]> git.netwichtig.de Git - user/henk/code/exim.git/blobdiff - src/src/verify.c
projects / user / henk / code / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Expansions: errorcheck use of crypt() in the open-coded version of crypteq/crypt16
[user/henk/code/exim.git] / src / src / verify.c
diff --git a/src/src/verify.c b/src/src/verify.c
index 1ff8cd17f2071c5f8ddc8a843383981f64695d2f..f8f1809cb601ce29092ecb2f8dc849003a5c6289 100644 (file)
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -41,6 +41,8 @@ static tree_node *dnsbl_cache = NULL;
 
 static uschar cutthrough_response(char, uschar **);
 
+static int     off = 0;       /* for use by setsockopt */
+
 
 /*************************************************
 *          Retrieve a callout cache record       *
@@ -617,6 +619,7 @@ can do it there for the non-rcpt-verify case.  For this we keep an addresscount.
                  addr->transport);
     if (inblock.sock < 0)
       {
+      HDEBUG(D_verify) debug_printf("connect: %s\n", strerror(errno));
       addr->message = string_sprintf("could not connect to %s [%s]: %s",
           host->name, host->address, strerror(errno));
       transport_name = NULL;
@@ -682,6 +685,9 @@ can do it there for the non-rcpt-verify case.  For this we keep an addresscount.
     if (!smtps || (smtps && tls_out.active >= 0))
 #endif
       {
+#ifdef TCP_QUICKACK
+      (void) setsockopt(inblock.sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
+#endif
       if (!(done= smtp_read_response(&inblock, responsebuffer, sizeof(responsebuffer), '2', callout)))
         goto RESPONSE_FAILED;
 
@@ -755,7 +761,7 @@ can do it there for the non-rcpt-verify case.  For this we keep an addresscount.
        : 0;
       }
 
-    size_str = peer_offered & PEER_OFFERED_SIZE
+    size_str = options & vopt_is_recipient && peer_offered & PEER_OFFERED_SIZE
       ? string_sprintf(" SIZE=%d", message_size + ob->size_addition) : US"";
 
 #ifdef SUPPORT_TLS
@@ -820,24 +826,22 @@ can do it there for the non-rcpt-verify case.  For this we keep an addresscount.
        connection, if the options permit it for this host. */
         if (rc != OK)
           {
-         if (rc == DEFER)
-           {
-           (void)close(inblock.sock);
+         HDEBUG(D_transport|D_acl|D_v) debug_printf("  SMTP(close)>>\n");
+         (void)close(inblock.sock);
 # ifndef DISABLE_EVENT
-           (void) event_raise(addr->transport->event_action,
-                                   US"tcp:close", NULL);
+         (void) event_raise(addr->transport->event_action,
+                                 US"tcp:close", NULL);
 # endif
-           if (  ob->tls_tempfail_tryclear
-              && !smtps
-              && verify_check_given_host(&ob->hosts_require_tls, host) != OK
-              )
-             {
-             log_write(0, LOG_MAIN, "TLS session failure:"
-               " delivering unencrypted to %s [%s] (not in hosts_require_tls)",
-               host->name, host->address);
-             suppress_tls = TRUE;
-             goto tls_retry_connection;
-             }
+         if (  ob->tls_tempfail_tryclear
+            && !smtps
+            && verify_check_given_host(&ob->hosts_require_tls, host) != OK
+            )
+           {
+           log_write(0, LOG_MAIN, "TLS session failure:"
+             " callout unencrypted to %s [%s] (not in hosts_require_tls)",
+             host->name, host->address);
+           suppress_tls = TRUE;
+           goto tls_retry_connection;
            }
 
          /*save_errno = ERRNO_TLSFAILURE;*/
@@ -1093,6 +1097,7 @@ can do it there for the non-rcpt-verify case.  For this we keep an addresscount.
 #ifdef SUPPORT_TLS
            tls_close(FALSE, TRUE);
 #endif
+           HDEBUG(D_transport|D_acl|D_v) debug_printf("  SMTP(close)>>\n");
            (void)close(inblock.sock);
 #ifndef DISABLE_EVENT
            (void) event_raise(addr->transport->event_action,
@@ -1305,6 +1310,7 @@ can do it there for the non-rcpt-verify case.  For this we keep an addresscount.
 #ifdef SUPPORT_TLS
       tls_close(FALSE, TRUE);
 #endif
+      HDEBUG(D_transport|D_acl|D_v) debug_printf("  SMTP(close)>>\n");
       (void)close(inblock.sock);
 #ifndef DISABLE_EVENT
       (void) event_raise(addr->transport->event_action, US"tcp:close", NULL);
@@ -1626,6 +1632,7 @@ if(cutthrough.fd >= 0)
   #ifdef SUPPORT_TLS
   tls_close(FALSE, TRUE);
   #endif
+  HDEBUG(D_transport|D_acl|D_v) debug_printf("  SMTP(close)>>\n");
   (void)close(cutthrough.fd);
   cutthrough.fd = -1;
   HDEBUG(D_acl) debug_printf("----------- cutthrough shutdown (%s) ------------\n", why);