+
+/* Wait for and check responses for early-pipelining.
+
+Called from the lower-level smtp_read_response() function
+used for general code that assume synchronisation, if context
+flags indicate outstanding early-pipelining commands. Also
+called fom sync_responses() which handles pipelined commands.
+
+Arguments:
+ sx smtp connection context
+ countp number of outstanding responses, adjusted on return
+
+Return:
+ OK all well
+ DEFER error on first read of TLS'd conn
+ FAIL SMTP error in response
+*/
+int
+smtp_reap_early_pipe(smtp_context * sx, int * countp)
+{
+BOOL pending_BANNER = sx->pending_BANNER;
+BOOL pending_EHLO = sx->pending_EHLO;
+int rc = FAIL;
+
+sx->pending_BANNER = FALSE; /* clear early to avoid recursion */
+sx->pending_EHLO = FALSE;
+
+if (pending_BANNER)
+ {
+ DEBUG(D_transport) debug_printf("%s expect banner\n", __FUNCTION__);
+ (*countp)--;
+ if (!smtp_reap_banner(sx))
+ {
+ DEBUG(D_transport) debug_printf("bad banner\n");
+ if (tls_out.active.sock >= 0) rc = DEFER;
+ goto fail;
+ }
+ }
+
+if (pending_EHLO)
+ {
+ unsigned peer_offered;
+ unsigned short authbits = 0, * ap;
+
+ DEBUG(D_transport) debug_printf("%s expect ehlo\n", __FUNCTION__);
+ (*countp)--;
+ if (!smtp_reap_ehlo(sx))
+ {
+ DEBUG(D_transport) debug_printf("bad response for EHLO\n");
+ if (tls_out.active.sock >= 0) rc = DEFER;
+ goto fail;
+ }
+
+ /* Compare the actual EHLO response extensions and AUTH methods to the cached
+ value we assumed; on difference, dump or rewrite the cache and arrange for a
+ retry. */
+
+ ap = tls_out.active.sock < 0
+ ? &sx->ehlo_resp.cleartext_auths : &sx->ehlo_resp.crypted_auths;
+
+ peer_offered = ehlo_response(sx->buffer,
+ (tls_out.active.sock < 0 ? OPTION_TLS : 0)
+ | OPTION_CHUNKING | OPTION_PRDR | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
+ | OPTION_UTF8 | OPTION_EARLY_PIPE
+ );
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+ if (tls_out.active.sock >= 0 || !(peer_offered & OPTION_TLS))
+ ehlo_response_limits_read(sx);
+#endif
+ if ( peer_offered != sx->peer_offered
+ || (authbits = study_ehlo_auths(sx)) != *ap)
+ {
+ HDEBUG(D_transport)
+ debug_printf("EHLO %s extensions changed, 0x%04x/0x%04x -> 0x%04x/0x%04x\n",
+ tls_out.active.sock < 0 ? "cleartext" : "crypted",
+ sx->peer_offered, *ap, peer_offered, authbits);
+ if (peer_offered & OPTION_EARLY_PIPE)
+ {
+ *(tls_out.active.sock < 0
+ ? &sx->ehlo_resp.cleartext_features : &sx->ehlo_resp.crypted_features) =
+ peer_offered;
+ *ap = authbits;
+ write_ehlo_cache_entry(sx);
+ }
+ else
+ invalidate_ehlo_cache_entry(sx);
+
+ return OK; /* just carry on */
+ }
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+ /* If we are handling LIMITS, compare the actual EHLO LIMITS values with the
+ cached values and invalidate cache if different. OK to carry on with
+ connect since values are advisory. */
+ {
+ if ( (tls_out.active.sock >= 0 || !(peer_offered & OPTION_TLS))
+ && ( sx->peer_limit_mail != sx->ehlo_resp.limit_mail
+ || sx->peer_limit_rcpt != sx->ehlo_resp.limit_rcpt
+ || sx->peer_limit_rcptdom != sx->ehlo_resp.limit_rcptdom
+ ) )
+ {
+ HDEBUG(D_transport)
+ {
+ debug_printf("EHLO LIMITS changed:");
+ if (sx->peer_limit_mail != sx->ehlo_resp.limit_mail)
+ debug_printf(" MAILMAX %u -> %u\n", sx->ehlo_resp.limit_mail, sx->peer_limit_mail);
+ else if (sx->peer_limit_rcpt != sx->ehlo_resp.limit_rcpt)
+ debug_printf(" RCPTMAX %u -> %u\n", sx->ehlo_resp.limit_rcpt, sx->peer_limit_rcpt);
+ else
+ debug_printf(" RCPTDOMAINMAX %u -> %u\n", sx->ehlo_resp.limit_rcptdom, sx->peer_limit_rcptdom);
+ }
+ invalidate_ehlo_cache_entry(sx);
+ }
+ }
+#endif
+ }
+return OK;
+
+fail:
+ invalidate_ehlo_cache_entry(sx);
+ (void) smtp_discard_responses(sx, sx->conn_args.ob, *countp);
+ return rc;
+}
+#endif /*!DISABLE_PIPE_CONNECT*/
+
+
+/*************************************************
+* Synchronize SMTP responses *
+*************************************************/
+
+/* This function is called from smtp_deliver() to receive SMTP responses from
+the server, and match them up with the commands to which they relate. When
+PIPELINING is not in use, this function is called after every command, and is
+therefore somewhat over-engineered, but it is simpler to use a single scheme
+that works both with and without PIPELINING instead of having two separate sets
+of code.
+
+The set of commands that are buffered up with pipelining may start with MAIL
+and may end with DATA; in between are RCPT commands that correspond to the
+addresses whose status is PENDING_DEFER. All other commands (STARTTLS, AUTH,
+etc.) are never buffered.
+
+Errors after MAIL or DATA abort the whole process leaving the response in the
+buffer. After MAIL, pending responses are flushed, and the original command is
+re-instated in big_buffer for error messages. For RCPT commands, the remote is
+permitted to reject some recipient addresses while accepting others. However
+certain errors clearly abort the whole process. Set the value in
+transport_return to PENDING_OK if the address is accepted. If there is a
+subsequent general error, it will get reset accordingly. If not, it will get
+converted to OK at the end.
+
+Arguments:
+ sx smtp connection context
+ count the number of responses to read
+ pending_DATA 0 if last command sent was not DATA
+ +1 if previously had a good recipient
+ -1 if not previously had a good recipient
+
+Returns: 3 if at least one address had 2xx and one had 5xx
+ 2 if at least one address had 5xx but none had 2xx
+ 1 if at least one host had a 2xx response, but none had 5xx
+ 0 no address had 2xx or 5xx but no errors (all 4xx, or just DATA)
+ -1 timeout while reading RCPT response
+ -2 I/O or other non-response error for RCPT
+ -3 DATA or MAIL failed - errno and buffer set
+ -4 banner or EHLO failed (early-pipelining)
+ -5 banner or EHLO failed (early-pipelining, TLS)
+*/
+
+static int
+sync_responses(smtp_context * sx, int count, int pending_DATA)
+{
+address_item * addr = sx->sync_addr;
+smtp_transport_options_block * ob = sx->conn_args.ob;
+int yield = 0;
+
+#ifndef DISABLE_PIPE_CONNECT
+int rc;
+if ((rc = smtp_reap_early_pipe(sx, &count)) != OK)
+ return rc == FAIL ? -4 : -5;
+#endif
+
+/* Handle the response for a MAIL command. On error, reinstate the original
+command in big_buffer for error message use, and flush any further pending
+responses before returning, except after I/O errors and timeouts. */
+
+if (sx->pending_MAIL)
+ {
+ DEBUG(D_transport) debug_printf("%s expect mail\n", __FUNCTION__);
+ count--;
+ sx->pending_MAIL = sx->RCPT_452 = FALSE;
+ if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
+ '2', ob->command_timeout))
+ {
+ DEBUG(D_transport) debug_printf("bad response for MAIL\n");
+ Ustrcpy(big_buffer, mail_command); /* Fits, because it came from there! */
+ if (errno == ERRNO_TLSFAILURE)
+ return -5;
+ if (errno == 0 && sx->buffer[0] != 0)
+ {
+ int save_errno = 0;
+ if (sx->buffer[0] == '4')