr = buffer;
264 uschar *readptr = buffer;
266 /* Ensure errno starts out zero */
270 /* Loop for handling LMTP responses that do not all come in one line. */
274 /* If buffer is too full, something has gone wrong. */
279 errno = ERRNO_SMTPFORMAT;
283 /* Loop to cover the read getting interrupted. */
290 *readptr = 0; /* In case nothing gets read */
291 sigalrm_seen = FALSE;
293 rc = Ufgets(readptr, size-1, f);
298 if (rc != NULL) break; /* A line has been read */
300 /* Handle timeout; must do this first because it uses EINTR */
302 if (sigalrm_seen) errno = ETIMEDOUT;
304 /* If some other interrupt arrived, just retry. We presume this to be rare,
305 but it can happen (e.g. the SIGUSR1 signal sent by exiwhat causes
308 else if (errno == EINTR)
310 DEBUG(D_transport) debug_printf("EINTR while reading LMTP response\n");
314 /* Handle other errors, including EOF; ensure buffer is completely empty. */
320 /* Adjust size in case we have to read another line, and adjust the
321 count to be the length of the line we are about to inspect. */
323 count = Ustrlen(readptr);
325 count += readptr - ptr;
327 /* See if the final two characters in the buffer are \r\n. If not, we
328 have to read some more. At least, that is what we should do on a strict
329 interpretation of the RFC. But accept LF as well, as we do for SMTP. */
331 if (ptr[count-1] != '\n')
336 debug_printf("LMTP input line incomplete in one buffer:\n ");
337 for (i = 0; i < count; i++)
340 if (mac_isprint(c)) debug_printf("%c", c); else debug_printf("<%d>", c);
344 readptr = ptr + count;
348 /* Remove any whitespace at the end of the buffer. This gets rid of CR, LF
349 etc. at the end. Show it, if debugging, formatting multi-line responses. */
351 while (count > 0 && isspace(ptr[count-1])) count--;
354 DEBUG(D_transport|D_v)
360 while (*t != 0 && *t != '\n') t++;
361 debug_printf(" %s %*s\n", (s == ptr)? "LMTP<<" : " ",
368 /* Check the format of the response: it must start with three digits; if
369 these are followed by a space or end of line, the response is complete. If
370 they are followed by '-' this is a multi-line response and we must look for
371 another line until the final line is reached. The only use made of multi-line
372 responses is to pass them back as error messages. We therefore just
373 concatenate them all within the buffer, which should be large enough to
374 accept any reasonable number of lines. A multiline response may already
375 have been read in one go - hence the loop here. */
384 (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0))
386 errno = ERRNO_SMTPFORMAT; /* format error */
390 /* If a single-line response, exit the loop */
392 if (ptr[3] != '-') break;
394 /* For a multi-line response see if the next line is already read, and if
395 so, stay in this loop to check it. */
406 if (*p == 0) break; /* No more lines to check */
409 /* End of response. If the last of the lines we are looking at is the final
410 line, we are done. Otherwise more data has to be read. */
412 if (ptr[3] != '-') break;
414 /* Move the reading pointer upwards in the buffer and insert \n in case this
415 is an error message that subsequently gets printed. Set the scanning pointer
416 to the reading pointer position. */
424 /* Return a value that depends on the LMTP return code. Ensure that errno is
425 zero, because the caller of this function looks at errno when FALSE is
426 returned, to distinguish between an unexpected return code and other errors
427 such as timeouts, lost connections, etc. */
430 return buffer[0] == okdigit;
438 /*************************************************
440 *************************************************/
442 /* See local README for interface details. For setup-errors, this transport
443 returns FALSE, indicating that the first address has the status for all; in
444 normal cases it returns TRUE, indicating that each address has its own status
448 lmtp_transport_entry(
449 transport_instance *tblock, /* data for this instantiation */
450 address_item *addrlist) /* address(es) we are working on */
454 lmtp_transport_options_block *ob =
455 (lmtp_transport_options_block *)(tblock->options_block);
456 struct sockaddr_un sockun; /* don't call this "sun" ! */
457 int timeout = ob->timeout;
458 int fd_in = -1, fd_out = -1;
459 int code, save_errno;
463 uschar *igquotstr = US"";
464 uschar *sockname = NULL;
468 DEBUG(D_transport) debug_printf("%s transport entered\n", tblock->name);
470 /* Initialization ensures that either a command or a socket is specified, but
471 not both. When a command is specified, call the common function for creating an
472 argument list and expanding the items. */
476 DEBUG(D_transport) debug_printf("using command %s\n", ob->cmd);
477 sprintf(CS buffer, "%.50s transport", tblock->name);
478 if (!transport_set_up_command(&argv, ob->cmd, TRUE, PANIC, addrlist, buffer,
483 /* When a socket is specified, expand the string and create a socket. */
487 DEBUG(D_transport) debug_printf("using socket %s\n", ob->skt);
488 sockname = expand_string(ob->skt);
489 if (sockname == NULL)
491 addrlist->message = string_sprintf("Expansion of \"%s\" (socket setting "
492 "for %s transport) failed: %s", ob->skt, tblock->name,
493 expand_string_message);
496 if ((fd_in = fd_out = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
498 addrlist->message = string_sprintf(
499 "Failed to create socket %s for %s transport: %s",
500 ob->skt, tblock->name, strerror(errno));
505 /* If the -N option is set, can't do any more. Presume all has gone well. */
510 debug_printf("*** delivery by %s transport bypassed by -N option",
512 addrlist->transport_return = OK;
516 /* As this is a local transport, we are already running with the required
517 uid/gid and current directory. Request that the new process be a process group
518 leader, so we can kill it and all its children on an error. */
522 if ((pid = child_open(argv, NULL, 0, &fd_in, &fd_out, TRUE)) < 0)
524 addrlist->message = string_sprintf(
525 "Failed to create child process for %s transport: %s", tblock->name,
531 /* For a socket, try to make the connection */
535 sockun.sun_family = AF_UNIX;
536 sprintf(sockun.sun_path, "%.*s", (int)(sizeof(sockun.sun_path)-1), sockname);
537 if(connect(fd_out, (struct sockaddr *)(&sockun), sizeof(sockun)) == -1)
539 addrlist->message = string_sprintf(
540 "Failed to connect to socket %s for %s transport: %s",
541 sockun.sun_path, tblock->name, strerror(errno));
546 /* Make the output we are going to read into a file. */
548 out = fdopen(fd_out, "rb");
550 /* Now we must implement the LMTP protocol. It is like SMTP, except that after
551 the end of the message, a return code for every accepted RCPT TO is sent. This
552 allows for message+recipient checks after the message has been received. */
554 /* First thing is to wait for an initial greeting. */
556 Ustrcpy(big_buffer, "initial connection");
557 if (!lmtp_read_response(out, buffer, sizeof(buffer), '2',
558 timeout)) goto RESPONSE_FAILED;
560 /* Next, we send a LHLO command, and expect a positive response */
562 if (!lmtp_write_command(fd_in, "%s %s\r\n", "LHLO",
563 primary_hostname)) goto WRITE_FAILED;
565 if (!lmtp_read_response(out, buffer, sizeof(buffer), '2',
566 timeout)) goto RESPONSE_FAILED;
568 /* If the ignore_quota option is set, note whether the server supports the
569 IGNOREQUOTA option, and if so, set an appropriate addition for RCPT. */
571 if (ob->ignore_quota)
572 igquotstr = (pcre_exec(regex_IGNOREQUOTA, NULL, CS buffer,
573 Ustrlen(CS buffer), 0, PCRE_EOPT, NULL, 0) >= 0)? US" IGNOREQUOTA" : US"";
575 /* Now the envelope sender */
577 if (!lmtp_write_command(fd_in, "MAIL FROM:<%s>\r\n", return_path))
580 if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout))
581 goto RESPONSE_FAILED;
583 /* Next, we hand over all the recipients. Some may be permanently or
584 temporarily rejected; others may be accepted, for now. */
587 for (addr = addrlist; addr != NULL; addr = addr->next)
589 if (!lmtp_write_command(fd_in, "RCPT TO:<%s>%s\r\n",
590 transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr))
592 if (lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout))
595 addr->transport_return = PENDING_OK;
599 if (errno != 0 || buffer[0] == 0) goto RESPONSE_FAILED;
600 addr->message = string_sprintf("LMTP error after %s: %s", big_buffer,
601 string_printing(buffer));
602 if (buffer[0] == '5') addr->transport_return = FAIL; else
604 int bincode = (buffer[1] - '0')*10 + buffer[2] - '0';
605 addr->basic_errno = ERRNO_RCPT4XX;
606 addr->more_errno |= bincode << 8;
611 /* Now send the text of the message if there were any good recipients. */
617 if (!lmtp_write_command(fd_in, "DATA\r\n")) goto WRITE_FAILED;
618 if (!lmtp_read_response(out, buffer, sizeof(buffer), '3', timeout))
619 goto RESPONSE_FAILED;
621 sigalrm_seen = FALSE;
622 transport_write_timeout = timeout;
623 Ustrcpy(big_buffer, "sending data block"); /* For error messages */
624 DEBUG(D_transport|D_v)
625 debug_printf(" LMTP>> writing message and terminating \".\"\n");
628 ok = transport_write_message(addrlist, fd_in, ob->options, 0,
629 tblock->add_headers, tblock->remove_headers, US".", US"..",
630 tblock->rewrite_rules, tblock->rewrite_existflags);
632 /* Failure can either be some kind of I/O disaster (including timeout),
633 or the failure of a transport filter or the expansion of added headers. */
637 buffer[0] = 0; /* There hasn't been a response */
638 goto RESPONSE_FAILED;
641 Ustrcpy(big_buffer, "end of data"); /* For error messages */
643 /* We now expect a response for every address that was accepted above,
644 in the same order. For those that get a response, their status is fixed;
645 any that are accepted have been handed over, even if later responses crash -
646 at least, that's how I read RFC 2033. */
648 for (addr = addrlist; addr != NULL; addr = addr->next)
650 if (addr->transport_return != PENDING_OK) continue;
652 if (lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout))
653 addr->transport_return = OK;
655 /* If the response has failed badly, use it for all the remaining pending
656 addresses and give up. */
658 else if (errno != 0 || buffer[0] == 0)
662 check_response(&save_errno, addr->more_errno, buffer, &code,
664 addr->transport_return = (code == '5')? FAIL : DEFER;
665 for (a = addr->next; a != NULL; a = a->next)
667 if (a->transport_return != PENDING_OK) continue;
668 a->basic_errno = addr->basic_errno;
669 a->message = addr->message;
670 a->transport_return = addr->transport_return;
675 /* Otherwise, it's an LMTP error code return for one address */
679 addr->message = string_sprintf("LMTP error after %s: %s", big_buffer,
680 string_printing(buffer));
681 addr->transport_return = (buffer[0] == '5')? FAIL : DEFER;
686 /* The message transaction has completed successfully - this doesn't mean that
687 all the addresses have necessarily been transferred, but each has its status
688 set, so we change the yield to TRUE. */
691 (void) lmtp_write_command(fd_in, "QUIT\r\n");
692 (void) lmtp_read_response(out, buffer, sizeof(buffer), '2', 1);
697 /* Come here if any call to read_response, other than a response after the data
698 phase, failed. Put the error in the top address - this will be replicated
699 because the yield is still FALSE. Analyse the error, and if if isn't too bad,
700 send a QUIT command. Wait for the response with a short timeout, so we don't
701 wind up this process before the far end has had time to read the QUIT. */
706 addrlist->message = NULL;
708 if (check_response(&save_errno, addrlist->more_errno,
709 buffer, &code, &(addrlist->message)))
711 (void) lmtp_write_command(fd_in, "QUIT\r\n");
712 (void) lmtp_read_response(out, buffer, sizeof(buffer), '2', 1);
715 addrlist->transport_return = (code == '5')? FAIL : DEFER;
716 if (code == '4' && save_errno > 0)
717 addrlist->message = string_sprintf("%s: %s", addrlist->message,
718 strerror(save_errno));
719 goto KILL_AND_RETURN;
721 /* Come here if there are errors during writing of a command or the message
722 itself. This error will be applied to all the addresses. */
726 addrlist->transport_return = PANIC;
727 addrlist->basic_errno = errno;
728 if (errno == ERRNO_CHHEADER_FAIL)
730 string_sprintf("Failed to expand headers_add or headers_remove: %s",
731 expand_string_message);
732 else if (errno == ERRNO_FILTER_FAIL)
733 addrlist->message = string_sprintf("Filter process failure");
734 else if (errno == ERRNO_WRITEINCOMPLETE)
735 addrlist->message = string_sprintf("Failed repeatedly to write data");
736 else if (errno == ERRNO_SMTPFORMAT)
737 addrlist->message = US"overlong LMTP command generated";
739 addrlist->message = string_sprintf("Error %d", errno);
741 /* Come here after errors. Kill off the process. */
745 if (pid > 0) killpg(pid, SIGKILL);
747 /* Come here from all paths after the subprocess is created. Wait for the
748 process, but with a timeout. */
752 (void)child_close(pid, timeout);
754 if (fd_in >= 0) (void)close(fd_in);
755 if (fd_out >= 0) (void)fclose(out);
758 debug_printf("%s transport yields %d\n", tblock->name, yield);
763 /* End of transport/lmtp.c */