From 5e6d12accb0bdfa1cee9d8c9a1ecec3131b9f502 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 14 Mar 2017 16:38:41 +0000 Subject: Logging: mark continued-TLS connection deliveries with "X-*" --- test/stderr/2013 | 4 ++-- test/stderr/2113 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'test/stderr') diff --git a/test/stderr/2013 b/test/stderr/2013 index 60b23885f..c183664d6 100644 --- a/test/stderr/2013 +++ b/test/stderr/2013 @@ -49,7 +49,7 @@ cmd buf flush ddd bytes SMTP<< 250 OK id=10HmbB-0005vi-00 SMTP(close)>> LOG: MAIN - => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbB-0005vi-00" + => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> @@ -70,7 +70,7 @@ cmd buf flush ddd bytes SMTP(close)>> >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbC-0005vi-00" + => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stderr/2113 b/test/stderr/2113 index 55cfc39dd..ae0044b99 100644 --- a/test/stderr/2113 +++ b/test/stderr/2113 @@ -49,7 +49,7 @@ cmd buf flush ddd bytes SMTP<< 250 OK id=10HmbB-0005vi-00 SMTP(close)>> LOG: MAIN - => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbB-0005vi-00" + => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> @@ -70,7 +70,7 @@ cmd buf flush ddd bytes SMTP(close)>> >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbC-0005vi-00" + => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -- cgit v1.2.3 From 5013d912e961203f2ab2d5f64be90255cda81b80 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 21 Mar 2017 15:54:00 +0000 Subject: Logging: make cipher info available for continued-TLS connection deliveries --- doc/doc-docbook/spec.xfpt | 11 +++++------ doc/doc-txt/ChangeLog | 3 +-- src/src/deliver.c | 8 ++++++-- src/src/exim.c | 10 ++++++---- src/src/globals.c | 2 +- src/src/globals.h | 2 +- src/src/transport.c | 5 +++-- src/src/transports/smtp.c | 4 ++-- test/log/2013 | 4 ++-- test/log/2113 | 4 ++-- test/stderr/2013 | 4 ++-- test/stderr/2113 | 4 ++-- 12 files changed, 33 insertions(+), 28 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 128ee8004..c62c1eecf 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -3869,12 +3869,12 @@ by Exim in conjunction with the &%-MC%& option, and passes on the fact that the host to which Exim is connected supports TLS encryption. .new -.vitem &%-MCt%&&~<&'IP&~address'&>&~<&'port'&> +.vitem &%-MCt%&&~<&'IP&~address'&>&~<&'port'&>&~<&'cipher'&> .oindex "&%-MCt%&" This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option, and passes on the fact that the connection is being proxied by a parent process for handling TLS encryption. -The pair of arguments give the local address and port being proxied. +The arguments give the local address and port being proxied, and the TLS cipher. .wen .vitem &%-Mc%&&~<&'message&~id'&>&~<&'message&~id'&>&~... @@ -35774,10 +35774,9 @@ down a single SMTP connection, an asterisk follows the IP address in the log lines for the second and subsequent messages. .new When two or more messages are delivered down a single TLS connection, the -DNS and TLS-related information logged for the first message delivered +DNS and some TLS-related information logged for the first message delivered will not be present in the log lines for the second and subsequent messages. -A TLS-marker indication of &'X=*'& is added to the log line instead of -cipher information. +TLS cipher information is still available. .wen .cindex "delivery" "cutthrough; logging" @@ -35906,7 +35905,7 @@ the following table: &`T `& on &`<=`& lines: message subject (topic) &` `& on &`=>`& &`**`& and &`==`& lines: transport name &`U `& local user or RFC 1413 identity -&`X `& TLS cipher suite, or TLS usage mark +&`X `& TLS cipher suite .endd diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index ac35c75f1..3e5d6f7fc 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -24,8 +24,7 @@ JH/03 Rework the transport continued-connection mechanism: when TLS is active, the passed-on TCP connection. Instead, proxy the child (and any subsequent ones) for TLS via a unix-domain socket channel. Logging is affected: the continued delivery log lines do not have any DNSSEC, TLS - cipher, Certificate or OCSP information. A "continued-TLS" marker is - added instead of the cipher information: "X=*". + Certificate or OCSP information. TLS cipher information is still logged. JH/04 Shorten the log line for daemon startup by collapsing adjacent sets of identical IP addresses on different listening ports. Will also affect diff --git a/src/src/deliver.c b/src/src/deliver.c index 7743d37c3..ccc32667e 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -4715,8 +4715,12 @@ for (delivery_count = 0; addr_remote; delivery_count++) rmt_dlv_checked_write(fd, 'X', '1', big_buffer, ptr - big_buffer); } - else if (continue_proxy) /* known TLS, but no cipher info */ - rmt_dlv_checked_write(fd, 'X', '1', US"*\0", 3); + else if (continue_proxy_cipher) + { + ptr = big_buffer + sprintf(CS big_buffer, "%.128s", continue_proxy_cipher) + 1; + *ptr++ = 0; + rmt_dlv_checked_write(fd, 'X', '1', big_buffer, ptr - big_buffer); + } if (addr->peercert) { diff --git a/src/src/exim.c b/src/src/exim.c index fd08cc780..383382072 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -2710,7 +2710,7 @@ for (i = 1; i < argc; i++) /* Set up $sending_ip_address and $sending_port, unless proxied */ - if (!continue_proxy) + if (!continue_proxy_cipher) if (getsockname(fileno(stdin), (struct sockaddr *)(&interface_sock), &size) == 0) sending_ip_address = host_ntoa(-1, &interface_sock, NULL, @@ -2774,13 +2774,15 @@ for (i = 1; i < argc; i++) #ifdef SUPPORT_TLS /* -MCt: similar to -MCT below but the connection is still open via a proxy proces which handles the TLS context and coding. - Require two arguments for the proxied local address and port. */ + Require three arguments for the proxied local address and port, + and the TLS cipher. */ - case 't': continue_proxy = TRUE; - if (++i < argc) sending_ip_address = argv[i]; + case 't': if (++i < argc) sending_ip_address = argv[i]; else badarg = TRUE; if (++i < argc) sending_port = (int)(Uatol(argv[i])); else badarg = TRUE; + if (++i < argc) continue_proxy_cipher = argv[i]; + else badarg = TRUE; /*FALLTHROUGH*/ /* -MCT: set the tls_offered flag; this is useful only when it diff --git a/src/src/globals.c b/src/src/globals.c index f3e4bad96..9e417b0d2 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -529,11 +529,11 @@ uid_t config_uid = 0; #endif int connection_max_messages= -1; +uschar *continue_proxy_cipher = NULL; uschar *continue_hostname = NULL; uschar *continue_host_address = NULL; BOOL continue_more = FALSE; int continue_sequence = 1; -BOOL continue_proxy = FALSE; uschar *continue_transport = NULL; uschar *csa_status = NULL; diff --git a/src/src/globals.h b/src/src/globals.h index 750a960eb..72be706a4 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -289,11 +289,11 @@ extern uschar *config_main_filelist; /* List of possible config files */ extern uschar *config_main_filename; /* File name actually used */ extern uschar *config_main_directory; /* Directory where the main config file was found */ extern uid_t config_uid; /* Additional owner */ +extern uschar *continue_proxy_cipher; /* TLS cipher for proxied continued delivery */ extern uschar *continue_hostname; /* Host for continued delivery */ extern uschar *continue_host_address; /* IP address for ditto */ extern BOOL continue_more; /* Flag more addresses waiting */ extern int continue_sequence; /* Sequence num for continued delivery */ -extern BOOL continue_proxy; /* Continued delivery is proxied for TLS */ extern uschar *continue_transport; /* Transport for continued delivery */ extern uschar *csa_status; /* Client SMTP Authorization result */ diff --git a/src/src/transport.c b/src/src/transport.c index aca33762b..e6e327822 100644 --- a/src/src/transport.c +++ b/src/src/transport.c @@ -1959,7 +1959,7 @@ DEBUG(D_transport) debug_printf("transport_pass_socket entered\n"); if ((pid = fork()) == 0) { - int i = 19; + int i = 20; const uschar **argv; /* Disconnect entirely from the parent process. If we are running in the @@ -1983,11 +1983,12 @@ if ((pid = fork()) == 0) if (smtp_peer_options & PEER_OFFERED_SIZE) argv[i++] = US"-MCS"; #ifdef SUPPORT_TLS if (smtp_peer_options & PEER_OFFERED_TLS) - if (tls_out.active >= 0 || continue_proxy) + if (tls_out.active >= 0 || continue_proxy_cipher) { argv[i++] = US"-MCt"; argv[i++] = sending_ip_address; argv[i++] = string_sprintf("%d", sending_port); + argv[i++] = tls_out.active >= 0 ? tls_out.cipher : continue_proxy_cipher; } else argv[i++] = US"-MCT"; diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index 52e04b8a5..34c96dbff 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -1823,7 +1823,7 @@ else /* For a continued connection with TLS being proxied for us, nothing more to do. */ - if (continue_proxy) + if (continue_proxy_cipher) { sx->peer_offered = smtp_peer_options; pipelining_active = !!(smtp_peer_options & PEER_OFFERED_PIPE); @@ -3277,7 +3277,7 @@ if (sx.completed_addr && sx.ok && sx.send_quit) || continue_more || ( #ifdef SUPPORT_TLS - ( tls_out.active < 0 && !continue_proxy + ( tls_out.active < 0 && !continue_proxy_cipher || verify_check_given_host(&sx.ob->hosts_nopass_tls, host) != OK ) && diff --git a/test/log/2013 b/test/log/2013 index ad78743ec..e66fdbfae 100644 --- a/test/log/2013 +++ b/test/log/2013 @@ -4,9 +4,9 @@ 1999-03-02 09:44:33 Start queue run: pid=pppp -qqf 1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmbA-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed -1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbB-0005vi-00" 1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed -1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00" +1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbC-0005vi-00" 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qqf diff --git a/test/log/2113 b/test/log/2113 index 88eafe9b3..144154088 100644 --- a/test/log/2113 +++ b/test/log/2113 @@ -4,9 +4,9 @@ 1999-03-02 09:44:33 Start queue run: pid=pppp -qqf 1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbA-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed -1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbB-0005vi-00" 1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed -1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00" +1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbC-0005vi-00" 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qqf diff --git a/test/stderr/2013 b/test/stderr/2013 index c183664d6..4c1b0ce12 100644 --- a/test/stderr/2013 +++ b/test/stderr/2013 @@ -49,7 +49,7 @@ cmd buf flush ddd bytes SMTP<< 250 OK id=10HmbB-0005vi-00 SMTP(close)>> LOG: MAIN - => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00" + => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbB-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> @@ -70,7 +70,7 @@ cmd buf flush ddd bytes SMTP(close)>> >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00" + => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbC-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stderr/2113 b/test/stderr/2113 index ae0044b99..af5ff730f 100644 --- a/test/stderr/2113 +++ b/test/stderr/2113 @@ -49,7 +49,7 @@ cmd buf flush ddd bytes SMTP<< 250 OK id=10HmbB-0005vi-00 SMTP(close)>> LOG: MAIN - => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00" + => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbB-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> @@ -70,7 +70,7 @@ cmd buf flush ddd bytes SMTP(close)>> >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00" + => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbC-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -- cgit v1.2.3 From 57cc27852af9019c0c423bcfde0165e698a0ce54 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 21 Mar 2017 16:16:38 +0000 Subject: Callouts: a "hold" option for receipient-verify, which keeps the connection open both for further recipients and for eventual delivery. --- doc/doc-docbook/spec.xfpt | 15 ++ doc/doc-txt/NewStuff | 3 + src/src/acl.c | 38 ++-- src/src/daemon.c | 15 +- src/src/deliver.c | 479 ++++++++++++++++++++++++----------------- src/src/exim.c | 74 ++++--- src/src/functions.h | 11 +- src/src/globals.c | 2 + src/src/globals.h | 6 + src/src/macros.h | 3 +- src/src/receive.c | 72 ++++--- src/src/smtp_in.c | 8 +- src/src/tls-openssl.c | 1 + src/src/transport.c | 125 ++++++----- src/src/transports/smtp.c | 128 +++++++---- src/src/verify.c | 160 +++++++++----- test/confs/0580 | 46 ++++ test/confs/0581 | 1 + test/confs/0582 | 1 + test/confs/2035 | 84 ++++++++ test/confs/2036 | 1 + test/confs/2037 | 1 + test/confs/2135 | 85 ++++++++ test/confs/2136 | 1 + test/confs/2137 | 1 + test/log/0580 | 15 ++ test/log/0581 | 23 ++ test/log/0582 | 3 + test/log/2035 | 11 + test/log/2036 | 20 ++ test/log/2037 | 10 + test/log/2135 | 11 + test/log/2136 | 20 ++ test/log/2137 | 10 + test/rejectlog/0582 | 1 + test/rejectlog/2037 | 21 ++ test/rejectlog/2137 | 20 ++ test/scripts/0000-Basic/0580 | 156 ++++++++++++++ test/scripts/0000-Basic/0581 | 264 +++++++++++++++++++++++ test/scripts/0000-Basic/0582 | 56 +++++ test/scripts/2000-GnuTLS/2035 | 26 +++ test/scripts/2000-GnuTLS/2036 | 70 ++++++ test/scripts/2000-GnuTLS/2037 | 31 +++ test/scripts/2100-OpenSSL/2135 | 25 +++ test/scripts/2100-OpenSSL/2136 | 71 ++++++ test/scripts/2100-OpenSSL/2137 | 30 +++ test/stderr/0021 | 1 + test/stderr/0275 | 1 + test/stderr/0278 | 1 + test/stderr/0361 | 1 + test/stderr/0386 | 2 + test/stderr/0388 | 1 + test/stderr/0402 | 1 + test/stderr/0403 | 1 + test/stderr/0404 | 2 + test/stderr/0408 | 1 + test/stderr/0487 | 1 + test/stderr/2600 | 1 + test/stderr/5004 | 1 + test/stderr/5005 | 4 + test/stderr/5006 | 1 + 61 files changed, 1823 insertions(+), 452 deletions(-) create mode 100644 test/confs/0580 create mode 120000 test/confs/0581 create mode 120000 test/confs/0582 create mode 100644 test/confs/2035 create mode 120000 test/confs/2036 create mode 120000 test/confs/2037 create mode 100644 test/confs/2135 create mode 120000 test/confs/2136 create mode 120000 test/confs/2137 create mode 100644 test/log/0580 create mode 100644 test/log/0581 create mode 100644 test/log/0582 create mode 100644 test/log/2035 create mode 100644 test/log/2036 create mode 100644 test/log/2037 create mode 100644 test/log/2135 create mode 100644 test/log/2136 create mode 100644 test/log/2137 create mode 100644 test/rejectlog/0582 create mode 100644 test/rejectlog/2037 create mode 100644 test/rejectlog/2137 create mode 100644 test/scripts/0000-Basic/0580 create mode 100644 test/scripts/0000-Basic/0581 create mode 100644 test/scripts/0000-Basic/0582 create mode 100644 test/scripts/2000-GnuTLS/2035 create mode 100644 test/scripts/2000-GnuTLS/2036 create mode 100644 test/scripts/2000-GnuTLS/2037 create mode 100644 test/scripts/2100-OpenSSL/2135 create mode 100644 test/scripts/2100-OpenSSL/2136 create mode 100644 test/scripts/2100-OpenSSL/2137 (limited to 'test/stderr') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index c62c1eecf..925b96324 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -30908,6 +30908,21 @@ command when performing the callout, instead of an empty address. There is no need to use this option unless you know that the called hosts make use of the sender when checking recipients. If used indiscriminately, it reduces the usefulness of callout caching. + +.vitem &*hold*& +This option applies to recipient callouts only. For example: +.code +require verify = recipient/callout=use_sender,hold +.endd +It causes the connection to be helod open and used for any further recipients +and for eventual delivery (should that be done quickly). +Doing this saves on TCP and SMTP startup costs, and TLS costs also +when that is used for the connections. +The advantage is only gained if there are no callout cache hits +(which could be enforced by the no_cache option), +if the use_sender option is used, +if neither the random nor the use_postmaster option is used, +and if no other callouts intervene. .endlist If you use any of the parameters that set a non-empty sender for the MAIL diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 872371fcb..c0d07b446 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -23,6 +23,9 @@ Version 4.90 4. A malware connection type for the FPSCAND protocol. + 5. An option for recipient verify callouts to hold the connection open for + further recipients and for delivery. + Version 4.89 ------------ diff --git a/src/src/acl.c b/src/src/acl.c index efab1d31e..7aa8c78ad 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -1500,7 +1500,7 @@ static verify_type_t verify_type_list[] = { enum { CALLOUT_DEFER_OK, CALLOUT_NOCACHE, CALLOUT_RANDOM, CALLOUT_USE_SENDER, CALLOUT_USE_POSTMASTER, CALLOUT_POSTMASTER, CALLOUT_FULLPOSTMASTER, CALLOUT_MAILFROM, CALLOUT_POSTMASTER_MAILFROM, CALLOUT_MAXWAIT, CALLOUT_CONNECT, - CALLOUT_TIME + CALLOUT_HOLD, CALLOUT_TIME /* TIME must be last */ }; typedef struct { uschar * name; @@ -1521,6 +1521,7 @@ static callout_opt_t callout_opt_list[] = { { US"mailfrom", CALLOUT_MAILFROM, 0, TRUE, FALSE }, { US"maxwait", CALLOUT_MAXWAIT, 0, TRUE, TRUE }, { US"connect", CALLOUT_CONNECT, 0, TRUE, TRUE }, + { US"hold", CALLOUT_HOLD, vopt_callout_hold, FALSE, FALSE }, { NULL, CALLOUT_TIME, 0, FALSE, TRUE } }; @@ -1744,8 +1745,7 @@ while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)) uschar buffer[256]; while (isspace(*sublist)) sublist++; - while ((opt = string_nextinlist(&sublist, &optsep, buffer, sizeof(buffer))) - != NULL) + while ((opt = string_nextinlist(&sublist, &optsep, buffer, sizeof(buffer)))) { callout_opt_t * op; double period = 1.0F; @@ -1767,15 +1767,11 @@ while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)) } while (isspace(*opt)) opt++; } - if (op->timeval) + if (op->timeval && (period = readconf_readtime(opt, 0, FALSE)) < 0) { - period = readconf_readtime(opt, 0, FALSE); - if (period < 0) - { - *log_msgptr = string_sprintf("bad time value in ACL condition " - "\"verify %s\"", arg); - return ERROR; - } + *log_msgptr = string_sprintf("bad time value in ACL condition " + "\"verify %s\"", arg); + return ERROR; } switch(op->value) @@ -3069,7 +3065,7 @@ for (; cb != NULL; cb = cb->next) break; case CONTROL_FAKEREJECT: - cancel_cutthrough_connection("fakereject"); + cancel_cutthrough_connection(TRUE, US"fakereject"); case CONTROL_FAKEDEFER: fake_response = (control_type == CONTROL_FAKEDEFER) ? DEFER : FAIL; if (*p == '/') @@ -3100,12 +3096,12 @@ for (; cb != NULL; cb = cb->next) *log_msgptr = string_sprintf("syntax error in \"control=%s\"", arg); return ERROR; } - cancel_cutthrough_connection("item frozen"); + cancel_cutthrough_connection(TRUE, US"item frozen"); break; case CONTROL_QUEUE_ONLY: queue_only_policy = TRUE; - cancel_cutthrough_connection("queueing forced"); + cancel_cutthrough_connection(TRUE, US"queueing forced"); break; case CONTROL_SUBMISSION: @@ -4334,8 +4330,9 @@ switch (where) #ifndef DISABLE_PRDR case ACL_WHERE_PRDR: #endif + if (host_checking_callout) /* -bhc mode */ - cancel_cutthrough_connection("host-checking mode"); + cancel_cutthrough_connection(TRUE, US"host-checking mode"); else if ( rc == OK && cutthrough.delivery @@ -4362,13 +4359,20 @@ switch (where) if (rc == OK) cutthrough_predata(); else - cancel_cutthrough_connection("predata acl not ok"); + cancel_cutthrough_connection(TRUE, US"predata acl not ok"); break; case ACL_WHERE_QUIT: case ACL_WHERE_NOTQUIT: - cancel_cutthrough_connection("quit or notquit"); + /* Drop cutthrough conns, and drop heldopen verify conns if + the previous was not DATA */ + { + uschar prev = smtp_connection_had[smtp_ch_index-2]; + BOOL dropverify = !(prev == SCH_DATA || prev == SCH_BDAT); + + cancel_cutthrough_connection(dropverify, US"quit or conndrop"); break; + } default: break; diff --git a/src/src/daemon.c b/src/src/daemon.c index ebd06b523..187378684 100644 --- a/src/src/daemon.c +++ b/src/src/daemon.c @@ -510,6 +510,7 @@ if (pid == 0) search_tidyup(); /* Close cached databases */ if (!ok) /* Connection was dropped */ { + cancel_cutthrough_connection(TRUE, US"receive dropped"); mac_smtp_fflush(); smtp_log_no_mail(); /* Log no mail if configured */ _exit(EXIT_SUCCESS); @@ -528,6 +529,7 @@ if (pid == 0) if (fcntl(fd, F_SETFL, O_NONBLOCK) == 0) for(i = 16; read(fd, buf, sizeof(buf)) > 0 && i > 0; ) i--; } + cancel_cutthrough_connection(TRUE, US"message setup dropped"); search_tidyup(); smtp_log_no_mail(); /* Log no mail if configured */ @@ -653,9 +655,9 @@ if (pid == 0) /* Don't ever molest the parent's SSL connection, but do clean up the data structures if necessary. */ - #ifdef SUPPORT_TLS +#ifdef SUPPORT_TLS tls_close(TRUE, FALSE); - #endif +#endif /* Reset SIGHUP and SIGCHLD in the child in both cases. */ @@ -665,25 +667,28 @@ if (pid == 0) if (geteuid() != root_uid && !deliver_drop_privilege) { signal(SIGALRM, SIG_DFL); - (void)child_exec_exim(CEE_EXEC_PANIC, FALSE, NULL, FALSE, - 2, US"-Mc", message_id); + delivery_re_exec(CEE_EXEC_PANIC); /* Control does not return here. */ } /* No need to re-exec; SIGALRM remains set to the default handler */ - (void)deliver_message(message_id, FALSE, FALSE); + (void) deliver_message(message_id, FALSE, FALSE); search_tidyup(); _exit(EXIT_SUCCESS); } if (dpid > 0) { + release_cutthrough_connection(US"passed for delivery"); DEBUG(D_any) debug_printf("forked delivery process %d\n", (int)dpid); } else + { + cancel_cutthrough_connection(TRUE, US"delivery fork failed"); log_write(0, LOG_MAIN|LOG_PANIC, "daemon: delivery process fork " "failed: %s", strerror(errno)); + } } } } diff --git a/src/src/deliver.c b/src/src/deliver.c index ccc32667e..351a02b0a 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -3366,15 +3366,15 @@ while (!done) up by checking the IP address. */ case 'H': - for (h = addrlist->host_list; h; h = h->next) - { - if (!h->address || Ustrcmp(h->address, ptr+2) != 0) continue; - h->status = ptr[0]; - h->why = ptr[1]; - } - ptr += 2; - while (*ptr++); - break; + for (h = addrlist->host_list; h; h = h->next) + { + if (!h->address || Ustrcmp(h->address, ptr+2) != 0) continue; + h->status = ptr[0]; + h->why = ptr[1]; + } + ptr += 2; + while (*ptr++); + break; /* Retry items are sent in a preceding R item for each address. This is kept separate to keep each message short enough to guarantee it won't @@ -3388,62 +3388,61 @@ while (!done) that a "delete" item is dropped in favour of an "add" item. */ case 'R': - if (!addr) goto ADDR_MISMATCH; + if (!addr) goto ADDR_MISMATCH; - DEBUG(D_deliver|D_retry) - debug_printf("reading retry information for %s from subprocess\n", - ptr+1); + DEBUG(D_deliver|D_retry) + debug_printf("reading retry information for %s from subprocess\n", + ptr+1); - /* Cut out any "delete" items on the list. */ + /* Cut out any "delete" items on the list. */ - for (rp = &addr->retries; (r = *rp); rp = &r->next) - if (Ustrcmp(r->key, ptr+1) == 0) /* Found item with same key */ - { - if ((r->flags & rf_delete) == 0) break; /* It was not "delete" */ - *rp = r->next; /* Excise a delete item */ - DEBUG(D_deliver|D_retry) - debug_printf(" existing delete item dropped\n"); - } + for (rp = &addr->retries; (r = *rp); rp = &r->next) + if (Ustrcmp(r->key, ptr+1) == 0) /* Found item with same key */ + { + if (!(r->flags & rf_delete)) break; /* It was not "delete" */ + *rp = r->next; /* Excise a delete item */ + DEBUG(D_deliver|D_retry) + debug_printf(" existing delete item dropped\n"); + } - /* We want to add a delete item only if there is no non-delete item; - however we still have to step ptr through the data. */ + /* We want to add a delete item only if there is no non-delete item; + however we still have to step ptr through the data. */ - if (!r || !(*ptr & rf_delete)) - { - r = store_get(sizeof(retry_item)); - r->next = addr->retries; - addr->retries = r; - r->flags = *ptr++; - r->key = string_copy(ptr); - while (*ptr++); - memcpy(&(r->basic_errno), ptr, sizeof(r->basic_errno)); - ptr += sizeof(r->basic_errno); - memcpy(&(r->more_errno), ptr, sizeof(r->more_errno)); - ptr += sizeof(r->more_errno); - r->message = (*ptr)? string_copy(ptr) : NULL; - DEBUG(D_deliver|D_retry) - debug_printf(" added %s item\n", - ((r->flags & rf_delete) == 0)? "retry" : "delete"); - } + if (!r || !(*ptr & rf_delete)) + { + r = store_get(sizeof(retry_item)); + r->next = addr->retries; + addr->retries = r; + r->flags = *ptr++; + r->key = string_copy(ptr); + while (*ptr++); + memcpy(&(r->basic_errno), ptr, sizeof(r->basic_errno)); + ptr += sizeof(r->basic_errno); + memcpy(&(r->more_errno), ptr, sizeof(r->more_errno)); + ptr += sizeof(r->more_errno); + r->message = *ptr ? string_copy(ptr) : NULL; + DEBUG(D_deliver|D_retry) debug_printf(" added %s item\n", + r->flags & rf_delete ? "delete" : "retry"); + } - else - { - DEBUG(D_deliver|D_retry) - debug_printf(" delete item not added: non-delete item exists\n"); - ptr++; - while(*ptr++); - ptr += sizeof(r->basic_errno) + sizeof(r->more_errno); - } + else + { + DEBUG(D_deliver|D_retry) + debug_printf(" delete item not added: non-delete item exists\n"); + ptr++; + while(*ptr++); + ptr += sizeof(r->basic_errno) + sizeof(r->more_errno); + } - while(*ptr++); - break; + while(*ptr++); + break; /* Put the amount of data written into the parlist block */ case 'S': - memcpy(&(p->transport_count), ptr, sizeof(transport_count)); - ptr += sizeof(transport_count); - break; + memcpy(&(p->transport_count), ptr, sizeof(transport_count)); + ptr += sizeof(transport_count); + break; /* Address items are in the order of items on the address chain. We remember the current address value in case this function is called @@ -3454,162 +3453,157 @@ while (!done) #ifdef SUPPORT_TLS case 'X': - if (!addr) goto ADDR_MISMATCH; /* Below, in 'A' handler */ - switch (subid) - { - case '1': - addr->cipher = NULL; - addr->peerdn = NULL; - - if (*ptr) - addr->cipher = string_copy(ptr); - while (*ptr++); - if (*ptr) - addr->peerdn = string_copy(ptr); - break; - - case '2': - if (*ptr) - (void) tls_import_cert(ptr, &addr->peercert); - else - addr->peercert = NULL; - break; + if (!addr) goto ADDR_MISMATCH; /* Below, in 'A' handler */ + switch (subid) + { + case '1': + addr->cipher = NULL; + addr->peerdn = NULL; - case '3': - if (*ptr) - (void) tls_import_cert(ptr, &addr->ourcert); - else - addr->ourcert = NULL; - break; + if (*ptr) + addr->cipher = string_copy(ptr); + while (*ptr++); + if (*ptr) + addr->peerdn = string_copy(ptr); + break; + + case '2': + if (*ptr) + (void) tls_import_cert(ptr, &addr->peercert); + else + addr->peercert = NULL; + break; + + case '3': + if (*ptr) + (void) tls_import_cert(ptr, &addr->ourcert); + else + addr->ourcert = NULL; + break; # ifndef DISABLE_OCSP - case '4': - addr->ocsp = *ptr ? *ptr - '0' : OCSP_NOT_REQ; - break; + case '4': + addr->ocsp = *ptr ? *ptr - '0' : OCSP_NOT_REQ; + break; # endif - } - while (*ptr++); - break; + } + while (*ptr++); + break; #endif /*SUPPORT_TLS*/ case 'C': /* client authenticator information */ - switch (subid) - { - case '1': - addr->authenticator = (*ptr)? string_copy(ptr) : NULL; - break; - case '2': - addr->auth_id = (*ptr)? string_copy(ptr) : NULL; - break; - case '3': - addr->auth_sndr = (*ptr)? string_copy(ptr) : NULL; - break; - } - while (*ptr++); - break; + switch (subid) + { + case '1': addr->authenticator = *ptr ? string_copy(ptr) : NULL; break; + case '2': addr->auth_id = *ptr ? string_copy(ptr) : NULL; break; + case '3': addr->auth_sndr = *ptr ? string_copy(ptr) : NULL; break; + } + while (*ptr++); + break; #ifndef DISABLE_PRDR case 'P': - addr->flags |= af_prdr_used; - break; + addr->flags |= af_prdr_used; + break; #endif case 'K': - addr->flags |= af_chunking_used; - break; + addr->flags |= af_chunking_used; + break; case 'D': - if (!addr) goto ADDR_MISMATCH; - memcpy(&(addr->dsn_aware), ptr, sizeof(addr->dsn_aware)); - ptr += sizeof(addr->dsn_aware); - DEBUG(D_deliver) debug_printf("DSN read: addr->dsn_aware = %d\n", addr->dsn_aware); - break; - - case 'A': - if (!addr) - { - ADDR_MISMATCH: - msg = string_sprintf("address count mismatch for data read from pipe " - "for transport process %d for transport %s", pid, - addrlist->transport->driver_name); - done = TRUE; + if (!addr) goto ADDR_MISMATCH; + memcpy(&(addr->dsn_aware), ptr, sizeof(addr->dsn_aware)); + ptr += sizeof(addr->dsn_aware); + DEBUG(D_deliver) debug_printf("DSN read: addr->dsn_aware = %d\n", addr->dsn_aware); break; - } - switch (subid) - { -#ifdef SUPPORT_SOCKS - case '2': /* proxy information; must arrive before A0 and applies to that addr XXX oops*/ - proxy_session = TRUE; /*XXX should this be cleared somewhere? */ - if (*ptr == 0) - ptr++; - else - { - proxy_local_address = string_copy(ptr); - while(*ptr++); - memcpy(&proxy_local_port, ptr, sizeof(proxy_local_port)); - ptr += sizeof(proxy_local_port); - } + case 'A': + if (!addr) + { + ADDR_MISMATCH: + msg = string_sprintf("address count mismatch for data read from pipe " + "for transport process %d for transport %s", pid, + addrlist->transport->driver_name); + done = TRUE; break; -#endif + } -#ifdef EXPERIMENTAL_DSN_INFO - case '1': /* must arrive before A0, and applies to that addr */ - /* Two strings: smtp_greeting and helo_response */ - addr->smtp_greeting = string_copy(ptr); - while(*ptr++); - addr->helo_response = string_copy(ptr); - while(*ptr++); - break; -#endif + switch (subid) + { + #ifdef SUPPORT_SOCKS + case '2': /* proxy information; must arrive before A0 and applies to that addr XXX oops*/ + proxy_session = TRUE; /*XXX should this be cleared somewhere? */ + if (*ptr == 0) + ptr++; + else + { + proxy_local_address = string_copy(ptr); + while(*ptr++); + memcpy(&proxy_local_port, ptr, sizeof(proxy_local_port)); + ptr += sizeof(proxy_local_port); + } + break; + #endif - case '0': - addr->transport_return = *ptr++; - addr->special_action = *ptr++; - memcpy(&(addr->basic_errno), ptr, sizeof(addr->basic_errno)); - ptr += sizeof(addr->basic_errno); - memcpy(&(addr->more_errno), ptr, sizeof(addr->more_errno)); - ptr += sizeof(addr->more_errno); - memcpy(&(addr->flags), ptr, sizeof(addr->flags)); - ptr += sizeof(addr->flags); - addr->message = (*ptr)? string_copy(ptr) : NULL; - while(*ptr++); - addr->user_message = (*ptr)? string_copy(ptr) : NULL; - while(*ptr++); + #ifdef EXPERIMENTAL_DSN_INFO + case '1': /* must arrive before A0, and applies to that addr */ + /* Two strings: smtp_greeting and helo_response */ + addr->smtp_greeting = string_copy(ptr); + while(*ptr++); + addr->helo_response = string_copy(ptr); + while(*ptr++); + break; + #endif + + case '0': + DEBUG(D_deliver) debug_printf("A0 %s tret %d\n", addr->address, *ptr); + addr->transport_return = *ptr++; + addr->special_action = *ptr++; + memcpy(&(addr->basic_errno), ptr, sizeof(addr->basic_errno)); + ptr += sizeof(addr->basic_errno); + memcpy(&(addr->more_errno), ptr, sizeof(addr->more_errno)); + ptr += sizeof(addr->more_errno); + memcpy(&(addr->flags), ptr, sizeof(addr->flags)); + ptr += sizeof(addr->flags); + addr->message = *ptr ? string_copy(ptr) : NULL; + while(*ptr++); + addr->user_message = *ptr ? string_copy(ptr) : NULL; + while(*ptr++); - /* Always two strings for host information, followed by the port number and DNSSEC mark */ + /* Always two strings for host information, followed by the port number and DNSSEC mark */ - if (*ptr != 0) - { - h = store_get(sizeof(host_item)); - h->name = string_copy(ptr); - while (*ptr++); - h->address = string_copy(ptr); - while(*ptr++); - memcpy(&(h->port), ptr, sizeof(h->port)); - ptr += sizeof(h->port); - h->dnssec = *ptr == '2' ? DS_YES - : *ptr == '1' ? DS_NO - : DS_UNK; - ptr++; - addr->host_used = h; - } - else ptr++; + if (*ptr) + { + h = store_get(sizeof(host_item)); + h->name = string_copy(ptr); + while (*ptr++); + h->address = string_copy(ptr); + while(*ptr++); + memcpy(&h->port, ptr, sizeof(h->port)); + ptr += sizeof(h->port); + h->dnssec = *ptr == '2' ? DS_YES + : *ptr == '1' ? DS_NO + : DS_UNK; + ptr++; + addr->host_used = h; + } + else ptr++; - /* Finished with this address */ + /* Finished with this address */ - addr = addr->next; - break; - } - break; + addr = addr->next; + break; + } + break; /* Local interface address/port */ case 'I': - if (*ptr) sending_ip_address = string_copy(ptr); - while (*ptr++) ; - if (*ptr) sending_port = atoi(CS ptr); - while (*ptr++) ; - break; + if (*ptr) sending_ip_address = string_copy(ptr); + while (*ptr++) ; + if (*ptr) sending_port = atoi(CS ptr); + while (*ptr++) ; + break; /* Z marks the logical end of the data. It is followed by '0' if continue_transport was NULL at the end of transporting, otherwise '1'. @@ -3618,23 +3612,23 @@ while (!done) most normal messages it will remain NULL all the time. */ case 'Z': - if (*ptr == '0') - { - continue_transport = NULL; - continue_hostname = NULL; - } - done = TRUE; - DEBUG(D_deliver) debug_printf("Z0%c item read\n", *ptr); - break; + if (*ptr == '0') + { + continue_transport = NULL; + continue_hostname = NULL; + } + done = TRUE; + DEBUG(D_deliver) debug_printf("Z0%c item read\n", *ptr); + break; /* Anything else is a disaster. */ default: - msg = string_sprintf("malformed data (%d) read from pipe for transport " - "process %d for transport %s", ptr[-1], pid, - addr->transport->driver_name); - done = TRUE; - break; + msg = string_sprintf("malformed data (%d) read from pipe for transport " + "process %d for transport %s", ptr[-1], pid, + addr->transport->driver_name); + done = TRUE; + break; } } @@ -4434,6 +4428,23 @@ for (delivery_count = 0; addr_remote; delivery_count++) if (tp->setup) (void)((tp->setup)(addr->transport, addr, NULL, uid, gid, NULL)); + /* If we have a connection still open from a verify stage (lazy-close) + treat it as if it is a continued connection (apart from the counter used + for the log line mark). */ + + if (cutthrough.fd >= 0 && cutthrough.callout_hold_only) + { + DEBUG(D_deliver) + debug_printf("lazy-callout-close: have conn still open from verification\n"); + continue_transport = cutthrough.transport; + continue_hostname = string_copy(cutthrough.host.name); + continue_host_address = string_copy(cutthrough.host.address); + continue_sequence = 1; + sending_ip_address = cutthrough.snd_ip; + sending_port = cutthrough.snd_port; + smtp_peer_options = cutthrough.peer_options; + } + /* If this is a run to continue delivery down an already-established channel, check that this set of addresses matches the transport and the channel. If it does not, defer the addresses. If a host list exists, @@ -4775,7 +4786,6 @@ for (delivery_count = 0; addr_remote; delivery_count++) memcpy(big_buffer, &addr->dsn_aware, sizeof(addr->dsn_aware)); rmt_dlv_checked_write(fd, 'D', '0', big_buffer, sizeof(addr->dsn_aware)); - DEBUG(D_deliver) debug_printf("DSN write: addr->dsn_aware = %d\n", addr->dsn_aware); /* Retry information: for most success cases this will be null. */ @@ -4890,6 +4900,19 @@ for (delivery_count = 0; addr_remote; delivery_count++) (void)close(pfd[pipe_write]); + /* If we have a connection still open from a verify stage (lazy-close) + release its TLS library context (if any) as responsibility was passed to + the delivery child process. */ + + if (cutthrough.fd >= 0 && cutthrough.callout_hold_only) + { +#ifdef SUPPORT_TLS + tls_close(FALSE, FALSE); +#endif + (void) close(cutthrough.fd); + release_cutthrough_connection(US"passed to transport proc"); + } + /* Fork failed; defer with error message */ if (pid < 0) @@ -7040,6 +7063,7 @@ phase, to minimize cases of half-done things. */ DEBUG(D_deliver) debug_printf(">>>>>>>>>>>>>>>> deliveries are done >>>>>>>>>>>>>>>>\n"); +cancel_cutthrough_connection(TRUE, "deliveries are done"); /* Root privilege is no longer needed */ @@ -8416,6 +8440,67 @@ deliver_datafile = -1; return new_sender_address; } + + +void +delivery_re_exec(int exec_type) +{ +uschar * s; + +if (cutthrough.fd >= 0 && cutthrough.callout_hold_only) + { + int pfd[2], channel_fd = cutthrough.fd, pid; + + smtp_peer_options = cutthrough.peer_options; + continue_sequence = 0; + +#ifdef SUPPORT_TLS + if (cutthrough.is_tls) + { + smtp_peer_options |= PEER_OFFERED_TLS; + sending_ip_address = cutthrough.snd_ip; + sending_port = cutthrough.snd_port; + + s = US"socketpair"; + if (socketpair(AF_UNIX, SOCK_STREAM, 0, pfd) != 0) + goto fail; + + s = US"fork"; + if ((pid = fork()) < 0) + goto fail; + + else if (pid == 0) /* child */ + { + smtp_proxy_tls(big_buffer, big_buffer_size, pfd[0], 5*60); + exim_exit(0); + } + + (void) close(channel_fd); /* release the client socket */ + channel_fd = pfd[1]; + } +#endif + + transport_do_pass_socket(cutthrough.transport, cutthrough.host.name, + cutthrough.host.address, message_id, channel_fd); + } +else + { + cancel_cutthrough_connection(TRUE, "non-continued delivery"); + (void) child_exec_exim(exec_type, FALSE, NULL, FALSE, 2, US"-Mc", message_id); + } +/* Control does not return here. */ + +fail: + log_write(0, + LOG_MAIN | (exec_type == CEE_EXEC_EXIT ? LOG_PANIC : LOG_PANIC_DIE), + "delivery re-exec failed: %s", strerror(errno)); + + /* Get here if exec_type == CEE_EXEC_EXIT. + Note: this must be _exit(), not exit(). */ + + _exit(EX_EXECFAILED); +} + /* vi: aw ai sw=2 */ /* End of deliver.c */ diff --git a/src/src/exim.c b/src/src/exim.c index 383382072..3dfe5db94 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -4352,11 +4352,8 @@ if (!unprivileged && /* originally had root AND */ (msg_action_arg < 0 || /* and */ msg_action != MSG_DELIVER) && /* not delivering and */ (!checking || !address_test_mode) /* not address checking */ - ) - )) - { + ) ) ) exim_setugid(exim_uid, exim_gid, TRUE, US"privilege not needed"); - } /* When we are retaining a privileged uid, we still change to the exim gid. */ @@ -4370,7 +4367,6 @@ else there's no security risk. For me, it's { exim -bV } on a just-built binary, no need to complain then. */ if (rv == -1) - { if (!(unprivileged || removed_privilege)) { fprintf(stderr, @@ -4380,7 +4376,6 @@ else else DEBUG(D_any) debug_printf("changing group to %ld failed: %s\n", (long int)exim_gid, strerror(errno)); - } } /* Handle a request to scan a file for malware */ @@ -5329,15 +5324,13 @@ if (smtp_input) else { thismessage_size_limit = expand_string_integer(message_size_limit, TRUE); - if (expand_string_message != NULL) - { + if (expand_string_message) if (thismessage_size_limit == -1) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand " "message_size_limit: %s", expand_string_message); else log_write(0, LOG_MAIN|LOG_PANIC_DIE, "invalid value for " "message_size_limit: %s", expand_string_message); - } } /* Loop for several messages when reading SMTP input. If we fork any child @@ -5434,6 +5427,7 @@ while (more) more = receive_msg(extract_recipients); if (message_id[0] == 0) { + cancel_cutthrough_connection(TRUE, US"receive dropped"); if (more) goto moreloop; smtp_log_no_mail(); /* Log no mail if configured */ exim_exit(EXIT_FAILURE); @@ -5441,6 +5435,7 @@ while (more) } else { + cancel_cutthrough_connection(TRUE, US"message setup dropped"); smtp_log_no_mail(); /* Log no mail if configured */ exim_exit((rc == 0)? EXIT_SUCCESS : EXIT_FAILURE); } @@ -5716,21 +5711,28 @@ while (more) not if queue_only is set (case 0). Case 1 doesn't happen here (too many connections). */ - if (local_queue_only) switch(queue_only_reason) + if (local_queue_only) { - case 2: - log_write(L_delay_delivery, - LOG_MAIN, "no immediate delivery: more than %d messages " - "received in one connection", smtp_accept_queue_per_connection); - break; + cancel_cutthrough_connection(TRUE, US"no delivery; queueing"); + switch(queue_only_reason) + { + case 2: + log_write(L_delay_delivery, + LOG_MAIN, "no immediate delivery: more than %d messages " + "received in one connection", smtp_accept_queue_per_connection); + break; - case 3: - log_write(L_delay_delivery, - LOG_MAIN, "no immediate delivery: load average %.2f", - (double)load_average/1000.0); - break; + case 3: + log_write(L_delay_delivery, + LOG_MAIN, "no immediate delivery: load average %.2f", + (double)load_average/1000.0); + break; + } } + else if (queue_only_policy || deliver_freeze) + cancel_cutthrough_connection(TRUE, US"no delivery; queueing"); + /* Else do the delivery unless the ACL or local_scan() called for queue only or froze the message. Always deliver in a separate process. A fork failure is not a disaster, as the delivery will eventually happen on a subsequent queue @@ -5739,7 +5741,7 @@ while (more) thereby defer the delivery if it tries to use (for example) a cached ldap connection that the parent has called unbind on. */ - else if (!queue_only_policy && !deliver_freeze) + else { pid_t pid; search_tidyup(); @@ -5755,8 +5757,7 @@ while (more) if (geteuid() != root_uid && !deliver_drop_privilege && !unprivileged) { - (void)child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, - 2, US"-Mc", message_id); + delivery_re_exec(CEE_EXEC_EXIT); /* Control does not return here. */ } @@ -5770,22 +5771,27 @@ while (more) if (pid < 0) { + cancel_cutthrough_connection(TRUE, US"delivery fork failed"); log_write(0, LOG_MAIN|LOG_PANIC, "failed to fork automatic delivery " "process: %s", strerror(errno)); } + else + { + release_cutthrough_connection(US"msg passed for delivery"); - /* In the parent, wait if synchronous delivery is required. This will - always be the case in MUA wrapper mode. */ + /* In the parent, wait if synchronous delivery is required. This will + always be the case in MUA wrapper mode. */ - else if (synchronous_delivery) - { - int status; - while (wait(&status) != pid); - if ((status & 0x00ff) != 0) - log_write(0, LOG_MAIN|LOG_PANIC, - "process %d crashed with signal %d while delivering %s", - (int)pid, status & 0x00ff, message_id); - if (mua_wrapper && (status & 0xffff) != 0) exim_exit(EXIT_FAILURE); + if (synchronous_delivery) + { + int status; + while (wait(&status) != pid); + if ((status & 0x00ff) != 0) + log_write(0, LOG_MAIN|LOG_PANIC, + "process %d crashed with signal %d while delivering %s", + (int)pid, status & 0x00ff, message_id); + if (mua_wrapper && (status & 0xffff) != 0) exim_exit(EXIT_FAILURE); + } } } diff --git a/src/src/functions.h b/src/src/functions.h index a7d9c1116..331480188 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -110,18 +110,19 @@ extern void bdat_flush_data(void); extern void bits_clear(unsigned int *, size_t, int *); extern void bits_set(unsigned int *, size_t, int *); -extern void cancel_cutthrough_connection(const char *); +extern void cancel_cutthrough_connection(BOOL, const uschar *); extern int check_host(void *, const uschar *, const uschar **, uschar **); extern uschar **child_exec_exim(int, BOOL, int *, BOOL, int, ...); extern pid_t child_open_uid(const uschar **, const uschar **, int, uid_t *, gid_t *, int *, int *, uschar *, BOOL); extern BOOL cleanup_environment(void); +extern BOOL cutthrough_data_puts(uschar *, int); +extern BOOL cutthrough_data_put_nl(void); extern uschar *cutthrough_finaldot(void); extern BOOL cutthrough_flush_send(void); extern BOOL cutthrough_headers_send(void); extern BOOL cutthrough_predata(void); -extern BOOL cutthrough_puts(uschar *, int); -extern BOOL cutthrough_put_nl(void); +extern void release_cutthrough_connection(const uschar *); extern void daemon_go(void); @@ -149,6 +150,7 @@ extern int deliver_split_address(address_item *); extern void deliver_succeeded(address_item *); extern uschar *deliver_get_sender_address (uschar *id); +extern void delivery_re_exec(int); extern BOOL directory_make(const uschar *, const uschar *, int, BOOL); #ifndef DISABLE_DKIM @@ -405,6 +407,7 @@ extern void smtp_get_cache(void); extern int smtp_handle_acl_fail(int, int, uschar *, uschar *); extern void smtp_log_no_mail(void); extern void smtp_message_code(uschar **, int *, uschar **, uschar **, BOOL); +extern void smtp_proxy_tls(uschar *, size_t, int, int); extern BOOL smtp_read_response(smtp_inblock *, uschar *, int, int, int); extern void smtp_respond(uschar *, int, BOOL, uschar *); extern void smtp_notquit_exit(uschar *, uschar *, uschar *, ...); @@ -472,6 +475,8 @@ extern void tls_modify_variables(tls_support *); extern BOOL transport_check_waiting(const uschar *, const uschar *, int, uschar *, BOOL *, oicf, void*); extern void transport_init(void); +extern void transport_do_pass_socket(const uschar *, const uschar *, + const uschar *, uschar *, int); extern BOOL transport_pass_socket(const uschar *, const uschar *, const uschar *, uschar *, int); extern uschar *transport_rcpt_address(address_item *, BOOL); diff --git a/src/src/globals.c b/src/src/globals.c index 9e417b0d2..8dd3922cc 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -538,8 +538,10 @@ uschar *continue_transport = NULL; uschar *csa_status = NULL; cut_t cutthrough = { + FALSE, /* verify-only: normal delivery */ FALSE, /* delivery: when to attempt */ FALSE, /* on defer: spool locally */ + FALSE, /* not a TLS conn yet */ -1, /* fd: open connection */ 0, /* nrcpt: number of addresses */ }; diff --git a/src/src/globals.h b/src/src/globals.h index 72be706a4..5f9ad3bfe 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -299,11 +299,17 @@ extern uschar *continue_transport; /* Transport for continued delivery */ extern uschar *csa_status; /* Client SMTP Authorization result */ typedef struct { + unsigned callout_hold_only:1; /* Conn is only for verify callout */ unsigned delivery:1; /* When to attempt */ unsigned defer_pass:1; /* Pass 4xx to caller rather than spooling */ + unsigned is_tls:1; /* Conn has TLS active */ int fd; /* Open connection */ int nrcpt; /* Count of addresses */ + uschar * transport; /* Name of transport */ uschar * interface; /* (address of) */ + uschar * snd_ip; /* sending_ip_address */ + int snd_port; /* sending_port */ + unsigned peer_options; /* smtp_peer_options */ host_item host; /* Host used */ address_item addr; /* (Chain of) addresses */ } cut_t; diff --git a/src/src/macros.h b/src/src/macros.h index 004d6dfd7..08f631bbb 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -721,7 +721,8 @@ enum { v_none, v_sender, v_recipient, v_expn }; #define vopt_callout_no_cache 0x0040 /* disable callout cache */ #define vopt_callout_recipsender 0x0080 /* use real sender to verify recip */ #define vopt_callout_recippmaster 0x0100 /* use postmaster to verify recip */ -#define vopt_success_on_redirect 0x0200 +#define vopt_callout_hold 0x0200 /* lazy close connection */ +#define vopt_success_on_redirect 0x0400 /* Values for fields in callout cache records */ diff --git a/src/src/receive.c b/src/src/receive.c index 7980c324f..33c60e08d 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -831,7 +831,7 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) { message_size++; if (fout != NULL && fputc('\n', fout) == EOF) return END_WERROR; - (void) cutthrough_put_nl(); + (void) cutthrough_data_put_nl(); if (ch != '\r') ch_state = 1; else continue; } break; @@ -850,7 +850,7 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) if (ch == '.') { uschar c= ch; - (void) cutthrough_puts(&c, 1); + (void) cutthrough_data_puts(&c, 1); } ch_state = 1; break; @@ -860,7 +860,7 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) message_size++; body_linecount++; if (fout != NULL && fputc('\n', fout) == EOF) return END_WERROR; - (void) cutthrough_put_nl(); + (void) cutthrough_data_put_nl(); if (ch == '\r') { ch_state = 2; @@ -881,11 +881,11 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) if (message_size > thismessage_size_limit) return END_SIZE; } if(ch == '\n') - (void) cutthrough_put_nl(); + (void) cutthrough_data_put_nl(); else { uschar c = ch; - (void) cutthrough_puts(&c, 1); + (void) cutthrough_data_puts(&c, 1); } } @@ -991,7 +991,7 @@ for(;;) { message_size++; if (fout && fputc('\n', fout) == EOF) return END_WERROR; - (void) cutthrough_put_nl(); + (void) cutthrough_data_put_nl(); if (ch == '\r') continue; /* don't write CR */ ch_state = MID_LINE; } @@ -1008,11 +1008,11 @@ for(;;) if (message_size > thismessage_size_limit) return END_SIZE; } if(ch == '\n') - (void) cutthrough_put_nl(); + (void) cutthrough_data_put_nl(); else { uschar c = ch; - (void) cutthrough_puts(&c, 1); + (void) cutthrough_data_puts(&c, 1); } } /*NOTREACHED*/ @@ -1140,7 +1140,8 @@ switch(where) case ACL_WHERE_DKIM: case ACL_WHERE_MIME: case ACL_WHERE_DATA: - if (cutthrough.fd >= 0 && (acl_removed_headers || acl_added_headers)) + if ( cutthrough.fd >= 0 && cutthrough.delivery + && (acl_removed_headers || acl_added_headers)) { log_write(0, LOG_MAIN|LOG_PANIC, "Header modification in data ACLs" " will not take effect on cutthrough deliveries"); @@ -1148,11 +1149,11 @@ switch(where) } } -if (acl_removed_headers != NULL) +if (acl_removed_headers) { DEBUG(D_receive|D_acl) debug_printf_indent(">>Headers removed by %s ACL:\n", acl_name); - for (h = header_list; h != NULL; h = h->next) if (h->type != htype_old) + for (h = header_list; h; h = h->next) if (h->type != htype_old) { const uschar * list = acl_removed_headers; int sep = ':'; /* This is specified as a colon-separated list */ @@ -1170,10 +1171,10 @@ if (acl_removed_headers != NULL) DEBUG(D_receive|D_acl) debug_printf_indent(">>\n"); } -if (acl_added_headers == NULL) return; +if (!acl_added_headers) return; DEBUG(D_receive|D_acl) debug_printf_indent(">>Headers added by %s ACL:\n", acl_name); -for (h = acl_added_headers; h != NULL; h = next) +for (h = acl_added_headers; h; h = next) { next = h->next; @@ -1653,7 +1654,7 @@ search_tidyup(); cutthrough delivery with the no-spool option. It shouldn't be possible to set up the combination, but just in case kill any ongoing connection. */ if (extract_recip || !smtp_input) - cancel_cutthrough_connection("not smtp input"); + cancel_cutthrough_connection(TRUE, US"not smtp input"); /* Initialize the chain of headers by setting up a place-holder for Received: header. Temporarily mark it as "old", i.e. not to be used. We keep header_last @@ -2988,26 +2989,25 @@ inbound is, but inbound chunking ought to be ok with outbound plain. Could we do onward CHUNKING given inbound CHUNKING? */ if (chunking_state > CHUNKING_OFFERED) - cancel_cutthrough_connection("chunking active"); + cancel_cutthrough_connection(FALSE, US"chunking active"); /* Cutthrough delivery: We have to create the Received header now rather than at the end of reception, so the timestamp behaviour is a change to the normal case. XXX Ensure this gets documented XXX. Having created it, send the headers to the destination. */ -if (cutthrough.fd >= 0) + +if (cutthrough.fd >= 0 && cutthrough.delivery) { if (received_count > received_headers_max) { - cancel_cutthrough_connection("too many headers"); + cancel_cutthrough_connection(TRUE, US"too many headers"); if (smtp_input) receive_swallow_smtp(); /* Swallow incoming SMTP */ log_write(0, LOG_MAIN|LOG_REJECT, "rejected from <%s>%s%s%s%s: " "Too many \"Received\" headers", sender_address, - (sender_fullhost == NULL)? "" : " H=", - (sender_fullhost == NULL)? US"" : sender_fullhost, - (sender_ident == NULL)? "" : " U=", - (sender_ident == NULL)? US"" : sender_ident); + sender_fullhost ? "H=" : "", sender_fullhost ? sender_fullhost : US"", + sender_ident ? "U=" : "", sender_ident ? sender_ident : US""); message_id[0] = 0; /* Indicate no message accepted */ smtp_reply = US"550 Too many \"Received\" headers - suspected mail loop"; goto TIDYUP; /* Skip to end of function */ @@ -3105,7 +3105,7 @@ if (!ferror(data_file) && !(receive_feof)() && message_ended != END_DOT) if (smtp_input) { Uunlink(spool_name); /* Lose data file when closed */ - cancel_cutthrough_connection("sender closed connection"); + cancel_cutthrough_connection(TRUE, US"sender closed connection"); message_id[0] = 0; /* Indicate no message accepted */ smtp_reply = handle_lost_connection(US""); smtp_yield = FALSE; @@ -3118,7 +3118,7 @@ if (!ferror(data_file) && !(receive_feof)() && message_ended != END_DOT) case END_SIZE: Uunlink(spool_name); /* Lose the data file when closed */ - cancel_cutthrough_connection("mail too big"); + cancel_cutthrough_connection(TRUE, US"mail too big"); if (smtp_input) receive_swallow_smtp(); /* Swallow incoming SMTP */ log_write(L_size_reject, LOG_MAIN|LOG_REJECT, "rejected from <%s>%s%s%s%s: " @@ -3151,7 +3151,7 @@ if (!ferror(data_file) && !(receive_feof)() && message_ended != END_DOT) case END_PROTOCOL: Uunlink(spool_name); /* Lose the data file when closed */ - cancel_cutthrough_connection("sender protocol error"); + cancel_cutthrough_connection(TRUE, US"sender protocol error"); smtp_reply = US""; /* Response already sent */ message_id[0] = 0; /* Indicate no message accepted */ goto TIDYUP; /* Skip to end of function */ @@ -3184,7 +3184,7 @@ if (fflush(data_file) == EOF || ferror(data_file) || log_write(0, LOG_MAIN, "Message abandoned: %s", msg); Uunlink(spool_name); /* Lose the data file */ - cancel_cutthrough_connection("error writing spoolfile"); + cancel_cutthrough_connection(TRUE, US"error writing spoolfile"); if (smtp_input) { @@ -3423,7 +3423,7 @@ else DEBUG(D_receive) debug_printf("acl_smtp_dkim: acl_check returned %d on %s, " "skipping remaining items\n", rc, item); - cancel_cutthrough_connection("dkim acl not ok"); + cancel_cutthrough_connection(TRUE, US"dkim acl not ok"); break; } } @@ -3542,14 +3542,14 @@ else { recipients_count = 0; blackholed_by = US"DATA ACL"; - if (log_msg != NULL) + if (log_msg) blackhole_log_msg = string_sprintf(": %s", log_msg); - cancel_cutthrough_connection("data acl discard"); + cancel_cutthrough_connection(TRUE, US"data acl discard"); } else if (rc != OK) { Uunlink(spool_name); - cancel_cutthrough_connection("data acl not ok"); + cancel_cutthrough_connection(TRUE, US"data acl not ok"); #ifdef WITH_CONTENT_SCAN unspool_mbox(); #endif @@ -4148,9 +4148,9 @@ for this message. */ XXX We do not handle queue-only, freezing, or blackholes. */ -if(cutthrough.fd >= 0) +if(cutthrough.fd >= 0 && cutthrough.delivery) { - uschar * msg= cutthrough_finaldot(); /* Ask the target system to accept the message */ + uschar * msg = cutthrough_finaldot(); /* Ask the target system to accept the message */ /* Logging was done in finaldot() */ switch(msg[0]) { @@ -4297,7 +4297,6 @@ if (smtp_input) Uunlink(spool_fname(US"input", message_subdir, message_id, US"-D")); Uunlink(spool_fname(US"input", message_subdir, message_id, US"-H")); Uunlink(spool_fname(US"msglog", message_subdir, message_id, US"")); - message_id[0] = 0; /* Prevent a delivery from starting */ break; case TMP_REJ: @@ -4307,12 +4306,15 @@ if (smtp_input) Uunlink(spool_fname(US"input", message_subdir, message_id, US"-H")); Uunlink(spool_fname(US"msglog", message_subdir, message_id, US"")); } - message_id[0] = 0; /* Prevent a delivery from starting */ default: break; } - cutthrough.delivery = FALSE; - cutthrough.defer_pass = FALSE; + if (cutthrough_done != NOT_TRIED) + { + message_id[0] = 0; /* Prevent a delivery from starting */ + cutthrough.delivery = cutthrough.callout_hold_only = FALSE; + cutthrough.defer_pass = FALSE; + } } /* For batched SMTP, generate an error message on failure, and do diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index f0885b3a1..3c40a5c61 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1887,7 +1887,6 @@ smtp_reset(void *reset_point) recipients_list = NULL; rcpt_count = rcpt_defer_count = rcpt_fail_count = raw_recipients_count = recipients_count = recipients_list_max = 0; -cancel_cutthrough_connection("smtp reset"); message_linecount = 0; message_size = -1; acl_added_headers = NULL; @@ -2018,6 +2017,7 @@ bsmtp_transaction_linecount = receive_linecount; if ((receive_feof)()) return 0; /* Treat EOF as QUIT */ +cancel_cutthrough_connection(TRUE, US"smtp_setup_batch_msg"); smtp_reset(reset_point); /* Reset for start of message */ /* Deal with SMTP commands. This loop is exited by setting done to a POSITIVE @@ -2042,6 +2042,7 @@ while (done <= 0) /* Fall through */ case RSET_CMD: + cancel_cutthrough_connection(TRUE, US"RSET received"); smtp_reset(reset_point); bsmtp_transaction_linecount = receive_linecount; break; @@ -2065,6 +2066,7 @@ while (done <= 0) /* Reset to start of message */ + cancel_cutthrough_connection(TRUE, US"MAIL received"); smtp_reset(reset_point); /* Apply SMTP rewrite */ @@ -4253,6 +4255,7 @@ while (done <= 0) : pnormal) + (tls_in.active >= 0 ? pcrpted : 0) ]; + cancel_cutthrough_connection(TRUE, US"sent EHLO response"); smtp_reset(reset_point); toomany = FALSE; break; /* HELO/EHLO */ @@ -4307,6 +4310,7 @@ while (done <= 0) /* Reset for start of message - even if this is going to fail, we obviously need to throw away any previous data. */ + cancel_cutthrough_connection(TRUE, US"MAIL received"); smtp_reset(reset_point); toomany = FALSE; sender_data = recipient_data = NULL; @@ -5162,6 +5166,7 @@ while (done <= 0) do an implied RSET when STARTTLS is received. */ incomplete_transaction_log(US"STARTTLS"); + cancel_cutthrough_connection(TRUE, US"STARTTLS received"); smtp_reset(reset_point); toomany = FALSE; cmd_list[CMD_LIST_STARTTLS].is_mail_cmd = FALSE; @@ -5298,6 +5303,7 @@ while (done <= 0) case RSET_CMD: smtp_rset_handler(); + cancel_cutthrough_connection(TRUE, US"RSET received"); smtp_reset(reset_point); toomany = FALSE; break; diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 4a41ba192..38a16b222 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -1699,6 +1699,7 @@ uschar *expcerts, *expcrl; if (!expand_check(certs, US"tls_verify_certificates", &expcerts, errstr)) return DEFER; +DEBUG(D_tls) debug_printf("tls_verify_certificates: %s\n", expcerts); if (expcerts && *expcerts) { diff --git a/src/src/transport.c b/src/src/transport.c index e6e327822..1a53690cc 100644 --- a/src/src/transport.c +++ b/src/src/transport.c @@ -1238,7 +1238,6 @@ set up a filtering process, fork another process to call the internal function to write to the filter, and in this process just suck from the filter and write down the given fd. At the end, tidy up the pipes and the processes. -XXX Arguments: as for internal_transport_write_message() above Returns: TRUE on success; FALSE (with errno) for any failure @@ -1934,6 +1933,72 @@ return TRUE; * Deliver waiting message down same socket * *************************************************/ +/* Just the regain-root-privilege exec portion */ +void +transport_do_pass_socket(const uschar *transport_name, const uschar *hostname, + const uschar *hostaddress, uschar *id, int socket_fd) +{ +pid_t pid; +int status; +int i = 20; +const uschar **argv; + +/* Set up the calling arguments; use the standard function for the basics, +but we have a number of extras that may be added. */ + +argv = CUSS child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0); + +if (smtp_authenticated) argv[i++] = US"-MCA"; +if (smtp_peer_options & PEER_OFFERED_CHUNKING) argv[i++] = US"-MCK"; +if (smtp_peer_options & PEER_OFFERED_DSN) argv[i++] = US"-MCD"; +if (smtp_peer_options & PEER_OFFERED_PIPE) argv[i++] = US"-MCP"; +if (smtp_peer_options & PEER_OFFERED_SIZE) argv[i++] = US"-MCS"; +#ifdef SUPPORT_TLS +if (smtp_peer_options & PEER_OFFERED_TLS) + if (tls_out.active >= 0 || continue_proxy_cipher) + { + argv[i++] = US"-MCt"; + argv[i++] = sending_ip_address; + argv[i++] = string_sprintf("%d", sending_port); + argv[i++] = tls_out.active >= 0 ? tls_out.cipher : continue_proxy_cipher; + } + else + argv[i++] = US"-MCT"; +#endif + +if (queue_run_pid != (pid_t)0) + { + argv[i++] = US"-MCQ"; + argv[i++] = string_sprintf("%d", queue_run_pid); + argv[i++] = string_sprintf("%d", queue_run_pipe); + } + +argv[i++] = US"-MC"; +argv[i++] = US transport_name; +argv[i++] = US hostname; +argv[i++] = US hostaddress; +argv[i++] = string_sprintf("%d", continue_sequence + 1); +argv[i++] = id; +argv[i++] = NULL; + +/* Arrange for the channel to be on stdin. */ + +if (socket_fd != 0) + { + (void)dup2(socket_fd, 0); + (void)close(socket_fd); + } + +DEBUG(D_exec) debug_print_argv(argv); +exim_nullstd(); /* Ensure std{out,err} exist */ +execv(CS argv[0], (char *const *)argv); + +DEBUG(D_any) debug_printf("execv failed: %s\n", strerror(errno)); +_exit(errno); /* Note: must be _exit(), NOT exit() */ +} + + + /* Fork a new exim process to deliver the message, and do a re-exec, both to get a clean delivery process, and to regain root privilege in cases where it has been given away. @@ -1959,9 +2024,6 @@ DEBUG(D_transport) debug_printf("transport_pass_socket entered\n"); if ((pid = fork()) == 0) { - int i = 20; - const uschar **argv; - /* Disconnect entirely from the parent process. If we are running in the test harness, wait for a bit to allow the previous process time to finish, write the log, etc., so that the output is always in the same order for @@ -1970,59 +2032,8 @@ if ((pid = fork()) == 0) if ((pid = fork()) != 0) _exit(EXIT_SUCCESS); if (running_in_test_harness) sleep(1); - /* Set up the calling arguments; use the standard function for the basics, - but we have a number of extras that may be added. */ - - argv = CUSS child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0); - - if (smtp_authenticated) argv[i++] = US"-MCA"; - - if (smtp_peer_options & PEER_OFFERED_CHUNKING) argv[i++] = US"-MCK"; - if (smtp_peer_options & PEER_OFFERED_DSN) argv[i++] = US"-MCD"; - if (smtp_peer_options & PEER_OFFERED_PIPE) argv[i++] = US"-MCP"; - if (smtp_peer_options & PEER_OFFERED_SIZE) argv[i++] = US"-MCS"; -#ifdef SUPPORT_TLS - if (smtp_peer_options & PEER_OFFERED_TLS) - if (tls_out.active >= 0 || continue_proxy_cipher) - { - argv[i++] = US"-MCt"; - argv[i++] = sending_ip_address; - argv[i++] = string_sprintf("%d", sending_port); - argv[i++] = tls_out.active >= 0 ? tls_out.cipher : continue_proxy_cipher; - } - else - argv[i++] = US"-MCT"; -#endif - - if (queue_run_pid != (pid_t)0) - { - argv[i++] = US"-MCQ"; - argv[i++] = string_sprintf("%d", queue_run_pid); - argv[i++] = string_sprintf("%d", queue_run_pipe); - } - - argv[i++] = US"-MC"; - argv[i++] = US transport_name; - argv[i++] = US hostname; - argv[i++] = US hostaddress; - argv[i++] = string_sprintf("%d", continue_sequence + 1); - argv[i++] = id; - argv[i++] = NULL; - - /* Arrange for the channel to be on stdin. */ - - if (socket_fd != 0) - { - (void)dup2(socket_fd, 0); - (void)close(socket_fd); - } - - DEBUG(D_exec) debug_print_argv(argv); - exim_nullstd(); /* Ensure std{out,err} exist */ - execv(CS argv[0], (char *const *)argv); - - DEBUG(D_any) debug_printf("execv failed: %s\n", strerror(errno)); - _exit(errno); /* Note: must be _exit(), NOT exit() */ + transport_do_pass_socket(transport_name, hostname, hostaddress, + id, socket_fd); } /* If the process creation succeeded, wait for the first-level child, which diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index 34c96dbff..c4626b3e9 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -220,8 +220,10 @@ smtp_transport_options_block smtp_transport_option_defaults = { NULL, /* hosts_verify_avoid_tls */ NULL, /* hosts_avoid_pipelining */ NULL, /* hosts_avoid_esmtp */ +#ifdef SUPPORT_TLS NULL, /* hosts_nopass_tls */ US"*", /* hosts_noproxy_tls */ +#endif 5*60, /* command_timeout */ 5*60, /* connect_timeout; shorter system default overrides */ 5*60, /* data timeout */ @@ -1801,9 +1803,11 @@ goto SEND_QUIT; } } -/* For continuing deliveries down the same channel, the socket is the standard -input, and we don't need to redo EHLO here (but may need to do so for TLS - see -below). Set up the pointer to where subsequent commands will be left, for +/* For continuing deliveries down the same channel, having re-exec'd the socket +is the standard input; for a socket held open from verify it is recorded +in the cutthrough context block. Either way we don't need to redo EHLO here +(but may need to do so for TLS - see below). +Set up the pointer to where subsequent commands will be left, for error messages. Note that smtp_peer_options will have been set from the command line if they were set in the process that passed the connection on. */ @@ -1815,19 +1819,30 @@ separate - we could match up by host ip+port as a bodge. */ else { - sx->inblock.sock = sx->outblock.sock = 0; /* stdin */ + if (cutthrough.fd >= 0 && cutthrough.callout_hold_only) + { + sx->inblock.sock = sx->outblock.sock = cutthrough.fd; + sx->host->port = sx->port = cutthrough.host.port; + } + else + { + sx->inblock.sock = sx->outblock.sock = 0; /* stdin */ + sx->host->port = sx->port; /* Record the port that was used */ + } smtp_command = big_buffer; - sx->host->port = sx->port; /* Record the port that was used */ sx->helo_data = NULL; /* ensure we re-expand ob->helo_data */ - /* For a continued connection with TLS being proxied for us, nothing - more to do. */ + /* For a continued connection with TLS being proxied for us, or a + held-open verify connection with TLS, nothing more to do. */ - if (continue_proxy_cipher) + if ( continue_proxy_cipher + || (cutthrough.fd >= 0 && cutthrough.callout_hold_only && cutthrough.is_tls) + ) { sx->peer_offered = smtp_peer_options; pipelining_active = !!(smtp_peer_options & PEER_OFFERED_PIPE); - HDEBUG(D_transport) debug_printf("continued connection, proxied TLS\n"); + HDEBUG(D_transport) debug_printf("continued connection, %s TLS\n", + continue_proxy_cipher ? "proxied" : "verify conn with"); return OK; } HDEBUG(D_transport) debug_printf("continued connection, no TLS\n"); @@ -2511,19 +2526,20 @@ return 0; * Proxy TLS connection for another transport process * ******************************************************/ /* -Use the smtp-context buffer as a staging area, and select on both the slave -process and the TLS'd fd for data to read (per the coding in ip_recv() and +Use the given buffer as a staging area, and select on both the given fd +and the TLS'd client-fd for data to read (per the coding in ip_recv() and fd_ready() this is legitimate). Do blocking full-size writes, and reads under a timeout. Arguments: - sx smtp context block + buf space to use for buffering + bufsiz size of buffer proxy_fd comms to proxied process timeout per-read timeout, seconds */ -static void -smtp_proxy_tls(smtp_context * sx, int proxy_fd, int timeout) +void +smtp_proxy_tls(uschar * buf, size_t bsize, int proxy_fd, int timeout) { fd_set fds; int max_fd = MAX(proxy_fd, tls_out.active) + 1; @@ -2559,7 +2575,7 @@ for (fd_bits = 3; fd_bits; ) /* handle inbound data */ if (FD_ISSET(tls_out.active, &fds)) - if ((rc = tls_read(FALSE, sx->buffer, sizeof(sx->buffer))) <= 0) + if ((rc = tls_read(FALSE, buf, bsize)) <= 0) { fd_bits &= ~1; FD_CLR(tls_out.active, &fds); @@ -2568,14 +2584,14 @@ for (fd_bits = 3; fd_bits; ) else { for (nbytes = 0; rc - nbytes > 0; nbytes += i) - if ((i = write(proxy_fd, sx->buffer + nbytes, rc - nbytes)) < 0) return; + if ((i = write(proxy_fd, buf + nbytes, rc - nbytes)) < 0) return; } else if (fd_bits & 1) FD_SET(tls_out.active, &fds); /* handle outbound data */ if (FD_ISSET(proxy_fd, &fds)) - if ((rc = read(proxy_fd, sx->buffer, sizeof(sx->buffer))) <= 0) + if ((rc = read(proxy_fd, buf, bsize)) <= 0) { fd_bits &= ~2; FD_CLR(proxy_fd, &fds); @@ -2584,7 +2600,7 @@ for (fd_bits = 3; fd_bits; ) else { for (nbytes = 0; rc - nbytes > 0; nbytes += i) - if ((i = tls_write(FALSE, sx->buffer + nbytes, rc - nbytes)) < 0) return; + if ((i = tls_write(FALSE, buf + nbytes, rc - nbytes)) < 0) return; } else if (fd_bits & 2) FD_SET(proxy_fd, &fds); @@ -2724,33 +2740,52 @@ sx.send_rset = TRUE; sx.completed_addr = FALSE; -/* Initiate a message transfer. */ +/* If we are a continued-connection-after-verify the MAIL and RCPT +commands were already sent; do not re-send but do mark the addrs as +having been accepted up to RCPT stage. A traditional cont-conn +always has a sequence number greater than one. */ -switch(smtp_write_mail_and_rcpt_cmds(&sx, &yield)) +if (continue_hostname && continue_sequence == 1) { - case 0: break; - case -1: case -2: goto RESPONSE_FAILED; - case -3: goto END_OFF; - case -4: goto SEND_QUIT; - default: goto SEND_FAILED; - } + address_item * addr; -/* If we are an MUA wrapper, abort if any RCPTs were rejected, either -permanently or temporarily. We should have flushed and synced after the last -RCPT. */ + sx.peer_offered = smtp_peer_options; + sx.ok = TRUE; + sx.next_addr = NULL; -if (mua_wrapper) + for (addr = addrlist; addr; addr = addr->next) + addr->transport_return = PENDING_OK; + } +else { - address_item *badaddr; - for (badaddr = sx.first_addr; badaddr; badaddr = badaddr->next) - if (badaddr->transport_return != PENDING_OK) - { - /*XXX could we find a better errno than 0 here? */ - set_errno_nohost(addrlist, 0, badaddr->message, FAIL, - testflag(badaddr, af_pass_message)); - sx.ok = FALSE; - break; - } + /* Initiate a message transfer. */ + + switch(smtp_write_mail_and_rcpt_cmds(&sx, &yield)) + { + case 0: break; + case -1: case -2: goto RESPONSE_FAILED; + case -3: goto END_OFF; + case -4: goto SEND_QUIT; + default: goto SEND_FAILED; + } + + /* If we are an MUA wrapper, abort if any RCPTs were rejected, either + permanently or temporarily. We should have flushed and synced after the last + RCPT. */ + + if (mua_wrapper) + { + address_item *badaddr; + for (badaddr = sx.first_addr; badaddr; badaddr = badaddr->next) + if (badaddr->transport_return != PENDING_OK) + { + /*XXX could we find a better errno than 0 here? */ + set_errno_nohost(addrlist, 0, badaddr->message, FAIL, + testflag(badaddr, af_pass_message)); + sx.ok = FALSE; + break; + } + } } /* If ok is TRUE, we know we have got at least one good recipient, and must now @@ -3050,7 +3085,7 @@ else else sprintf(CS sx.buffer, "%.500s\n", addr->unique); - DEBUG(D_deliver) debug_printf("journalling %s\n", sx.buffer); + DEBUG(D_deliver) debug_printf("S:journalling %s\n", sx.buffer); len = Ustrlen(CS sx.buffer); if (write(journal_fd, sx.buffer, len) != len) log_write(0, LOG_MAIN|LOG_PANIC, "failed to write journal for " @@ -3376,7 +3411,7 @@ propagate it from the initial just passed the baton to. Fork a child to to do it, and return to get logging done asap. Which way to place the work makes assumptions about post-fork prioritisation which may not hold on all platforms. */ - +#ifdef SUPPORT_TLS if (tls_out.active >= 0) { int pid = fork(); @@ -3390,10 +3425,11 @@ propagate it from the initial } else if (pid == 0) /* child */ { - smtp_proxy_tls(&sx, pfd[0], sx.ob->command_timeout); + smtp_proxy_tls(sx.buffer, sizeof(sx.buffer), pfd[0], sx.ob->command_timeout); exim_exit(0); } } +#endif } } @@ -3608,8 +3644,10 @@ DEBUG(D_transport) for (host = hostlist; host; host = host->next) debug_printf(" %s:%d\n", host->name, host->port); } - if (continue_hostname) debug_printf("already connected to %s [%s]\n", - continue_hostname, continue_host_address); + if (continue_hostname) + debug_printf("already connected to %s [%s] (on fd %d)\n", + continue_hostname, continue_host_address, + cutthrough.fd >= 0 ? cutthrough.fd : 0); } /* Set the flag requesting that these hosts be added to the waiting diff --git a/src/src/verify.c b/src/src/verify.c index 9ff1807d4..59add8c00 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -39,7 +39,7 @@ static tree_node *dnsbl_cache = NULL; #define MT_NOT 1 #define MT_ALL 2 -static uschar cutthrough_response(char, uschar **, int); +static uschar cutthrough_response(int, char, uschar **, int); @@ -388,7 +388,7 @@ if (addr->transport == cutthrough.addr.transport) deliver_domain = addr->domain; transport_name = addr->transport->name; - host_af = (Ustrchr(host->address, ':') == NULL)? AF_INET:AF_INET6; + host_af = Ustrchr(host->address, ':') ? AF_INET6 : AF_INET; if (!smtp_get_interface(tf->interface, host_af, addr, &interface, US"callout") || @@ -411,7 +411,7 @@ if (addr->transport == cutthrough.addr.transport) smtp_write_command(&ctblock, FALSE, "RCPT TO:<%.1000s>\r\n", transport_rcpt_address(addr, addr->transport->rcpt_include_affixes)) >= 0 && - cutthrough_response('2', &resp, CUTTHROUGH_DATA_TIMEOUT) == '2'; + cutthrough_response(cutthrough.fd, '2', &resp, CUTTHROUGH_DATA_TIMEOUT) == '2'; /* This would go horribly wrong if a callout fail was ignored by ACL. We punt by abandoning cutthrough on a reject, like the @@ -429,7 +429,7 @@ if (addr->transport == cutthrough.addr.transport) } else { - cancel_cutthrough_connection("recipient rejected"); + cancel_cutthrough_connection(TRUE, US"recipient rejected"); if (!resp || errno == ETIMEDOUT) { HDEBUG(D_verify) debug_printf("SMTP timeout\n"); @@ -459,7 +459,7 @@ if (addr->transport == cutthrough.addr.transport) break; /* host_list */ } if (!done) - cancel_cutthrough_connection("incompatible connection"); + cancel_cutthrough_connection(TRUE, US"incompatible connection"); return done; } @@ -490,6 +490,7 @@ Arguments: vopt_callout_random => do the "random" thing vopt_callout_recipsender => use real sender for recipient vopt_callout_recippmaster => use postmaster for recipient + vopt_callout_hold => lazy close connection se_mailfrom MAIL FROM address for sender verify; NULL => "" pm_mailfrom if non-NULL, do the postmaster check with this sender @@ -556,7 +557,10 @@ else if (cached_callout_lookup(addr, address_key, from_address, &options, &pm_mailfrom, &yield, failure_ptr, &new_domain_record, &old_domain_cache_result)) + { + cancel_cutthrough_connection(TRUE, US"cache-hit"); goto END_CALLOUT; + } if (!addr->transport) { @@ -756,9 +760,12 @@ tls_retry_connection: } #endif - /* This would be ok for 1st rcpt of a cutthrough (XXX do we have a count?) , but no way to - handle a subsequent because of the RSET. So refuse to support any. */ - cancel_cutthrough_connection("random-recipient"); + /* This would be ok for 1st rcpt of a cutthrough (the case handled here; + subsequents are done in cutthrough_multi()), but no way to + handle a subsequent because of the RSET vaporising the MAIL FROM. + So refuse to support any. Most cutthrough use will not involve + random_local_part, so no loss. */ + cancel_cutthrough_connection(TRUE, US"random-recipient"); addr->address = string_sprintf("%s@%.1000s", random_local_part, rcpt_domain); @@ -887,7 +894,7 @@ tls_retry_connection: /* Could possibly shift before main verify, just above, and be ok for cutthrough. But no way to handle a subsequent rcpt, so just refuse any */ - cancel_cutthrough_connection("postmaster verify"); + cancel_cutthrough_connection(TRUE, US"postmaster verify"); HDEBUG(D_acl|D_v) debug_printf_indent("Cutthrough cancelled by presence of postmaster verify\n"); done = smtp_write_command(&sx.outblock, FALSE, "RSET\r\n") >= 0 @@ -1003,8 +1010,10 @@ no_conn: /* Cutthrough - on a successful connect and recipient-verify with use-sender and we are 1st rcpt and have no cutthrough conn so far - here is where we want to leave the conn open */ - if ( cutthrough.delivery + here is where we want to leave the conn open. Ditto for a lazy-close + verify. */ + + if ( (cutthrough.delivery || options & vopt_callout_hold) && rcpt_count == 1 && done && yield == OK @@ -1016,14 +1025,29 @@ no_conn: && !sx.lmtp ) { - HDEBUG(D_acl|D_v) debug_printf_indent("holding verify callout open for cutthrough delivery\n"); - - cutthrough.fd = sx.outblock.sock; /* We assume no buffer in use in the outblock */ - cutthrough.nrcpt = 1; - cutthrough.interface = interface; - cutthrough.host = *host; - cutthrough.addr = *addr; /* Save the address_item for later logging */ - cutthrough.addr.next = NULL; + HDEBUG(D_acl|D_v) debug_printf_indent("holding verify callout open for %s\n", + cutthrough.delivery + ? "cutthrough delivery" : "potential further verifies and delivery"); + + cutthrough.callout_hold_only = !cutthrough.delivery; + cutthrough.is_tls = tls_out.active >= 0; + cutthrough.fd = sx.outblock.sock; /* We assume no buffer in use in the outblock */ + cutthrough.nrcpt = 1; + cutthrough.transport = addr->transport->name; + cutthrough.interface = interface; + cutthrough.snd_port = sending_port; + cutthrough.peer_options = smtp_peer_options; + cutthrough.host = *host; + { + int oldpool = store_pool; + store_pool = POOL_PERM; + cutthrough.snd_ip = string_copy(sending_ip_address); + cutthrough.host.name = string_copy(host->name); + cutthrough.host.address = string_copy(host->address); + store_pool = oldpool; + } + cutthrough.addr = *addr; /* Save the address_item for later logging */ + cutthrough.addr.next = NULL; cutthrough.addr.host_used = &cutthrough.host; if (addr->parent) *(cutthrough.addr.parent = store_get(sizeof(address_item))) = @@ -1036,9 +1060,9 @@ no_conn: } else { - /* Ensure no cutthrough on multiple address verifies */ + /* Ensure no cutthrough on multiple verifies that were incompatible */ if (options & vopt_callout_recipsender) - cancel_cutthrough_connection("not usable for cutthrough"); + cancel_cutthrough_connection(TRUE, US"not usable for cutthrough"); if (sx.send_quit) { (void) smtp_write_command(&sx.outblock, FALSE, "QUIT\r\n"); @@ -1184,20 +1208,26 @@ return TRUE; } /* Buffered output of counted data block. Return boolean success */ -BOOL +static BOOL cutthrough_puts(uschar * cp, int n) { if (cutthrough.fd < 0) return TRUE; if (_cutthrough_puts(cp, n)) return TRUE; -cancel_cutthrough_connection("transmit failed"); +cancel_cutthrough_connection(TRUE, US"transmit failed"); return FALSE; } +BOOL +cutthrough_data_puts(uschar * cp, int n) +{ +if (cutthrough.delivery) cutthrough_puts(cp, n); +} + static BOOL _cutthrough_flush_send(void) { -int n= ctblock.ptr-ctblock.buffer; +int n = ctblock.ptr - ctblock.buffer; if(n>0) if(!cutthrough_send(n)) @@ -1211,21 +1241,28 @@ BOOL cutthrough_flush_send(void) { if (_cutthrough_flush_send()) return TRUE; -cancel_cutthrough_connection("transmit failed"); +cancel_cutthrough_connection(TRUE, US"transmit failed"); return FALSE; } -BOOL +static BOOL cutthrough_put_nl(void) { return cutthrough_puts(US"\r\n", 2); } +BOOL +cutthrough_data_put_nl(void) +{ +return cutthrough_data_puts(US"\r\n", 2); +} + + /* Get and check response from cutthrough target */ static uschar -cutthrough_response(char expect, uschar ** copy, int timeout) +cutthrough_response(int fd, char expect, uschar ** copy, int timeout) { smtp_inblock inblock; uschar inbuffer[4096]; @@ -1235,12 +1272,12 @@ inblock.buffer = inbuffer; inblock.buffersize = sizeof(inbuffer); inblock.ptr = inbuffer; inblock.ptrend = inbuffer; -inblock.sock = cutthrough.fd; +inblock.sock = fd; /* this relies on (inblock.sock == tls_out.active) */ if(!smtp_read_response(&inblock, responsebuffer, sizeof(responsebuffer), expect, timeout)) - cancel_cutthrough_connection("target timeout on read"); + cancel_cutthrough_connection(TRUE, US"target timeout on read"); -if(copy != NULL) +if(copy) { uschar * cp; *copy = cp = string_copy(responsebuffer); @@ -1258,7 +1295,7 @@ return responsebuffer[0]; BOOL cutthrough_predata(void) { -if(cutthrough.fd < 0) +if(cutthrough.fd < 0 || cutthrough.callout_hold_only) return FALSE; HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> DATA\n"); @@ -1266,7 +1303,7 @@ cutthrough_puts(US"DATA\r\n", 6); cutthrough_flush_send(); /* Assume nothing buffered. If it was it gets ignored. */ -return cutthrough_response('3', NULL, CUTTHROUGH_DATA_TIMEOUT) == '3'; +return cutthrough_response(cutthrough.fd, '3', NULL, CUTTHROUGH_DATA_TIMEOUT) == '3'; } @@ -1293,7 +1330,7 @@ cutthrough_headers_send(void) { transport_ctx tctx; -if(cutthrough.fd < 0) +if(cutthrough.fd < 0 || cutthrough.callout_hold_only) return FALSE; /* We share a routine with the mainline transport to handle header add/remove/rewrites, @@ -1318,7 +1355,8 @@ return TRUE; static void close_cutthrough_connection(const char * why) { -if(cutthrough.fd >= 0) +int fd = cutthrough.fd; +if(fd >= 0) { /* We could be sending this after a bunch of data, but that is ok as the only way to cancel the transfer in dataphase is to drop the tcp @@ -1328,26 +1366,36 @@ if(cutthrough.fd >= 0) HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> QUIT\n"); _cutthrough_puts(US"QUIT\r\n", 6); /* avoid recursion */ _cutthrough_flush_send(); + cutthrough.fd = -1; /* avoid recursion via read timeout */ /* Wait a short time for response, and discard it */ - cutthrough_response('2', NULL, 1); + cutthrough_response(fd, '2', NULL, 1); - #ifdef SUPPORT_TLS +#ifdef SUPPORT_TLS tls_close(FALSE, TRUE); - #endif +#endif HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP(close)>>\n"); - (void)close(cutthrough.fd); - cutthrough.fd = -1; + (void)close(fd); HDEBUG(D_acl) debug_printf_indent("----------- cutthrough shutdown (%s) ------------\n", why); } ctblock.ptr = ctbuffer; } void -cancel_cutthrough_connection(const char * why) +cancel_cutthrough_connection(BOOL close_noncutthrough_verifies, const uschar * why) +{ +if (cutthrough.delivery || close_noncutthrough_verifies) + close_cutthrough_connection(why); +cutthrough.delivery = cutthrough.callout_hold_only = FALSE; +} + + +void +release_cutthrough_connection(const uschar * why) { -close_cutthrough_connection(why); -cutthrough.delivery = FALSE; +HDEBUG(D_acl) debug_printf_indent("release cutthrough conn: %s\n", why); +cutthrough.fd = -1; +cutthrough.delivery = cutthrough.callout_hold_only = FALSE; } @@ -1372,7 +1420,7 @@ if( !cutthrough_puts(US".", 1) ) return cutthrough.addr.message; -res = cutthrough_response('2', &cutthrough.addr.message, CUTTHROUGH_DATA_TIMEOUT); +res = cutthrough_response(cutthrough.fd, '2', &cutthrough.addr.message, CUTTHROUGH_DATA_TIMEOUT); for (addr = &cutthrough.addr; addr; addr = addr->next) { addr->message = cutthrough.addr.message; @@ -1879,7 +1927,7 @@ while (addr_new) } respond_printf(f, "%s\n", cr); } - cancel_cutthrough_connection("routing hard fail"); + cancel_cutthrough_connection(TRUE, US"routing hard fail"); if (!full_info) { @@ -1918,7 +1966,7 @@ while (addr_new) } respond_printf(f, "%s\n", cr); } - cancel_cutthrough_connection("routing soft fail"); + cancel_cutthrough_connection(TRUE, US"routing soft fail"); if (!full_info) { @@ -1991,7 +2039,7 @@ while (addr_new) /* If stopped because more than one new address, cannot cutthrough */ if (addr_new && addr_new->next) - cancel_cutthrough_connection("multiple addresses from routing"); + cancel_cutthrough_connection(TRUE, US"multiple addresses from routing"); yield = OK; goto out; @@ -2241,18 +2289,16 @@ verify_check_header_names_ascii(uschar **msgptr) header_line *h; uschar *colon, *s; -for (h = header_list; h != NULL; h = h->next) +for (h = header_list; h; h = h->next) { - colon = Ustrchr(h->text, ':'); - for(s = h->text; s < colon; s++) - { - if ((*s < 33) || (*s > 126)) - { - *msgptr = string_sprintf("Invalid character in header \"%.*s\" found", - colon - h->text, h->text); - return FAIL; - } - } + colon = Ustrchr(h->text, ':'); + for(s = h->text; s < colon; s++) + if ((*s < 33) || (*s > 126)) + { + *msgptr = string_sprintf("Invalid character in header \"%.*s\" found", + colon - h->text, h->text); + return FAIL; + } } return OK; } diff --git a/test/confs/0580 b/test/confs/0580 new file mode 100644 index 000000000..54ef7ae70 --- /dev/null +++ b/test/confs/0580 @@ -0,0 +1,46 @@ +# Exim test configuration 0580 + +OPT = + +.include DIR/aux-var/std_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +acl_smtp_rcpt = check_rcpt + +log_selector = +received_recipients +OPT + +# ----- ACLs ----- + +begin acl + +check_rcpt: + accept verify = recipient/callout=use_sender,hold + + +# ----- Routers ----- + +begin routers + +r1: + driver = manualroute + route_list = * 127.0.0.1 + self = send + transport = t1 + + +begin transports + +t1: + driver = smtp + port = PORT_S + + +# ----- Retry ----- +begin retry + +* * F,5d,10s +# End diff --git a/test/confs/0581 b/test/confs/0581 new file mode 120000 index 000000000..35e8a25bd --- /dev/null +++ b/test/confs/0581 @@ -0,0 +1 @@ +0580 \ No newline at end of file diff --git a/test/confs/0582 b/test/confs/0582 new file mode 120000 index 000000000..35e8a25bd --- /dev/null +++ b/test/confs/0582 @@ -0,0 +1 @@ +0580 \ No newline at end of file diff --git a/test/confs/2035 b/test/confs/2035 new file mode 100644 index 000000000..a10dc53e9 --- /dev/null +++ b/test/confs/2035 @@ -0,0 +1,84 @@ +# Exim test configuration 2035 + +OPT = + +.include DIR/aux-var/tls_conf_prefix + +.ifdef SERVER +tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key +.else +tls_advertise_hosts = +.endif + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +acl_smtp_rcpt = check_rcpt +acl_smtp_data = check_data + +log_selector = +received_recipients +outgoing_port +OPT + +# ----- ACLs ----- + +begin acl + +check_rcpt: + accept + condition = ${if or { {!eq {SERVER}{server}} {= {$received_port}{PORT_S}} }} + verify = recipient/callout=use_sender,hold + defer condition = ${if eq {SERVER}{server}} + local_parts = rcpt_defer + accept + +check_data: + warn logwrite = $message_exim_id received on port $received_port + defer condition = ${if eq {SERVER}{server}} + condition = ${if eq {data_defer}{${local_part:$recipients}}} + accept + +# ----- Routers ----- + +begin routers + +.ifdef SERVER + +target: + driver = redirect + condition = ${if = {$received_port}{PORT_D}} + data = :blackhole: + +dut: + driver = manualroute + route_list = * 127.0.0.1 + self = send + transport = t1 + +.else + +client: + driver = manualroute + route_list = * 127.0.0.1 + self = send + transport = t1 + errors_to = "" + +.endif + + +begin transports + +t1: + driver = smtp + port = PORT_D + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_verify_cert_hostnames = : + + +# ----- Retry ----- +begin retry + +* * F,5d,10s +# End diff --git a/test/confs/2036 b/test/confs/2036 new file mode 120000 index 000000000..3f3e22d7e --- /dev/null +++ b/test/confs/2036 @@ -0,0 +1 @@ +2035 \ No newline at end of file diff --git a/test/confs/2037 b/test/confs/2037 new file mode 120000 index 000000000..3f3e22d7e --- /dev/null +++ b/test/confs/2037 @@ -0,0 +1 @@ +2035 \ No newline at end of file diff --git a/test/confs/2135 b/test/confs/2135 new file mode 100644 index 000000000..fcb5f00f4 --- /dev/null +++ b/test/confs/2135 @@ -0,0 +1,85 @@ +# Exim test configuration 2135 + +OPT = + +.include DIR/aux-var/tls_conf_prefix + +.ifdef SERVER +tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key +.else +tls_advertise_hosts = +.endif + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +acl_smtp_rcpt = check_rcpt +acl_smtp_data = check_data + +log_selector = +received_recipients +outgoing_port +OPT + +# ----- ACLs ----- + +begin acl + +check_rcpt: + accept + condition = ${if or { {!eq {SERVER}{server}} {= {$received_port}{PORT_S}} }} + verify = recipient/callout=use_sender,hold + defer condition = ${if eq {SERVER}{server}} + local_parts = rcpt_defer + accept + +check_data: + warn logwrite = $message_exim_id received on port $received_port + defer condition = ${if eq {SERVER}{server}} + condition = ${if eq {data_defer}{${local_part:$recipients}}} + accept + +# ----- Routers ----- + +begin routers + +.ifdef SERVER + +target: + driver = redirect + condition = ${if = {$received_port}{PORT_D}} + data = :blackhole: + +dut: + driver = manualroute + route_list = * 127.0.0.1 + self = send + transport = t1 + +.else + +client: + driver = manualroute + route_list = * 127.0.0.1 + self = send + transport = t1 + errors_to = "" + +.endif + + +begin transports + +t1: + driver = smtp + port = PORT_D + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_verify_cert_hostnames = : + + +# ----- Retry ----- +begin retry + +* * F,5d,10s + +# End diff --git a/test/confs/2136 b/test/confs/2136 new file mode 120000 index 000000000..b9dc6e979 --- /dev/null +++ b/test/confs/2136 @@ -0,0 +1 @@ +2135 \ No newline at end of file diff --git a/test/confs/2137 b/test/confs/2137 new file mode 120000 index 000000000..b9dc6e979 --- /dev/null +++ b/test/confs/2137 @@ -0,0 +1 @@ +2135 \ No newline at end of file diff --git a/test/log/0580 b/test/log/0580 new file mode 100644 index 000000000..f006778e5 --- /dev/null +++ b/test/log/0580 @@ -0,0 +1,15 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for usery@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 => usery@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for usery@test.ex usery2@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaY-0005vi-00 -> usery2@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for usery3@test.ex usery@test.ex +1999-03-02 09:44:33 10HmaZ-0005vi-00 => usery3@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaZ-0005vi-00 -> usery@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for usery4@test.ex usery5@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => usery4@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmbA-0005vi-00 -> usery5@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed diff --git a/test/log/0581 b/test/log/0581 new file mode 100644 index 000000000..f554e0057 --- /dev/null +++ b/test/log/0581 @@ -0,0 +1,23 @@ + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmaX-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 => userd@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= usere@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userf@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => userf@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd@test.ex userd2@test.ex +1999-03-02 09:44:33 10HmaZ-0005vi-00 => userd@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaZ-0005vi-00 -> userd2@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbA-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd3@test.ex userd2@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => userd3@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmbA-0005vi-00 -> userd2@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 10HmbB-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd4@test.ex userd5@test.ex +1999-03-02 09:44:33 10HmbB-0005vi-00 => userd4@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmbB-0005vi-00 -> userd5@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1] C="250 yeah got that message" +1999-03-02 09:44:33 10HmbB-0005vi-00 Completed diff --git a/test/log/0582 b/test/log/0582 new file mode 100644 index 000000000..8953064ef --- /dev/null +++ b/test/log/0582 @@ -0,0 +1,3 @@ +1999-03-02 09:44:33 U=CALLER F= temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 not right now +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for userh@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 == userh@test.ex R=r1 T=t1 defer (-46) H=127.0.0.1 [127.0.0.1]: SMTP error from remote mail server after end of data: 451 not right now diff --git a/test/log/2035 b/test/log/2035 new file mode 100644 index 000000000..13c6c838e --- /dev/null +++ b/test/log/2035 @@ -0,0 +1,11 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 10HmaX-0005vi-00 received on port 0 +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for userb@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 10HmaY-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= usera@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for userb@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed diff --git a/test/log/2036 b/test/log/2036 new file mode 100644 index 000000000..b2cbc2c98 --- /dev/null +++ b/test/log/2036 @@ -0,0 +1,20 @@ + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 +1999-03-02 09:44:33 10HmaX-0005vi-00 10HmaX-0005vi-00 received on port 1224 +1999-03-02 09:44:33 10HmaX-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 10HmaY-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= userc@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss for userd@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 => userd@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 +1999-03-02 09:44:33 10HmaZ-0005vi-00 10HmaZ-0005vi-00 received on port 1224 +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= usere@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userf@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 10HmbA-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= usere@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss for userf@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 => userf@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed diff --git a/test/log/2037 b/test/log/2037 new file mode 100644 index 000000000..896dcf6f8 --- /dev/null +++ b/test/log/2037 @@ -0,0 +1,10 @@ +1999-03-02 09:44:33 U=CALLER F= temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later +1999-03-02 09:44:33 10HmaY-0005vi-00 10HmaY-0005vi-00 received on port 0 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for data_defer@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 == data_defer@test.ex R=client T=t1 defer (-46) H=127.0.0.1 [127.0.0.1]:1111: SMTP error from remote mail server after end of data: 451 Temporary local problem - please try later + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected RCPT +1999-03-02 09:44:33 10HmaX-0005vi-00 10HmaX-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected after DATA diff --git a/test/log/2135 b/test/log/2135 new file mode 100644 index 000000000..d2a01cd23 --- /dev/null +++ b/test/log/2135 @@ -0,0 +1,11 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 10HmaX-0005vi-00 received on port 0 +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for userb@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 10HmaY-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= usera@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for userb@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed diff --git a/test/log/2136 b/test/log/2136 new file mode 100644 index 000000000..bfd9e31fd --- /dev/null +++ b/test/log/2136 @@ -0,0 +1,20 @@ + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 +1999-03-02 09:44:33 10HmaX-0005vi-00 10HmaX-0005vi-00 received on port 1224 +1999-03-02 09:44:33 10HmaX-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 10HmaY-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= userc@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss for userd@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 => userd@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 +1999-03-02 09:44:33 10HmaZ-0005vi-00 10HmaZ-0005vi-00 received on port 1224 +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= usere@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userf@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 10HmbA-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= usere@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss for userf@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 => userf@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed diff --git a/test/log/2137 b/test/log/2137 new file mode 100644 index 000000000..bef7dce9d --- /dev/null +++ b/test/log/2137 @@ -0,0 +1,10 @@ +1999-03-02 09:44:33 U=CALLER F=<> temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later +1999-03-02 09:44:33 10HmaY-0005vi-00 10HmaY-0005vi-00 received on port 0 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for data_defer@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 == data_defer@test.ex R=client T=t1 defer (-46) H=127.0.0.1 [127.0.0.1]:1111: SMTP error from remote mail server after end of data: 451 Temporary local problem - please try later + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no F=<> temporarily rejected RCPT +1999-03-02 09:44:33 10HmaX-0005vi-00 10HmaX-0005vi-00 received on port 1225 +1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no F=<> temporarily rejected after DATA diff --git a/test/rejectlog/0582 b/test/rejectlog/0582 new file mode 100644 index 000000000..614c29400 --- /dev/null +++ b/test/rejectlog/0582 @@ -0,0 +1 @@ +1999-03-02 09:44:33 U=CALLER F= temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 not right now diff --git a/test/rejectlog/2037 b/test/rejectlog/2037 new file mode 100644 index 000000000..19259d512 --- /dev/null +++ b/test/rejectlog/2037 @@ -0,0 +1,21 @@ +1999-03-02 09:44:33 U=CALLER F= temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later + +******** SERVER ******** +1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected RCPT +1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected after DATA +Envelope-from: +Envelope-to: +P Received: from localhost ([127.0.0.1] helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256) + (Exim x.yz) + (envelope-from ) + id 10HmaX-0005vi-00 + for data_defer@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz) + (envelope-from ) + id 10HmaY-0005vi-00 + for data_defer@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 + Subject: test +I Message-Id: +F From: CALLER_NAME + Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/rejectlog/2137 b/test/rejectlog/2137 new file mode 100644 index 000000000..6ec734584 --- /dev/null +++ b/test/rejectlog/2137 @@ -0,0 +1,20 @@ +1999-03-02 09:44:33 U=CALLER F=<> temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later + +******** SERVER ******** +1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no F=<> temporarily rejected RCPT +1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no F=<> temporarily rejected after DATA +Envelope-from: <> +Envelope-to: +P Received: from localhost ([127.0.0.1] helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLSv1:AES256-SHA:256) + (Exim x.yz) + id 10HmaX-0005vi-00 + for data_defer@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz) + (envelope-from ) + id 10HmaY-0005vi-00 + for data_defer@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 + Subject: test +I Message-Id: +F From: CALLER_NAME + Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/scripts/0000-Basic/0580 b/test/scripts/0000-Basic/0580 new file mode 100644 index 000000000..8d8a11751 --- /dev/null +++ b/test/scripts/0000-Basic/0580 @@ -0,0 +1,156 @@ +# callout lazy-close, -bs send +need_ipv4 +# +# a recipient verify and continued-delivery +# cmdline -bs send +server PORT_S +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +exim -bs +mail from: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +# +# +# multiple recipients +# 1st callout result is cached (above); should not activate LCC +server PORT_S 2 +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +QUIT +221 Bye +*eof +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +RCPT TO +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +exim -bs +mail from: +rcpt to: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +# +# +# 2nd callout result is cached (above); should not activate LCC +server PORT_S 2 +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +QUIT +221 Bye +*eof +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +RCPT TO +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +exim -bs +mail from: +rcpt to: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +# +# +# no cache hits; should do LCC +server PORT_S +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +RCPT TO +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +exim -bs +mail from: +rcpt to: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/0000-Basic/0581 b/test/scripts/0000-Basic/0581 new file mode 100644 index 000000000..f0ce3bcd7 --- /dev/null +++ b/test/scripts/0000-Basic/0581 @@ -0,0 +1,264 @@ +# callout lazy-close, smtp send +need_ipv4 +# +# a recipient verify and continued-delivery +# smtp send +server PORT_S +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +exim -DSERVER=server -bd -oX PORT_D +**** +# +client 127.0.0.1 PORT_D +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +killdaemon +# +# +# smtp send, deliver_drop_priv +server PORT_S +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +exim -DSERVER=server -DOPT=deliver_drop_privilege -bd -oX PORT_D +**** +# +client 127.0.0.1 PORT_D +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +killdaemon +# +# +# multiple recipients +# 1st callout result is cached (above); should not activate LCC +# smtp send +server PORT_S 2 +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO: +250 OK +QUIT +221 Bye +*eof +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO: +250 OK +RCPT TO: +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +exim -DSERVER=server -bd -oX PORT_D +**** +# +client 127.0.0.1 PORT_D +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +# +# +# 2nd callout result is cached (above); should not activate LCC +# smtp send +server PORT_S 2 +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO: +250 OK +QUIT +221 Bye +*eof +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO: +250 OK +RCPT TO: +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +client 127.0.0.1 PORT_D +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +# +# +# no cache hits; should do LCC +# smtp send +server PORT_S 2 +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO: +250 OK +RCPT TO: +250 OK +DATA +354 hit me +. +250 yeah got that message +QUIT +221 Bye +**** +# +client 127.0.0.1 PORT_D +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +killdaemon +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/0000-Basic/0582 b/test/scripts/0000-Basic/0582 new file mode 100644 index 000000000..3eefcc979 --- /dev/null +++ b/test/scripts/0000-Basic/0582 @@ -0,0 +1,56 @@ +# callout lazy-close, defers +need_ipv4 +# +# a recipient verify and continued-delivery +# cmdline -bs send, rcpt-time defer +server PORT_S +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +451 not right now +QUIT +221 Bye +**** +# +exim -bs +mail from: +rcpt to: +quit +**** +sleep 1 +# +# cmdline -bs send, data-time defer +server PORT_S +220 Welcome +EHLO +250 Hi +MAIL FROM +250 OK +RCPT TO +250 OK +DATA +354 hit me +. +451 not right now +QUIT +221 Bye +**** +# +exim -bs +mail from: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/2000-GnuTLS/2035 b/test/scripts/2000-GnuTLS/2035 new file mode 100644 index 000000000..cb227868c --- /dev/null +++ b/test/scripts/2000-GnuTLS/2035 @@ -0,0 +1,26 @@ +# client: callout lazy-close, -bs send +gnutls +need_ipv4 +# +# a tls-capable target for the verify/delivery connection +exim -bd -DSERVER=server -oX PORT_D +**** +# +# a recipient verify and continued-delivery +# cmdline -bs send +exim -bs +mail from: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +killdaemon +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/2000-GnuTLS/2036 b/test/scripts/2000-GnuTLS/2036 new file mode 100644 index 000000000..1891d2fe8 --- /dev/null +++ b/test/scripts/2000-GnuTLS/2036 @@ -0,0 +1,70 @@ +# client: callout lazy-close, smtp send +gnutls +need_ipv4 +# +# smtp send +# a tls-capable target for the verify/delivery connection on PORT_D +# plus a daemon under test on PORT_S +exim -bd -DSERVER=server -oX PORT_D:PORT_S +**** +# +client 127.0.0.1 PORT_S +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +killdaemon +# +# +# smtp send, deliver_drop_priv +exim -bd -DSERVER=server -DOPT=deliver_drop_privilege -oX PORT_D:PORT_S +**** +# +client 127.0.0.1 PORT_S +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +killdaemon +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/2000-GnuTLS/2037 b/test/scripts/2000-GnuTLS/2037 new file mode 100644 index 000000000..8dca68114 --- /dev/null +++ b/test/scripts/2000-GnuTLS/2037 @@ -0,0 +1,31 @@ +# client: callout lazy-close, defers +gnutls +need_ipv4 +# +exim -bd -DSERVER=server -oX PORT_D +**** +# cmdline -bs send, rcpt-time defer +exim -bs +mail from: +rcpt to: +quit +**** +sleep 1 +# +# cmdline -bs send, data-time defer +exim -bs +mail from: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +killdaemon +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2135 b/test/scripts/2100-OpenSSL/2135 new file mode 100644 index 000000000..e521c45e3 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2135 @@ -0,0 +1,25 @@ +# client: callout lazy-close, -bs send +need_ipv4 +# +# a tls-capable target for the verify/delivery connection +exim -bd -DSERVER=server -oX PORT_D +**** +# +# a recipient verify and continued-delivery +# cmdline -bs send +exim -bs +mail from: +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +killdaemon +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2136 b/test/scripts/2100-OpenSSL/2136 new file mode 100644 index 000000000..aa13114d5 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2136 @@ -0,0 +1,71 @@ +# client: callout lazy-close, smtp send +need_ipv4 +# +# a recipient verify and continued-delivery +# smtp send +# a tls-capable target for the verify/delivery connection on PORT_D +# plus a daemon under test on PORT_S +exim -bd -DSERVER=server -oX PORT_D:PORT_S +**** +# +client 127.0.0.1 PORT_S +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +killdaemon +# +# +# smtp send, deliver_drop_priv +exim -bd -DSERVER=server -DOPT=deliver_drop_privilege -oX PORT_D:PORT_S +**** +# +client 127.0.0.1 PORT_S +??? 220 +EHLO test.ex +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: test + +body +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +killdaemon +# +# +# +no_stdout_check +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2137 b/test/scripts/2100-OpenSSL/2137 new file mode 100644 index 000000000..ec9a964a2 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2137 @@ -0,0 +1,30 @@ +# client: callout lazy-close, defers +need_ipv4 +# +exim -bd -DSERVER=server -oX PORT_D +**** +# cmdline -bs send, rcpt-time defer +exim -bs +mail from:<> +rcpt to: +quit +**** +sleep 1 +# +# cmdline -bs send, data-time defer +exim -bs +mail from:<> +rcpt to: +data +Subject: test + +body +. +quit +**** +sleep 1 +killdaemon +# +# +no_stdout_check +no_msglog_check diff --git a/test/stderr/0021 b/test/stderr/0021 index 7c5a79ee9..ce72feb75 100644 --- a/test/stderr/0021 +++ b/test/stderr/0021 @@ -183,6 +183,7 @@ end of ACL "rcpt": ACCEPT >> LOG: MAIN <= ok@test3 H=[10.9.8.8] U=CALLER P=smtp S=sss +release cutthrough conn: msg passed for delivery Exim version x.yz .... configuration file is TESTSUITE/test-config trusted user diff --git a/test/stderr/0275 b/test/stderr/0275 index 5f76af09a..3ec0da1d4 100644 --- a/test/stderr/0275 +++ b/test/stderr/0275 @@ -163,6 +163,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0278 b/test/stderr/0278 index 2d9967293..0274527ee 100644 --- a/test/stderr/0278 +++ b/test/stderr/0278 @@ -114,6 +114,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0361 b/test/stderr/0361 index 2506e1cfb..d90d472d6 100644 --- a/test/stderr/0361 +++ b/test/stderr/0361 @@ -56,6 +56,7 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -N -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0386 b/test/stderr/0386 index 44e856da2..0b980acda 100644 --- a/test/stderr/0386 +++ b/test/stderr/0386 @@ -221,6 +221,7 @@ LOG: MAIN <= x@y H=[V4NET.11.12.13] U=CALLER P=smtp S=sss SMTP>> 250 OK id=10HmaX-0005vi-00 search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -402,6 +403,7 @@ LOG: MAIN <= x@y H=[V4NET.11.12.13] U=CALLER P=smtp S=sss SMTP>> 250 OK id=10HmaY-0005vi-00 search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0388 b/test/stderr/0388 index 92b3f23e1..df772c330 100644 --- a/test/stderr/0388 +++ b/test/stderr/0388 @@ -223,6 +223,7 @@ Size of headers = sss LOG: MAIN <= <> R=10HmaX-0005vi-00 U=EXIMUSER P=local S=sss search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xebb95ced -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0402 b/test/stderr/0402 index a007de31c..ea99dea2c 100644 --- a/test/stderr/0402 +++ b/test/stderr/0402 @@ -174,6 +174,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95dfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0403 b/test/stderr/0403 index 716cabdf2..32387a9fc 100644 --- a/test/stderr/0403 +++ b/test/stderr/0403 @@ -47,6 +47,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -N -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0404 b/test/stderr/0404 index d3d8f4c64..96c42cb7a 100644 --- a/test/stderr/0404 +++ b/test/stderr/0404 @@ -147,6 +147,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -1524,6 +1525,7 @@ Size of headers = sss LOG: MAIN <= <> R=10HmaX-0005vi-00 U=CALLER P=local S=sss search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0408 b/test/stderr/0408 index f3d6d6b1a..e71299fea 100644 --- a/test/stderr/0408 +++ b/test/stderr/0408 @@ -47,6 +47,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0487 b/test/stderr/0487 index 7319b67dd..c29883a0f 100644 --- a/test/stderr/0487 +++ b/test/stderr/0487 @@ -74,6 +74,7 @@ LOG: MAIN created log directory TESTSUITE/spool/log SMTP>> 250 OK id=10HmaX-0005vi-00 search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/2600 b/test/stderr/2600 index 4e9974733..957092f7f 100644 --- a/test/stderr/2600 +++ b/test/stderr/2600 @@ -335,6 +335,7 @@ LOG: MAIN <= CALLER@myhost.test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/5004 b/test/stderr/5004 index ad5c9b331..62a0ef987 100644 --- a/test/stderr/5004 +++ b/test/stderr/5004 @@ -49,6 +49,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/5005 b/test/stderr/5005 index 8b28b7055..74f66486e 100644 --- a/test/stderr/5005 +++ b/test/stderr/5005 @@ -47,6 +47,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -235,6 +236,7 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -424,6 +426,7 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaZ-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -622,6 +625,7 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmbA-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/5006 b/test/stderr/5006 index dce0d0050..4211a1877 100644 --- a/test/stderr/5006 +++ b/test/stderr/5006 @@ -47,6 +47,7 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called +release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective -- cgit v1.2.3 From 6851a9c5760767525e7586051c42be49342ed0f0 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 22 Mar 2017 21:02:24 +0000 Subject: tidying --- doc/doc-docbook/spec.xfpt | 2 ++ src/src/daemon.c | 7 +------ src/src/functions.h | 4 ++-- src/src/hash.c | 2 +- src/src/receive.c | 16 ++++++++-------- src/src/verify.c | 8 ++++---- test/stderr/4520 | 1 + 7 files changed, 19 insertions(+), 21 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 925b96324..ca5b2ea29 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -30909,6 +30909,7 @@ need to use this option unless you know that the called hosts make use of the sender when checking recipients. If used indiscriminately, it reduces the usefulness of callout caching. +.new .vitem &*hold*& This option applies to recipient callouts only. For example: .code @@ -30923,6 +30924,7 @@ The advantage is only gained if there are no callout cache hits if the use_sender option is used, if neither the random nor the use_postmaster option is used, and if no other callouts intervene. +.wen .endlist If you use any of the parameters that set a non-empty sender for the MAIL diff --git a/src/src/daemon.c b/src/src/daemon.c index 187378684..e31de1518 100644 --- a/src/src/daemon.c +++ b/src/src/daemon.c @@ -1967,10 +1967,8 @@ for (;;) errno = EINTR; } else - { lcount = select(max_socket + 1, (SELECT_ARG2_TYPE *)&select_listen, NULL, NULL, NULL); - } if (lcount < 0) { @@ -1996,10 +1994,9 @@ for (;;) while (lcount-- > 0) { int accept_socket = -1; + if (!select_failed) - { for (sk = 0; sk < listen_socket_count; sk++) - { if (FD_ISSET(listen_sockets[sk], &select_listen)) { len = sizeof(accepted); @@ -2008,8 +2005,6 @@ for (;;) FD_CLR(listen_sockets[sk], &select_listen); break; } - } - } /* If select or accept has failed and this was not caused by an interruption, log the incident and try again. With asymmetric TCP/IP diff --git a/src/src/functions.h b/src/src/functions.h index 331480188..d99e1ca40 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -116,8 +116,8 @@ extern uschar **child_exec_exim(int, BOOL, int *, BOOL, int, ...); extern pid_t child_open_uid(const uschar **, const uschar **, int, uid_t *, gid_t *, int *, int *, uschar *, BOOL); extern BOOL cleanup_environment(void); -extern BOOL cutthrough_data_puts(uschar *, int); -extern BOOL cutthrough_data_put_nl(void); +extern void cutthrough_data_puts(uschar *, int); +extern void cutthrough_data_put_nl(void); extern uschar *cutthrough_finaldot(void); extern BOOL cutthrough_flush_send(void); extern BOOL cutthrough_headers_send(void); diff --git a/src/src/hash.c b/src/src/hash.c index 7590d55b7..bde22b26a 100644 --- a/src/src/hash.c +++ b/src/src/hash.c @@ -51,7 +51,7 @@ switch (h->method) case HASH_SHA1: SHA1_Update (&h->u.sha1, data, len); break; case HASH_SHA256: SHA256_Update(&h->u.sha2, data, len); break; /* should be blocked by init not handling these, but be explicit to - * guard against accidents later (and hush up clang -Wswitch) */ + guard against accidents later (and hush up clang -Wswitch) */ default: assert(0); } } diff --git a/src/src/receive.c b/src/src/receive.c index 33c60e08d..aaf9215e9 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -831,7 +831,7 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) { message_size++; if (fout != NULL && fputc('\n', fout) == EOF) return END_WERROR; - (void) cutthrough_data_put_nl(); + cutthrough_data_put_nl(); if (ch != '\r') ch_state = 1; else continue; } break; @@ -850,7 +850,7 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) if (ch == '.') { uschar c= ch; - (void) cutthrough_data_puts(&c, 1); + cutthrough_data_puts(&c, 1); } ch_state = 1; break; @@ -860,7 +860,7 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) message_size++; body_linecount++; if (fout != NULL && fputc('\n', fout) == EOF) return END_WERROR; - (void) cutthrough_data_put_nl(); + cutthrough_data_put_nl(); if (ch == '\r') { ch_state = 2; @@ -881,11 +881,11 @@ while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) if (message_size > thismessage_size_limit) return END_SIZE; } if(ch == '\n') - (void) cutthrough_data_put_nl(); + cutthrough_data_put_nl(); else { uschar c = ch; - (void) cutthrough_data_puts(&c, 1); + cutthrough_data_puts(&c, 1); } } @@ -991,7 +991,7 @@ for(;;) { message_size++; if (fout && fputc('\n', fout) == EOF) return END_WERROR; - (void) cutthrough_data_put_nl(); + cutthrough_data_put_nl(); if (ch == '\r') continue; /* don't write CR */ ch_state = MID_LINE; } @@ -1008,11 +1008,11 @@ for(;;) if (message_size > thismessage_size_limit) return END_SIZE; } if(ch == '\n') - (void) cutthrough_data_put_nl(); + cutthrough_data_put_nl(); else { uschar c = ch; - (void) cutthrough_data_puts(&c, 1); + cutthrough_data_puts(&c, 1); } } /*NOTREACHED*/ diff --git a/src/src/verify.c b/src/src/verify.c index 59add8c00..b28d15a71 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -1217,10 +1217,10 @@ cancel_cutthrough_connection(TRUE, US"transmit failed"); return FALSE; } -BOOL +void cutthrough_data_puts(uschar * cp, int n) { -if (cutthrough.delivery) cutthrough_puts(cp, n); +if (cutthrough.delivery) (void) cutthrough_puts(cp, n); } @@ -1253,10 +1253,10 @@ return cutthrough_puts(US"\r\n", 2); } -BOOL +void cutthrough_data_put_nl(void) { -return cutthrough_data_puts(US"\r\n", 2); +cutthrough_data_puts(US"\r\n", 2); } diff --git a/test/stderr/4520 b/test/stderr/4520 index c2a856bb1..1642af78b 100644 --- a/test/stderr/4520 +++ b/test/stderr/4520 @@ -3,6 +3,7 @@ configuration file is TESTSUITE/test-config admin user LOG: MAIN <= CALLER@myhost.test.ex U=CALLER P=local S=sss +release cutthrough conn: msg passed for delivery Exim version x.yz .... configuration file is TESTSUITE/test-config trusted user -- cgit v1.2.3 From 5ea5d64c99a3f99722034f11d7bf79ab9d10f014 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 26 Apr 2017 20:18:31 +0100 Subject: Tweak debug output --- src/src/verify.c | 1 + test/stderr/0021 | 1 - test/stderr/0278 | 1 - test/stderr/0361 | 1 - test/stderr/0386 | 2 -- test/stderr/0388 | 1 - test/stderr/0402 | 1 - test/stderr/0403 | 1 - test/stderr/0404 | 2 -- test/stderr/0408 | 1 - test/stderr/0487 | 1 - test/stderr/2600 | 1 - test/stderr/4520 | 1 - test/stderr/5004 | 1 - test/stderr/5005 | 4 ---- test/stderr/5006 | 1 - 16 files changed, 1 insertion(+), 20 deletions(-) (limited to 'test/stderr') diff --git a/src/src/verify.c b/src/src/verify.c index e46d2020b..706d42a0f 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -1395,6 +1395,7 @@ cutthrough.delivery = cutthrough.callout_hold_only = FALSE; void release_cutthrough_connection(const uschar * why) { +if (cutthrough.fd < 0) return; HDEBUG(D_acl) debug_printf_indent("release cutthrough conn: %s\n", why); cutthrough.fd = -1; cutthrough.delivery = cutthrough.callout_hold_only = FALSE; diff --git a/test/stderr/0021 b/test/stderr/0021 index ce72feb75..7c5a79ee9 100644 --- a/test/stderr/0021 +++ b/test/stderr/0021 @@ -183,7 +183,6 @@ end of ACL "rcpt": ACCEPT >> LOG: MAIN <= ok@test3 H=[10.9.8.8] U=CALLER P=smtp S=sss -release cutthrough conn: msg passed for delivery Exim version x.yz .... configuration file is TESTSUITE/test-config trusted user diff --git a/test/stderr/0278 b/test/stderr/0278 index 0274527ee..2d9967293 100644 --- a/test/stderr/0278 +++ b/test/stderr/0278 @@ -114,7 +114,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0361 b/test/stderr/0361 index d90d472d6..2506e1cfb 100644 --- a/test/stderr/0361 +++ b/test/stderr/0361 @@ -56,7 +56,6 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -N -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0386 b/test/stderr/0386 index 0b980acda..44e856da2 100644 --- a/test/stderr/0386 +++ b/test/stderr/0386 @@ -221,7 +221,6 @@ LOG: MAIN <= x@y H=[V4NET.11.12.13] U=CALLER P=smtp S=sss SMTP>> 250 OK id=10HmaX-0005vi-00 search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -403,7 +402,6 @@ LOG: MAIN <= x@y H=[V4NET.11.12.13] U=CALLER P=smtp S=sss SMTP>> 250 OK id=10HmaY-0005vi-00 search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0388 b/test/stderr/0388 index df772c330..92b3f23e1 100644 --- a/test/stderr/0388 +++ b/test/stderr/0388 @@ -223,7 +223,6 @@ Size of headers = sss LOG: MAIN <= <> R=10HmaX-0005vi-00 U=EXIMUSER P=local S=sss search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xebb95ced -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0402 b/test/stderr/0402 index ea99dea2c..a007de31c 100644 --- a/test/stderr/0402 +++ b/test/stderr/0402 @@ -174,7 +174,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95dfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0403 b/test/stderr/0403 index 32387a9fc..716cabdf2 100644 --- a/test/stderr/0403 +++ b/test/stderr/0403 @@ -47,7 +47,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -N -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0404 b/test/stderr/0404 index 96c42cb7a..d3d8f4c64 100644 --- a/test/stderr/0404 +++ b/test/stderr/0404 @@ -147,7 +147,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -1525,7 +1524,6 @@ Size of headers = sss LOG: MAIN <= <> R=10HmaX-0005vi-00 U=CALLER P=local S=sss search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0408 b/test/stderr/0408 index e71299fea..f3d6d6b1a 100644 --- a/test/stderr/0408 +++ b/test/stderr/0408 @@ -47,7 +47,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0487 b/test/stderr/0487 index c29883a0f..7319b67dd 100644 --- a/test/stderr/0487 +++ b/test/stderr/0487 @@ -74,7 +74,6 @@ LOG: MAIN created log directory TESTSUITE/spool/log SMTP>> 250 OK id=10HmaX-0005vi-00 search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/2600 b/test/stderr/2600 index 957092f7f..4e9974733 100644 --- a/test/stderr/2600 +++ b/test/stderr/2600 @@ -335,7 +335,6 @@ LOG: MAIN <= CALLER@myhost.test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/4520 b/test/stderr/4520 index 1642af78b..c2a856bb1 100644 --- a/test/stderr/4520 +++ b/test/stderr/4520 @@ -3,7 +3,6 @@ configuration file is TESTSUITE/test-config admin user LOG: MAIN <= CALLER@myhost.test.ex U=CALLER P=local S=sss -release cutthrough conn: msg passed for delivery Exim version x.yz .... configuration file is TESTSUITE/test-config trusted user diff --git a/test/stderr/5004 b/test/stderr/5004 index 62a0ef987..ad5c9b331 100644 --- a/test/stderr/5004 +++ b/test/stderr/5004 @@ -49,7 +49,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/5005 b/test/stderr/5005 index 74f66486e..8b28b7055 100644 --- a/test/stderr/5005 +++ b/test/stderr/5005 @@ -47,7 +47,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -236,7 +235,6 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaY-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -426,7 +424,6 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaZ-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective @@ -625,7 +622,6 @@ Size of headers = sss LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmbA-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/5006 b/test/stderr/5006 index 4211a1877..dce0d0050 100644 --- a/test/stderr/5006 +++ b/test/stderr/5006 @@ -47,7 +47,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective -- cgit v1.2.3 From 328c5688dbe0f4c14418f22350ccd99b3fe8ac71 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 28 Apr 2017 23:54:35 +0100 Subject: Support wire-format spoolfiles --- doc/doc-docbook/spec.xfpt | 30 ++++++++++- doc/doc-txt/NewStuff | 6 +++ doc/doc-txt/OptionLists.txt | 1 + src/src/deliver.c | 2 - src/src/dkim_transport.c | 18 ++++--- src/src/globals.c | 2 + src/src/globals.h | 2 + src/src/pdkim/pdkim.c | 6 +-- src/src/readconf.c | 1 + src/src/receive.c | 49 +++++++++++++++-- src/src/spam.c | 4 +- src/src/spool_in.c | 7 +++ src/src/spool_mbox.c | 60 +++++++++++---------- src/src/spool_out.c | 5 +- src/src/transport.c | 111 +++++++++++++++++++++++++++++++------- src/src/transports/smtp.c | 3 ++ src/src/verify.c | 1 + test/confs/0906 | 89 +++++++++++++++++++++++++++++++ test/confs/4530 | 1 + test/log/0906 | 9 ++++ test/log/4530 | 17 ++++++ test/mail/0906.a | 109 ++++++++++++++++++++++++++++++++++++++ test/mail/4530.y | 26 +++++++++ test/mail/4530.z | 26 +++++++++ test/scripts/0000-Basic/0906 | 122 ++++++++++++++++++++++++++++++++++++++++++ test/scripts/4500-DKIM/4530 | 66 +++++++++++++++++++++++ test/stderr/0143 | 1 + test/stderr/0169 | 1 + test/stderr/0275 | 1 - test/stderr/0386 | 2 + test/stderr/0393 | 3 ++ test/stderr/0402 | 2 + test/stderr/0404 | 1 + test/stderr/0408 | 1 + test/stderr/0476 | 1 + test/stderr/0487 | 1 + test/stderr/0512 | 2 + test/stderr/2600 | 1 + test/stderr/4520 | 6 +-- test/stderr/5004 | 1 + test/stderr/5005 | 2 + test/stderr/5006 | 1 + test/stderr/5008 | 2 + test/stdout/0906 | 123 +++++++++++++++++++++++++++++++++++++++++++ test/stdout/4530 | 75 ++++++++++++++++++++++++++ 45 files changed, 930 insertions(+), 70 deletions(-) create mode 100644 test/confs/0906 create mode 120000 test/confs/4530 create mode 100644 test/log/0906 create mode 100644 test/log/4530 create mode 100644 test/mail/0906.a create mode 100644 test/mail/4530.y create mode 100644 test/mail/4530.z create mode 100644 test/scripts/0000-Basic/0906 create mode 100644 test/scripts/4500-DKIM/4530 create mode 100644 test/stdout/0906 create mode 100644 test/stdout/4530 (limited to 'test/stderr') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 7a1b491c0..e5c433fbb 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -13566,6 +13566,7 @@ listed in more than one group. .row &%message_body_visible%& "how much to show in &$message_body$&" .row &%mua_wrapper%& "run in &""MUA wrapper""& mode" .row &%print_topbitchars%& "top-bit characters are printing" +.row &%spool_wireformat%& "use wire-format spool data files when possible" .row &%timezone%& "force time zone" .endtable @@ -16821,6 +16822,25 @@ as failures in the configuration file. By using this option to override the compiled-in path, it is possible to run tests of Exim without using the standard spool. +.new +.option spool_wireformat main boolean false +.cindex "spool directory" "file formats" +If this option is set, Exim may for some messages use an alternate format +for data-files in the spool which matches the wire format. +Doing this permits more efficient message reception and transmission. +Currently it is only done for messages received using the EMSTP CHUNKING +option. + +Users of the local_scan() API (see &<>&), +and any external programs which are passed a reference to a message data file +(except via the &"regex"&, &"malware"& or &"spam"&) ACL conditions) +will need to be aware of the potential different format. + +Using any of the ACL conditions noted will negate the reception benefit +(as a Unix-mbox-format file is contructed for them). +The transimssion benefit is maintained. +.wen + .option sqlite_lock_timeout main time 5s .cindex "sqlite lookup type" "lock timeout" This option controls the timeout that the &(sqlite)& lookup uses when trying to @@ -38094,8 +38114,8 @@ The address of an authenticated sender &-- the value of the &$authenticated_sender$& variable. .vitem "&%-body_linecount%&&~<&'number'&>" -This records the number of lines in the body of the message, and is always -present. +This records the number of lines in the body of the message, and is +present unless &%-spool_file_wireformat%& is. .vitem "&%-body_zerocount%&&~<&'number'&>" This records the number of binary zero bytes in the body of the message, and is @@ -38177,6 +38197,12 @@ to ensure that the caller is displayed in queue listings). If a message was scanned by SpamAssassin, this is present. It records the value of &$spam_score_int$&. +.vitem &%-spool_file_wireformat%& +The -D file for this message is in wire-format (for ESMTP CHUNKING) +rather than Unix-format. +The line-ending is CRLF rather than newline. +There is still, however, no leading-dot-stuffing. + .vitem &%-tls_certificate_verified%& A TLS certificate was received from the client that sent this message, and the certificate was verified by the server. diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 5f446f792..cb2346f69 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -29,6 +29,12 @@ Version 4.90 6. The reproducible build $SOURCE_DATE_EPOCH environment variable is now supported. + 7. Optionally, an alternate format for spool data-files which matches the + wire format - meaning more efficient reception and transmission (at the + cost of difficulty with standard Unix tools). Only used for messages + received using the ESMTP CHUNKING option, and when a new main-section + option "spool_wireformat" (false by default) is set. + Version 4.89 ------------ diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt index b6439e6ed..95d321e5c 100644 --- a/doc/doc-txt/OptionLists.txt +++ b/doc/doc-txt/OptionLists.txt @@ -529,6 +529,7 @@ socket string* unset lmtp spamd_address string* + main 4.50 with content scan split_spool_directory boolean false main 1.70 spool_directory string ++ main +spool_wireformat boolean false main 4.90 sqlite_lock_timeout time 5s main 4.53 strict_acl_vars boolean false main 4.64 srv_fail_domains domain list unset dnslookup 4.43 diff --git a/src/src/deliver.c b/src/src/deliver.c index 2787d0040..262ae454f 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -3890,14 +3890,12 @@ for (;;) /* Normally we do not repeat this loop */ maxpipe = 0; FD_ZERO(&select_pipes); for (poffset = 0; poffset < remote_max_parallel; poffset++) - { if (parlist[poffset].pid != 0) { int fd = parlist[poffset].fd; FD_SET(fd, &select_pipes); if (fd > maxpipe) maxpipe = fd; } - } /* Stick in a 60-second timeout, just in case. */ diff --git a/src/src/dkim_transport.c b/src/src/dkim_transport.c index 2aba56054..4538b36e3 100644 --- a/src/src/dkim_transport.c +++ b/src/src/dkim_transport.c @@ -45,9 +45,6 @@ DEBUG(D_transport) debug_printf("send file fd=%d size=%d\n", out_fd, size - off) /*XXX should implement timeout, like transport_write_block_fd() ? */ -/* Rewind file */ -lseek(in_fd, off, SEEK_SET); - #ifdef HAVE_LINUX_SENDFILE /* We can use sendfile() to shove the file contents to the socket. However only if we don't use TLS, @@ -69,6 +66,9 @@ else { int sread, wwritten; + /* Rewind file */ + lseek(in_fd, off, SEEK_SET); + /* Send file down the original fd */ while((sread = read(in_fd, deliver_out_buffer, DELIVER_OUT_BUFFER_SIZE)) >0) { @@ -118,6 +118,7 @@ dkt_direct(transport_ctx * tctx, struct ob_dkim * dkim, { int save_fd = tctx->u.fd; int save_options = tctx->options; +BOOL save_wireformat = spool_file_wireformat; uschar * hdrs, * dkim_signature; int siglen, hsize; const uschar * errstr; @@ -125,7 +126,8 @@ BOOL rc; DEBUG(D_transport) debug_printf("dkim signing direct-mode\n"); -/* Get headers in string for signing and transmission */ +/* Get headers in string for signing and transmission. Do CRLF +and dotstuffing (but no body nor dot-termination) */ tctx->u.msg = NULL; tctx->options = tctx->options & ~(topt_end_dot | topt_use_bdat) @@ -155,14 +157,18 @@ else if (!(rc = dkt_sign_fail(dkim, &errno))) /* Write the signature and headers into the deliver-out-buffer. This should mean they go out in the same packet as the MAIL, RCPT and (first) BDAT commands (transport_write_message() sizes the BDAT for the buffered amount) - for short -messages, the BDAT LAST command. We want no CRLF or dotstuffing expansion */ +messages, the BDAT LAST command. We want no dotstuffing expansion here, it +having already been done - but we have to say we want CRLF output format, and +temporarily set the marker for possible already-CRLF input. */ -tctx->options &= ~(topt_use_crlf | topt_escape_headers); +tctx->options &= ~topt_escape_headers; +spool_file_wireformat = TRUE; transport_write_reset(0); if ( !write_chunk(tctx, dkim_signature, siglen) || !write_chunk(tctx, hdrs, hsize)) return FALSE; +spool_file_wireformat = save_wireformat; tctx->options = save_options | topt_no_headers | topt_continuation; if (!(transport_write_message(tctx, 0))) diff --git a/src/src/globals.c b/src/src/globals.c index d61e894f3..f722fab12 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1363,6 +1363,8 @@ uschar *spf_smtp_comment = NULL; BOOL split_spool_directory = FALSE; uschar *spool_directory = US SPOOL_DIRECTORY "\0<--------------Space to patch spool_directory->"; +BOOL spool_file_wireformat = FALSE; +BOOL spool_wireformat = FALSE; #ifdef EXPERIMENTAL_SRS uschar *srs_config = NULL; uschar *srs_db_address = NULL; diff --git a/src/src/globals.h b/src/src/globals.h index 1c58a936b..e31517bf4 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -872,6 +872,8 @@ extern uschar *spf_smtp_comment; /* spf comment to include in SMTP reply * #endif extern BOOL split_spool_directory; /* TRUE to use multiple subdirs */ extern uschar *spool_directory; /* Name of spool directory */ +extern BOOL spool_file_wireformat; /* current -D file has CRLF rather than NL */ +extern BOOL spool_wireformat; /* can write wireformat -D files */ #ifdef EXPERIMENTAL_SRS extern uschar *srs_config; /* SRS config secret:max age:hash length:use timestamp:use hash */ extern uschar *srs_db_address; /* SRS db address */ diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c index e4384d7f7..61e3161d4 100644 --- a/src/src/pdkim/pdkim.c +++ b/src/src/pdkim/pdkim.c @@ -1419,7 +1419,7 @@ while (sig) } DEBUG(D_acl) debug_printf( - "PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>>>>\n"); + "PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>>\n"); /* SIGNING ---------------------------------------------------------------- */ /* When signing, walk through our header list and add them to the hash. As we @@ -1732,10 +1732,10 @@ DEBUG(D_acl) pdkim_signature s = *sig; ev_ctx vctx; - debug_printf("PDKIM (checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + debug_printf("PDKIM (checking verify key)>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); if (!pdkim_key_from_dns(ctx, &s, &vctx, errstr)) debug_printf("WARNING: bad dkim key in dns\n"); - debug_printf("PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + debug_printf("PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } return ctx; } diff --git a/src/src/readconf.c b/src/src/readconf.c index 340a0c0eb..f43a3d163 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -432,6 +432,7 @@ static optionlist optionlist_config[] = { #endif { "split_spool_directory", opt_bool, &split_spool_directory }, { "spool_directory", opt_stringptr, &spool_directory }, + { "spool_wireformat", opt_bool, &spool_wireformat }, #ifdef LOOKUP_SQLITE { "sqlite_lock_timeout", opt_int, &sqlite_lock_timeout }, #endif diff --git a/src/src/receive.c b/src/src/receive.c index 731c76d77..3d92a8479 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -1016,6 +1016,46 @@ for(;;) /*NOTREACHED*/ } +static int +read_message_bdat_smtp_wire(FILE *fout) +{ +int ch; + +/* Remember that this message uses wireformat. */ + +DEBUG(D_receive) debug_printf("CHUNKING: writing spoolfile in wire format\n"); +spool_file_wireformat = TRUE; + +/* Unfortunately cannot use sendfile() even if not TLS +as that requires (on linux) mmap-like operations on the input fd. + +XXX but worthwhile doing a block interface to the bdat_getc buffer +in the future */ + +for (;;) switch (ch = bdat_getc(GETC_BUFFER_UNLIMITED)) + { + case EOF: return END_EOF; + case EOD: return END_DOT; + case ERR: return END_PROTOCOL; + + default: + message_size++; +/*XXX not done: +linelength +max_received_linelength +body_linecount +body_zerocount +*/ + if (fout) + { + if (fputc(ch, fout) == EOF) return END_WERROR; + if (message_size > thismessage_size_limit) return END_SIZE; + } + break; + } +/*NOTREACHED*/ +} + @@ -3078,9 +3118,11 @@ if (!ferror(data_file) && !(receive_feof)() && message_ended != END_DOT) { if (smtp_input) { - message_ended = chunking_state > CHUNKING_OFFERED - ? read_message_bdat_smtp(data_file) - : read_message_data_smtp(data_file); + message_ended = chunking_state <= CHUNKING_OFFERED + ? read_message_data_smtp(data_file) + : spool_wireformat + ? read_message_bdat_smtp_wire(data_file) + : read_message_bdat_smtp(data_file); receive_linecount++; /* The terminating "." line */ } else message_ended = read_message_data(data_file); @@ -4258,6 +4300,7 @@ if (smtp_input) else if (chunking_state > CHUNKING_OFFERED) { +/*XXX rethink for spool_wireformat */ smtp_printf("250- %u byte chunk, total %d\r\n250 OK id=%s\r\n", chunking_datasize, message_size+message_linecount, message_id); chunking_state = CHUNKING_OFFERED; diff --git a/src/src/spam.c b/src/src/spam.c index 477ab62b4..49776a30d 100644 --- a/src/src/spam.c +++ b/src/src/spam.c @@ -265,9 +265,9 @@ if (spam_ok && Ustrcmp(prev_user_name, user_name) == 0) return override ? OK : spam_rc; /* make sure the eml mbox file is spooled up */ + if (!(mbox_file = spool_mbox(&mbox_size, NULL, NULL))) - { - /* error while spooling */ + { /* error while spooling */ log_write(0, LOG_MAIN|LOG_PANIC, "%s error while creating mbox spool file", loglabel); return DEFER; diff --git a/src/src/spool_in.c b/src/src/spool_in.c index 6ed566411..0bdf92e3b 100644 --- a/src/src/spool_in.c +++ b/src/src/spool_in.c @@ -284,6 +284,9 @@ sender_ident = NULL; sender_local = FALSE; sender_set_untrusted = FALSE; smtp_active_hostname = primary_hostname; +#ifndef COMPILE_UTILITY +spool_file_wireformat = FALSE; +#endif tree_nonrecipients = NULL; #ifdef EXPERIMENTAL_BRIGHTMAIL @@ -603,6 +606,10 @@ for (;;) else if (Ustrncmp(p, "pam_score_int ", 14) == 0) spam_score_int = string_copy(big_buffer + 16); #endif +#ifndef COMPILE_UTILITY + else if (Ustrncmp(p, "pool_file_wireformat", 20) == 0) + spool_file_wireformat = TRUE; +#endif #if defined(SUPPORT_I18N) && !defined(COMPILE_UTILITY) else if (Ustrncmp(p, "mtputf8", 7) == 0) message_smtputf8 = TRUE; diff --git a/src/src/spool_mbox.c b/src/src/spool_mbox.c index 89bdb7ddc..8ca468a85 100644 --- a/src/src/spool_mbox.c +++ b/src/src/spool_mbox.c @@ -62,8 +62,8 @@ if (!spool_mbox_ok) } /* open [message_id].eml file for writing */ - mbox_file = modefopen(mbox_path, "wb", SPOOL_MODE); - if (mbox_file == NULL) + + if (!(mbox_file = modefopen(mbox_path, "wb", SPOOL_MODE))) { log_write(0, LOG_MAIN|LOG_PANIC, "%s", string_open_failed(errno, "scan file %s", mbox_path)); @@ -80,33 +80,25 @@ if (!spool_mbox_ok) "${if def:sender_address{X-Envelope-From: <${sender_address}>\n}}" "${if def:recipients{X-Envelope-To: ${recipients}\n}}"); - if (temp_string != NULL) - { - i = fwrite(temp_string, Ustrlen(temp_string), 1, mbox_file); - if (i != 1) + if (temp_string) + if (fwrite(temp_string, Ustrlen(temp_string), 1, mbox_file) != 1) { log_write(0, LOG_MAIN|LOG_PANIC, "Error/short write while writing \ mailbox headers to %s", mbox_path); goto OUT; } - } - /* write all header lines to mbox file */ - my_headerlist = header_list; - for (my_headerlist = header_list; my_headerlist != NULL; - my_headerlist = my_headerlist->next) - { - /* skip deleted headers */ - if (my_headerlist->type == '*') continue; + /* write all non-deleted header lines to mbox file */ - i = fwrite(my_headerlist->text, my_headerlist->slen, 1, mbox_file); - if (i != 1) - { - log_write(0, LOG_MAIN|LOG_PANIC, "Error/short write while writing \ - message headers to %s", mbox_path); - goto OUT; - } - } + for (my_headerlist = header_list; my_headerlist; + my_headerlist = my_headerlist->next) + if (my_headerlist->type != '*') + if (fwrite(my_headerlist->text, my_headerlist->slen, 1, mbox_file) != 1) + { + log_write(0, LOG_MAIN|LOG_PANIC, "Error/short write while writing \ + message headers to %s", mbox_path); + goto OUT; + } /* End headers */ if (fwrite("\n", 1, 1, mbox_file) != 1) @@ -151,18 +143,32 @@ if (!spool_mbox_ok) do { - j = fread(buffer, 1, sizeof(buffer), data_file); + uschar * s; + + if (!spool_file_wireformat || source_file_override) + j = fread(buffer, 1, sizeof(buffer), data_file); + else /* needs CRLF -> NL */ + if ((s = fgets(buffer, sizeof(buffer), data_file))) + { + uschar * p = s + Ustrlen(s) - 1; + + if (*p == '\n' && p[-1] == '\r') + *--p = '\n'; + else if (*p == '\r') + ungetc(*p--, data_file); + + j = p - buffer; + } + else + j = 0; if (j > 0) - { - i = fwrite(buffer, j, 1, mbox_file); - if (i != 1) + if (fwrite(buffer, j, 1, mbox_file) != 1) { log_write(0, LOG_MAIN|LOG_PANIC, "Error/short write while writing \ message body to %s", mbox_path); goto OUT; } - } } while (j > 0); (void)fclose(mbox_file); diff --git a/src/src/spool_out.c b/src/src/spool_out.c index 652506fb3..ebe089d4f 100644 --- a/src/src/spool_out.c +++ b/src/src/spool_out.c @@ -197,7 +197,10 @@ tree_walk(acl_var_m, &acl_var_write, f); /* Now any other data that needs to be remembered. */ -fprintf(f, "-body_linecount %d\n", body_linecount); +if (spool_file_wireformat) + fprintf(f, "-spool_file_wireformat\n"); +else + fprintf(f, "-body_linecount %d\n", body_linecount); fprintf(f, "-max_received_linelength %d\n", max_received_linelength); if (body_zerocount > 0) fprintf(f, "-body_zerocount %d\n", body_zerocount); diff --git a/src/src/transport.c b/src/src/transport.c index 0f20efe1b..7806e3957 100644 --- a/src/src/transport.c +++ b/src/src/transport.c @@ -11,6 +11,10 @@ transports. */ #include "exim.h" +#ifdef HAVE_LINUX_SENDFILE +# include +#endif + /* Structure for keeping list of addresses that have been added to Envelope-To:, in order to avoid duplication. */ @@ -483,13 +487,22 @@ for (ptr = start; ptr < end; ptr++) chunk_ptr = deliver_out_buffer; } + /* Remove CR before NL if required */ + + if ( *ptr == '\r' && ptr[1] == '\n' + && (!tctx || !(tctx->options & topt_use_crlf)) + && spool_file_wireformat + ) + ptr++; + if ((ch = *ptr) == '\n') { int left = end - ptr - 1; /* count of chars left after NL */ /* Insert CR before NL if required */ - if (tctx && tctx->options & topt_use_crlf) *chunk_ptr++ = '\r'; + if (tctx && tctx->options & topt_use_crlf && !spool_file_wireformat) + *chunk_ptr++ = '\r'; *chunk_ptr++ = '\n'; transport_newlines++; @@ -749,9 +762,7 @@ for (h = header_list; h; h = h->next) if (h->type != htype_old) /* Header removed */ else - { DEBUG(D_transport) debug_printf("removed header line:\n%s---\n", h->text); - } } /* Add on any address-specific headers. If there are multiple addresses, @@ -890,7 +901,7 @@ Returns: TRUE on success; FALSE (with errno) on failure. BOOL internal_transport_write_message(transport_ctx * tctx, int size_limit) { -int len; +int len, size = 0; /* Initialize pointer in output buffer. */ @@ -906,17 +917,21 @@ if (tctx->check_string && tctx->escape_string) nl_escape_length = Ustrlen(nl_escape); } +/* Whether the escaping mechanism is applied to headers or not is controlled by +an option (set for SMTP, not otherwise). Negate the length if not wanted till +after the headers. */ + +if (!(tctx->options & topt_escape_headers)) + nl_check_length = -nl_check_length; + /* Write the headers if required, including any that have to be added. If there -are header rewriting rules, apply them. */ +are header rewriting rules, apply them. The datasource is not the -D spoolfile +so temporarily hide the global that adjusts for its format. */ if (!(tctx->options & topt_no_headers)) { - /* Whether the escaping mechanism is applied to headers or not is controlled by - an option (set for SMTP, not otherwise). Negate the length if not wanted till - after the headers. */ - - if (!(tctx->options & topt_escape_headers)) - nl_check_length = -nl_check_length; + BOOL save_wireformat = spool_file_wireformat; + spool_file_wireformat = FALSE; /* Add return-path: if requested. */ @@ -925,7 +940,7 @@ if (!(tctx->options & topt_no_headers)) uschar buffer[ADDRESS_MAXLENGTH + 20]; int n = sprintf(CS buffer, "Return-path: <%.*s>\n", ADDRESS_MAXLENGTH, return_path); - if (!write_chunk(tctx, buffer, n)) return FALSE; + if (!write_chunk(tctx, buffer, n)) goto bad; } /* Add envelope-to: if requested */ @@ -938,19 +953,18 @@ if (!(tctx->options & topt_no_headers)) struct aci *dlist = NULL; void *reset_point = store_get(0); - if (!write_chunk(tctx, US"Envelope-to: ", 13)) return FALSE; + if (!write_chunk(tctx, US"Envelope-to: ", 13)) goto bad; /* Pick up from all the addresses. The plist and dlist variables are anchors for lists of addresses already handled; they have to be defined at this level because write_env_to() calls itself recursively. */ for (p = tctx->addr; p; p = p->next) - if (!write_env_to(p, &plist, &dlist, &first, tctx)) - return FALSE; + if (!write_env_to(p, &plist, &dlist, &first, tctx)) goto bad; /* Add a final newline and reset the store used for tracking duplicates */ - if (!write_chunk(tctx, US"\n", 1)) return FALSE; + if (!write_chunk(tctx, US"\n", 1)) goto bad; store_reset(reset_point); } @@ -960,7 +974,7 @@ if (!(tctx->options & topt_no_headers)) { uschar buffer[100]; int n = sprintf(CS buffer, "Delivery-date: %s\n", tod_stamp(tod_full)); - if (!write_chunk(tctx, buffer, n)) return FALSE; + if (!write_chunk(tctx, buffer, n)) goto bad; } /* Then the message's headers. Don't write any that are flagged as "old"; @@ -970,7 +984,13 @@ if (!(tctx->options & topt_no_headers)) addr is not NULL. */ if (!transport_headers_send(tctx, &write_chunk)) + { +bad: + spool_file_wireformat = save_wireformat; return FALSE; + } + + spool_file_wireformat = save_wireformat; } /* When doing RFC3030 CHUNKING output, work out how much data would be in a @@ -988,7 +1008,7 @@ suboptimal. */ if (tctx->options & topt_use_bdat) { off_t fsize; - int hsize, size = 0; + int hsize; if ((hsize = chunk_ptr - deliver_out_buffer) < 0) hsize = 0; @@ -999,7 +1019,7 @@ if (tctx->options & topt_use_bdat) if (size_limit > 0 && fsize > size_limit) fsize = size_limit; size = hsize + fsize; - if (tctx->options & topt_use_crlf) + if (tctx->options & topt_use_crlf && !spool_file_wireformat) size += body_linecount; /* account for CRLF-expansion */ /* With topt_use_bdat we never do dot-stuffing; no need to @@ -1039,6 +1059,52 @@ negative in cases where it isn't to apply to the headers). Then ensure the body is positioned at the start of its file (following the message id), then write it, applying the size limit if required. */ +/* If we have a wireformat -D file (CRNL lines, non-dotstuffed, no ending dot) +and we want to send a body without dotstuffing or ending-dot, in-clear, +then we can just dump it using sendfile. +This should get used for CHUNKING output and also for writing the -K file for +dkim signing, when we had CHUNKING input. */ + +#ifdef HAVE_LINUX_SENDFILE +if ( spool_file_wireformat + && !(tctx->options & (topt_no_body | topt_end_dot)) + && !nl_check_length + && tls_out.active != tctx->u.fd + ) + { + ssize_t copied = 0; + off_t offset = SPOOL_DATA_START_OFFSET; + + /* Write out any header data in the buffer */ + + if ((len = chunk_ptr - deliver_out_buffer) > 0) + { + if (!transport_write_block(tctx, deliver_out_buffer, len, TRUE)) + return FALSE; + size -= len; + } + + DEBUG(D_transport) debug_printf("using sendfile for body\n"); + + while(size > 0) + { + if ((copied = sendfile(tctx->u.fd, deliver_datafile, &offset, size)) <= 0) break; + size -= copied; + } + return copied >= 0; + } +#else +DEBUG(D_transport) debug_printf("cannot use sendfile for body: no support\n"); +#endif + +DEBUG(D_transport) + if (!(tctx->options & topt_no_body)) + debug_printf("cannot use sendfile for body: %s\n", + !spool_file_wireformat ? "spoolfile not wireformat" + : tctx->options & topt_end_dot ? "terminating dot wanted" + : nl_check_length ? "dot- or From-stuffing wanted" + : "TLS output wanted"); + if (!(tctx->options & topt_no_body)) { int size = size_limit; @@ -1077,6 +1143,7 @@ return (len = chunk_ptr - deliver_out_buffer) <= 0 || + /************************************************* * External interface to write the message * *************************************************/ @@ -1098,6 +1165,7 @@ BOOL transport_write_message(transport_ctx * tctx, int size_limit) { BOOL last_filter_was_NL = TRUE; +BOOL save_spool_file_wireformat = spool_file_wireformat; int rc, len, yield, fd_read, fd_write, save_errno; int pfd[2] = {-1, -1}; pid_t filter_pid, write_pid; @@ -1215,8 +1283,10 @@ DEBUG(D_transport) debug_printf("copying from the filter\n"); /* Copy the output of the filter, remembering if the last character was NL. If no data is returned, that counts as "ended with NL" (default setting of the -variable is TRUE). */ +variable is TRUE). The output should always be unix-format as we converted +any wireformat source on writing input to the filter. */ +spool_file_wireformat = FALSE; chunk_ptr = deliver_out_buffer; for (;;) @@ -1256,6 +1326,7 @@ there has been an error, kill the processes before waiting for them, just to be sure. Also apply a paranoia timeout. */ TIDY_UP: +spool_file_wireformat = save_spool_file_wireformat; save_errno = errno; (void)close(fd_read); diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index e28a5bfe6..ecba054a2 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -2254,6 +2254,9 @@ included in the count.) */ if (sx->peer_offered & PEER_OFFERED_SIZE) { +/*XXX problem here under spool_files_wireformat? +Or just forget about lines? Or inflate by a fixed proportion? */ + sprintf(CS p, " SIZE=%d", message_size+message_linecount+sx->ob->size_addition); while (*p) p++; } diff --git a/src/src/verify.c b/src/src/verify.c index 706d42a0f..6a50af506 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -1344,6 +1344,7 @@ tctx.tblock = cutthrough.addr.transport; tctx.addr = &cutthrough.addr; tctx.check_string = US"."; tctx.escape_string = US".."; +/*XXX check under spool_files_wireformat. Might be irrelevant */ tctx.options = topt_use_crlf; if (!transport_headers_send(&tctx, &cutthrough_write_chunk)) diff --git a/test/confs/0906 b/test/confs/0906 new file mode 100644 index 000000000..2e8d35a91 --- /dev/null +++ b/test/confs/0906 @@ -0,0 +1,89 @@ +# Exim test configuration 0906 +SERVER= + +exim_path = EXIM_PATH +keep_environment = +host_lookup_order = bydns +spool_directory = DIR/spool +log_file_path = DIR/spool/log/SERVER%slog +gecos_pattern = "" +gecos_name = CALLER_NAME +chunking_advertise_hosts = * +tls_advertise_hosts = ${if eq {SRV}{tls} {*}} + +# ----- Main settings ----- + +spool_wireformat = true + +primary_hostname = testhost.test.ex +domainlist local_domains = @ : test.ex + +acl_smtp_rcpt = accept +log_selector = +received_recipients + +.ifdef _OPT_MAIN_TLS_CERTIFICATE +tls_certificate = DIR/aux-fixed/cert1 +tls_privatekey = DIR/aux-fixed/cert1 +.endif + +# ----- ACL ----- + +# ----- Routers ----- + +begin routers + +to_server: + driver = accept + condition = ${if = {$received_port}{PORT_S}} + transport = remote_smtp${if eq {OPT}{dkim} {_dkim}} + errors_to = "" + +fail_remote_domains: + driver = redirect + domains = ! +local_domains + data = :fail: unrouteable mail domain "$domain" + +localuser: + driver = accept + transport = local_delivery + + +# ----- Transports ----- + +begin transports + +local_delivery: + driver = appendfile + file = DIR/test-mail/$local_part + headers_add = "X-body-linecount: $body_linecount\n\ + X-message-linecount: $message_linecount\n\ + X-received-count: $received_count" + return_path_add + user = CALLER + +remote_smtp: + driver = smtp + hosts = 127.0.0.1 + port = PORT_D + allow_localhost + +remote_smtp_dkim: + driver = smtp + hosts = 127.0.0.1 + port = PORT_D + allow_localhost + +.ifdef OPT + dkim_domain = test.ex + dkim_selector = sel + dkim_private_key = DIR/aux-fixed/dkim/dkim.private +.ifndef HEADERS_MAXSIZE + dkim_sign_headers = LIST +.endif +.endif + +# ----- Retry ----- + +begin retry +* * F,30m,5m; +# End diff --git a/test/confs/4530 b/test/confs/4530 new file mode 120000 index 000000000..a8ce02c97 --- /dev/null +++ b/test/confs/4530 @@ -0,0 +1 @@ +0906 \ No newline at end of file diff --git a/test/log/0906 b/test/log/0906 new file mode 100644 index 000000000..e6a99e12d --- /dev/null +++ b/test/log/0906 @@ -0,0 +1,9 @@ + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 +1999-03-02 09:44:33 10HmaX-0005vi-00 <= sender@dom H=(test.com) [127.0.0.1] P=esmtp K S=sss for a@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtp K S=sss for a@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => a R=localuser T=local_delivery +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 10HmaX-0005vi-00 => a@test.ex R=to_server T=remote_smtp H=127.0.0.1 [127.0.0.1] K C="250- 8392 byte chunk, total 8599\\n250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed diff --git a/test/log/4530 b/test/log/4530 new file mode 100644 index 000000000..d360cb102 --- /dev/null +++ b/test/log/4530 @@ -0,0 +1,17 @@ + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1224 port 1225 +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=esmtp S=sss for z@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] +1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtp K S=sss for z@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => z R=localuser T=local_delivery +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 10HmaX-0005vi-00 => z@test.ex R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] K C="250- 652 byte chunk, total 652\\n250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=esmtp K S=sss for y@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] +1999-03-02 09:44:33 10HmbA-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtp K S=sss for y@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => y R=localuser T=local_delivery +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 => y@test.ex R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] K C="250- 652 byte chunk, total 652\\n250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed diff --git a/test/mail/0906.a b/test/mail/0906.a new file mode 100644 index 000000000..e5a07fc2d --- /dev/null +++ b/test/mail/0906.a @@ -0,0 +1,109 @@ +From MAILER-DAEMON Tue Mar 02 09:44:33 1999 +Return-path: <> +Received: from localhost ([127.0.0.1] helo=testhost.test.ex) + by testhost.test.ex with esmtp (Exim x.yz) + id 10HmaY-0005vi-00 + for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from [127.0.0.1] (helo=test.com) + by testhost.test.ex with esmtp (Exim x.yz) + (envelope-from ) + id 10HmaX-0005vi-00 + for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Subject: foo +X-body-linecount: 0 +X-message-linecount: 10 +X-received-count: 2 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +.dot +tail + diff --git a/test/mail/4530.y b/test/mail/4530.y new file mode 100644 index 000000000..580e21dc7 --- /dev/null +++ b/test/mail/4530.y @@ -0,0 +1,26 @@ +From MAILER-DAEMON Tue Mar 02 09:44:33 1999 +Return-path: <> +Received: from localhost ([127.0.0.1] helo=testhost.test.ex) + by testhost.test.ex with esmtp (Exim x.yz) + id 10HmbA-0005vi-00 + for y@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; + s=sel; h=LIST; bh=CVpkzY75tV/NCKk5pPx4GnM3NX83xwCiT0xVwo0G1Rs=; b=TIqPqpKM5qf + ZFlv2H8yio5RybWA3sLCtVmE6HmBhBKqW+uqLKG2grqJhVMJ3qXnvQQ3ixnMjMlJqfCpEBtxfsSR9 + MGLPP9ZMdlrBNEL6XKlgE+X8bAra5zkuLZs8gy8H3/mtEfoKPs4ltB/ZK/j2FHG2+CEx+TDTIkh9E + wkAMrA=; +Received: from [127.0.0.1] (helo=xxx) + by testhost.test.ex with esmtp (Exim x.yz) + (envelope-from ) + id 10HmaZ-0005vi-00 + for y@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Subject: simple test +X-body-linecount: 0 +X-message-linecount: 15 +X-received-count: 2 + +Line 1: This is a simple test. +Line 2: This is a simple test. +.Line 3 has a leading dot +last line: 4 + diff --git a/test/mail/4530.z b/test/mail/4530.z new file mode 100644 index 000000000..2e74291f5 --- /dev/null +++ b/test/mail/4530.z @@ -0,0 +1,26 @@ +From MAILER-DAEMON Tue Mar 02 09:44:33 1999 +Return-path: <> +Received: from localhost ([127.0.0.1] helo=testhost.test.ex) + by testhost.test.ex with esmtp (Exim x.yz) + id 10HmaY-0005vi-00 + for z@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; + s=sel; h=LIST; bh=CVpkzY75tV/NCKk5pPx4GnM3NX83xwCiT0xVwo0G1Rs=; b=TIqPqpKM5qf + ZFlv2H8yio5RybWA3sLCtVmE6HmBhBKqW+uqLKG2grqJhVMJ3qXnvQQ3ixnMjMlJqfCpEBtxfsSR9 + MGLPP9ZMdlrBNEL6XKlgE+X8bAra5zkuLZs8gy8H3/mtEfoKPs4ltB/ZK/j2FHG2+CEx+TDTIkh9E + wkAMrA=; +Received: from [127.0.0.1] (helo=xxx) + by testhost.test.ex with esmtp (Exim x.yz) + (envelope-from ) + id 10HmaX-0005vi-00 + for z@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Subject: simple test +X-body-linecount: 0 +X-message-linecount: 15 +X-received-count: 2 + +Line 1: This is a simple test. +Line 2: This is a simple test. +.Line 3 has a leading dot +last line: 4 + diff --git a/test/scripts/0000-Basic/0906 b/test/scripts/0000-Basic/0906 new file mode 100644 index 000000000..f80899fee --- /dev/null +++ b/test/scripts/0000-Basic/0906 @@ -0,0 +1,122 @@ +# CHUNKING, spool_wireformat +# +exim -bd -DSERVER=server -oX PORT_D:PORT_S +**** +# +# Basic long message +client 127.0.0.1 PORT_S +??? 220 +EHLO test.com +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +BDAT 8408 LAST +Subject: foo + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 + +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +.dot +tail +??? 250- +??? 250 +QUIT +**** +# +sleep 1 +killdaemon +no_msglog_check diff --git a/test/scripts/4500-DKIM/4530 b/test/scripts/4500-DKIM/4530 new file mode 100644 index 000000000..822f2fe02 --- /dev/null +++ b/test/scripts/4500-DKIM/4530 @@ -0,0 +1,66 @@ +# DKIM, CHUNKING, wireformat-spoolfile +# +exim -bd -DSERVER=server -DOPT=dkim -oX PORT_S:PORT_D +**** +# +# 1: non-CHUNKING injection; will not be stored as wireformat therefore +# onward-send will not use sendfile. Should still be signed, and verify correctly. +client 127.0.0.1 PORT_S +??? 220 +EHLO xxx +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: simple test + +Line 1: This is a simple test. +Line 2: This is a simple test. +..Line 3 has a leading dot +last line: 4 +. +??? 250 +QUIT +??? 221 +**** +sleep 1 +# +# 2: CHUNKING injection; should be stored as wireformat therefore +# onward-send should not use sendfile. Should still be signed, and verify correctly. +client 127.0.0.1 PORT_S +??? 220 +EHLO xxx +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +BDAT 129 LAST +Subject: simple test + +Line 1: This is a simple test. +Line 2: This is a simple test. +.Line 3 has a leading dot +last line: 4 +??? 250- +??? 250 +QUIT +??? 221 +**** +sleep 1 +# +killdaemon +no_msglog_check diff --git a/test/stderr/0143 b/test/stderr/0143 index 3de426629..b1d0ff9b6 100644 --- a/test/stderr/0143 +++ b/test/stderr/0143 @@ -38,6 +38,7 @@ cmd buf flush ddd bytes cmd buf flush ddd bytes SMTP<< 354 Send data SMTP>> writing message and terminating "." +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=300 SMTP<< 250 OK ok=1 send_quit=1 send_rset=0 continue_more=0 yield=0 first_address is NULL diff --git a/test/stderr/0169 b/test/stderr/0169 index 70f11bf4f..30ed85f8d 100644 --- a/test/stderr/0169 +++ b/test/stderr/0169 @@ -24,6 +24,7 @@ writing to file TESTSUITE/test-mail/userx Exim quota = 52428800 old size = sssss this message = sss (included) file count quota = 0 count = 0 writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 quota = 52428800 threshold = 21495808 old size = sssss message size = sss diff --git a/test/stderr/0275 b/test/stderr/0275 index 3ec0da1d4..5f76af09a 100644 --- a/test/stderr/0275 +++ b/test/stderr/0275 @@ -163,7 +163,6 @@ LOG: MAIN <= CALLER@test.ex U=CALLER P=local S=sss created log directory TESTSUITE/spool/log search_tidyup called -release cutthrough conn: msg passed for delivery exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xfbb95cfd -odi -Mc 10HmaX-0005vi-00 Exim version x.yz .... changed uid/gid: forcing real = effective diff --git a/test/stderr/0386 b/test/stderr/0386 index 44e856da2..6fb8a5536 100644 --- a/test/stderr/0386 +++ b/test/stderr/0386 @@ -310,6 +310,7 @@ lock file created mailbox TESTSUITE/test-mail/2 is locked writing to file TESTSUITE/test-mail/2 writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd @@ -490,6 +491,7 @@ lock file created mailbox TESTSUITE/test-mail/2 is locked writing to file TESTSUITE/test-mail/2 writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd diff --git a/test/stderr/0393 b/test/stderr/0393 index dd0887f09..7fb82e35c 100644 --- a/test/stderr/0393 +++ b/test/stderr/0393 @@ -28,6 +28,7 @@ mailbox TESTSUITE/test-mail/userx is locked writing to file TESTSUITE/test-mail/userx writing data block fd=dddd size=sss timeout=0 process pppp running as transport filter: fd_write=dddd fd_read=dddd +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 process pppp writing to transport filter copying from the filter @@ -70,6 +71,7 @@ lock file created mailbox TESTSUITE/test-mail/userx is locked writing to file TESTSUITE/test-mail/userx writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd @@ -108,6 +110,7 @@ lock file created mailbox TESTSUITE/test-mail/userx is locked writing to file TESTSUITE/test-mail/userx writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd diff --git a/test/stderr/0402 b/test/stderr/0402 index a007de31c..7f301651b 100644 --- a/test/stderr/0402 +++ b/test/stderr/0402 @@ -487,6 +487,7 @@ writing to file TESTSUITE/test-mail/junk └─────result: From CALLER@test.ex Tue Mar 02 09:44:33 1999 writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd @@ -542,6 +543,7 @@ writing to file TESTSUITE/test-mail/junk └─────result: From CALLER@test.ex Tue Mar 02 09:44:33 1999 writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd diff --git a/test/stderr/0404 b/test/stderr/0404 index d3d8f4c64..3b7605ba7 100644 --- a/test/stderr/0404 +++ b/test/stderr/0404 @@ -18004,6 +18004,7 @@ writing to file TESTSUITE/test-mail/sender writing data block fd=dddd size=sss timeout=0 flushing headers buffer writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd diff --git a/test/stderr/0408 b/test/stderr/0408 index f3d6d6b1a..9cdb41d96 100644 --- a/test/stderr/0408 +++ b/test/stderr/0408 @@ -159,6 +159,7 @@ lock file created mailbox TESTSUITE/test-mail/userx is locked writing to file TESTSUITE/test-mail/userx writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd diff --git a/test/stderr/0476 b/test/stderr/0476 index 59ea69f58..675c6239c 100644 --- a/test/stderr/0476 +++ b/test/stderr/0476 @@ -52,6 +52,7 @@ set_process_info: pppp delivering 10HmaX-0005vi-00 LOG: MAIN ** userx@test.ex R=r1 T=t1 H=127.0.0.1 [127.0.0.1]: SMTP error from remote mail server after RCPT TO:: 550 NO set_process_info: pppp tidying up after delivering 10HmaX-0005vi-00 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 Exim version x.yz .... configuration file is TESTSUITE/test-config diff --git a/test/stderr/0487 b/test/stderr/0487 index 7319b67dd..70da61fff 100644 --- a/test/stderr/0487 +++ b/test/stderr/0487 @@ -163,6 +163,7 @@ writing to file TESTSUITE/test-mail/userx writing data block fd=dddd size=sss timeout=0 rewrite_one_header: type=F: From: unqualified +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd diff --git a/test/stderr/0512 b/test/stderr/0512 index 1cdf5f013..07025d5d7 100644 --- a/test/stderr/0512 +++ b/test/stderr/0512 @@ -59,6 +59,7 @@ LOG: MAIN == userx@myhost.test.ex R=r1 T=t1 defer (dd): Connection refused LOG: MAIN ** userx@myhost.test.ex: retry timeout exceeded +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 Exim version x.yz .... configuration file is TESTSUITE/test-config @@ -122,6 +123,7 @@ LOG: MAIN == userx@myhost.test.ex R=r1 T=t1 defer (dd): Connection refused LOG: MAIN ** userx@myhost.test.ex: retry timeout exceeded +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 Exim version x.yz .... configuration file is TESTSUITE/test-config diff --git a/test/stderr/2600 b/test/stderr/2600 index 4e9974733..599be797a 100644 --- a/test/stderr/2600 +++ b/test/stderr/2600 @@ -439,6 +439,7 @@ lock file created mailbox TESTSUITE/test-mail/userx is locked writing to file TESTSUITE/test-mail/userx writing data block fd=dddd size=sss timeout=0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 writing data block fd=dddd size=sss timeout=0 appendfile yields 0 with errno=dd more_errno=dd diff --git a/test/stderr/4520 b/test/stderr/4520 index c2a856bb1..c1bafcdcc 100644 --- a/test/stderr/4520 +++ b/test/stderr/4520 @@ -23,18 +23,18 @@ cmd buf flush ddd bytes SMTP<< 250 OK SMTP<< 250 Accepted SMTP<< 354 Enter message, ending with "." on a line by itself -PDKIM (checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +PDKIM (checking verify key)>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Raw record: v=DKIM1\;{SP}p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB v=DKIM1\ p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB Error while parsing public key record WARNING: bad dkim key in dns -PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< content{CR}{LF} PDKIM [test.ex] Body bytes hashed: 9 PDKIM [test.ex] Body hash computed: fc06f48221d98ad6106c3845b33a2a41152482ab9e697f736ad26db4853fa657 -PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>>>> +PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>> sender:CALLER_NAME{SP}{CR}{LF} message-id:{CR}{LF} from:nobody@example.com{CR}{LF} diff --git a/test/stderr/5004 b/test/stderr/5004 index ad5c9b331..bedf5be2e 100644 --- a/test/stderr/5004 +++ b/test/stderr/5004 @@ -155,6 +155,7 @@ created directory TESTSUITE/test-mail/new created directory TESTSUITE/test-mail/cur delivering in maildir format in TESTSUITE/test-mail writing to tmp/MAILDIR.mail.test.ex +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 renaming temporary file renamed tmp/MAILDIR.mail.test.ex as new/MAILDIR.mail.test.ex diff --git a/test/stderr/5005 b/test/stderr/5005 index 8b28b7055..a68bc11c9 100644 --- a/test/stderr/5005 +++ b/test/stderr/5005 @@ -149,6 +149,7 @@ delivering in maildir format in TESTSUITE/test-mail/nofile writing to tmp/MAILDIR.myhost.test.ex Exim quota = 500 old size = sssss this message = sss (included) file count quota = 0 count = 0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 added 'ddd 1' to maildirsize file renaming temporary file @@ -338,6 +339,7 @@ delivering in maildir format in TESTSUITE/test-mail/userx writing to tmp/MAILDIR.myhost.test.ex Exim quota = 500 old size = sssss this message = sss (included) file count quota = 0 count = 0 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 added 'ddd 1' to maildirsize file renaming temporary file diff --git a/test/stderr/5006 b/test/stderr/5006 index dce0d0050..771f5fd56 100644 --- a/test/stderr/5006 +++ b/test/stderr/5006 @@ -147,6 +147,7 @@ maildir_compute_size (timestamp_only): ddddddd returning maildir size=sss filecount=0 delivering in maildir format in TESTSUITE/test-mail/userx writing to tmp/MAILDIR.myhost.test.ex +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 added 'ddd 1' to maildirsize file renaming temporary file diff --git a/test/stderr/5008 b/test/stderr/5008 index fd4ae87ec..b3bf8f785 100644 --- a/test/stderr/5008 +++ b/test/stderr/5008 @@ -25,6 +25,7 @@ delivering in maildir format in TESTSUITE/test-mail/userx writing to tmp/MAILDIR.myhost.test.ex Exim quota = 1048576 old size = sssss this message = sss (included) file count quota = 0 count = -1 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 renaming temporary file renamed tmp/MAILDIR.myhost.test.ex as new/MAILDIR.myhost.test.ex @@ -64,6 +65,7 @@ delivering in maildir format in TESTSUITE/test-mail/userx writing to tmp/MAILDIR.myhost.test.ex Exim quota = 1048576 old size = sssss this message = sss (included) file count quota = 20 count = 4 +cannot use sendfile for body: spoolfile not wireformat writing data block fd=dddd size=sss timeout=0 renaming temporary file renamed tmp/MAILDIR.myhost.test.ex as new/MAILDIR.myhost.test.ex diff --git a/test/stdout/0906 b/test/stdout/0906 new file mode 100644 index 000000000..57be5fe3d --- /dev/null +++ b/test/stdout/0906 @@ -0,0 +1,123 @@ +Connecting to 127.0.0.1 port 1224 ... connected +??? 220 +<<< 220 testhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> EHLO test.com +??? 250- +<<< 250-testhost.test.ex Hello test.com [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-CHUNKING +??? 250 +<<< 250 HELP +>>> MAIL FROM: +??? 250 +<<< 250 OK +>>> RCPT TO: +??? 250 +<<< 250 Accepted +>>> BDAT 8408 LAST +>>> Subject: foo +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 +>>> .dot +>>> tail +??? 250- +<<< 250- 8408 byte chunk, total 8408 +??? 250 +<<< 250 OK id=10HmaX-0005vi-00 +>>> QUIT +End of script diff --git a/test/stdout/4530 b/test/stdout/4530 new file mode 100644 index 000000000..a1f5cb471 --- /dev/null +++ b/test/stdout/4530 @@ -0,0 +1,75 @@ +Connecting to 127.0.0.1 port 1224 ... connected +??? 220 +<<< 220 testhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> EHLO xxx +??? 250- +<<< 250-testhost.test.ex Hello xxx [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-CHUNKING +??? 250 +<<< 250 HELP +>>> MAIL FROM: +??? 250 +<<< 250 OK +>>> RCPT TO: +??? 250 +<<< 250 Accepted +>>> DATA +??? 354 +<<< 354 Enter message, ending with "." on a line by itself +>>> Subject: simple test +>>> +>>> Line 1: This is a simple test. +>>> Line 2: This is a simple test. +>>> ..Line 3 has a leading dot +>>> last line: 4 +>>> . +??? 250 +<<< 250 OK id=10HmaX-0005vi-00 +>>> QUIT +??? 221 +<<< 221 testhost.test.ex closing connection +End of script +Connecting to 127.0.0.1 port 1224 ... connected +??? 220 +<<< 220 testhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> EHLO xxx +??? 250- +<<< 250-testhost.test.ex Hello xxx [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-CHUNKING +??? 250 +<<< 250 HELP +>>> MAIL FROM: +??? 250 +<<< 250 OK +>>> RCPT TO: +??? 250 +<<< 250 Accepted +>>> BDAT 129 LAST +>>> Subject: simple test +>>> +>>> Line 1: This is a simple test. +>>> Line 2: This is a simple test. +>>> .Line 3 has a leading dot +>>> last line: 4 +??? 250- +<<< 250- 129 byte chunk, total 129 +??? 250 +<<< 250 OK id=10HmaZ-0005vi-00 +>>> QUIT +??? 221 +<<< 221 testhost.test.ex closing connection +End of script -- cgit v1.2.3 From b7e4352c99fe3dee2af93f06ef0ac74ee355d5ea Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 7 May 2017 15:37:18 +0100 Subject: Testsuite: add DANE testcase for TLSA lookup SERVFAIL --- test/confs/5840 | 4 ++-- test/dnszones-src/db.test.ex | 4 ++++ test/log/5840 | 3 +++ test/scripts/5840-DANE-OpenSSL/5840 | 15 +++++++++++++-- test/stderr/5840 | 15 +++++++-------- test/stdout/5840 | 10 ++++++---- 6 files changed, 35 insertions(+), 16 deletions(-) (limited to 'test/stderr') diff --git a/test/confs/5840 b/test/confs/5840 index ac3578dc9..01c114252 100644 --- a/test/confs/5840 +++ b/test/confs/5840 @@ -61,10 +61,10 @@ begin transports send_to_server: driver = smtp allow_localhost - port = PORT_D + port = ${if match {$host}{\Ntest.ex$\N} {PORT_D}{25}} hosts_try_dane = * - hosts_require_dane = !thishost.test.ex + hosts_require_dane = HOSTIPV4 tls_verify_cert_hostnames = ${if eq {OPT}{no_certname} {}{*}} tls_try_verify_hosts = thishost.test.ex tls_verify_certificates = CDIR2/ca_chain.pem diff --git a/test/dnszones-src/db.test.ex b/test/dnszones-src/db.test.ex index 349fbd4d3..50bd6b073 100644 --- a/test/dnszones-src/db.test.ex +++ b/test/dnszones-src/db.test.ex @@ -465,6 +465,10 @@ DNSSEC _1225._tcp.danelazy2 CNAME test.again.dns. DNSSEC dane.no.1 A HOSTIPV4 DNSSEC dane.no.2 A 127.0.0.1 +; a broken dane config (or under attack) where the TLSA lookup fails (as opposed to there not being one) +DNSSEC danebroken1 A 127.0.0.1 +_1225._tcp.danebroken1 CNAME test.fail.dns. + ; ------- Testing delays ------------ DELAY=500 delay500 A HOSTIPV4 diff --git a/test/log/5840 b/test/log/5840 index 8d309e088..d02a4c7d7 100644 --- a/test/log/5840 +++ b/test/log/5840 @@ -26,6 +26,7 @@ 1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@mxdanelazy.test.ex 1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@dane.no.1.test.ex 1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@dane.no.2.test.ex +1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@danebroken1.test.ex 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmbH-0005vi-00 H=danelazy.test.ex [ip4.ip4.ip4.ip4]: DANE error: tlsa lookup DEFER 1999-03-02 09:44:33 10HmbH-0005vi-00 H=danelazy2.test.ex [127.0.0.1]: DANE error: tlsa lookup DEFER @@ -35,6 +36,8 @@ 1999-03-02 09:44:33 10HmbI-0005vi-00 Completed 1999-03-02 09:44:33 10HmbJ-0005vi-00 H=dane.no.2.test.ex [127.0.0.1]: DANE error: tlsa lookup DEFER 1999-03-02 09:44:33 10HmbJ-0005vi-00 == CALLER@dane.no.2.test.ex R=client T=send_to_server defer (-36): DANE error: tlsa lookup DEFER +1999-03-02 09:44:33 10HmbK-0005vi-00 H=danebroken1.test.ex [127.0.0.1]: DANE error: tlsa lookup DEFER +1999-03-02 09:44:33 10HmbK-0005vi-00 == CALLER@danebroken1.test.ex R=client T=send_to_server defer (-36): DANE error: tlsa lookup DEFER 1999-03-02 09:44:33 End queue run: pid=pppp -qf ******** SERVER ******** diff --git a/test/scripts/5840-DANE-OpenSSL/5840 b/test/scripts/5840-DANE-OpenSSL/5840 index d1da54913..fdff36119 100644 --- a/test/scripts/5840-DANE-OpenSSL/5840 +++ b/test/scripts/5840-DANE-OpenSSL/5840 @@ -61,14 +61,25 @@ exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D exim -odq CALLER@mxdanelazy.test.ex Testing **** -### A server lacking a TLSA, required +### A server lacking a TLSA, dane required (should fail) exim -odq CALLER@dane.no.1.test.ex Testing **** -### A server lacking a TLSA, requested only +### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) exim -odq CALLER@dane.no.2.test.ex Testing **** +### A server where the A is dnssec and the TLSA _fails_ +exim -odq CALLER@danebroken1.test.ex +Testing +**** +# ### A server securely saying "no TLSA records here", dane required (should fail) +# exim -odq CALLER@dane.no.3.test.ex +# Testing +# ### A server securely saying "no TLSA records here", dane requested only (should transmit) +# exim -odq CALLER@dane.no.4.test.ex +# Testing +# **** exim -qf **** killdaemon diff --git a/test/stderr/5840 b/test/stderr/5840 index e4cf15c51..75f938ab4 100644 --- a/test/stderr/5840 +++ b/test/stderr/5840 @@ -20,10 +20,7 @@ >>> Attempting full verification using callout >>> callout cache: no domain record found for dane256ee.test.ex >>> callout cache: no address record found for rcptuser@dane256ee.test.ex -MUNGED: ::1 will be omitted in what follows ->>> get[host|ipnode]byname[2] looked up these IP addresses: ->>> name=thishost.test.ex address=127.0.0.1 ->>> ip4.ip4.ip4.ip4 in hosts_require_dane? yes (end of list) +>>> ip4.ip4.ip4.ip4 in hosts_require_dane? yes (matched "ip4.ip4.ip4.ip4") >>> interface=NULL port=1225 >>> Connecting to dane256ee.test.ex [ip4.ip4.ip4.ip4]:1225 ... connected >>> SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 @@ -73,8 +70,9 @@ LOG: unexpected disconnection while reading SMTP command from [127.0.0.1] ### A server with a nonverifying cert and no TLSA ### A server with a verifying cert and no TLSA ### A server with two MXs for which both TLSA lookups return defer -### A server lacking a TLSA, required -### A server lacking a TLSA, requested only +### A server lacking a TLSA, dane required (should fail) +### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) +### A server where the A is dnssec and the TLSA _fails_ ******** SERVER ******** ### TLSA (3 1 1) @@ -84,5 +82,6 @@ LOG: unexpected disconnection while reading SMTP command from [127.0.0.1] ### A server with a nonverifying cert and no TLSA ### A server with a verifying cert and no TLSA ### A server with two MXs for which both TLSA lookups return defer -### A server lacking a TLSA, required -### A server lacking a TLSA, requested only +### A server lacking a TLSA, dane required (should fail) +### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) +### A server where the A is dnssec and the TLSA _fails_ diff --git a/test/stdout/5840 b/test/stdout/5840 index 1d94564ad..5071e7de5 100644 --- a/test/stdout/5840 +++ b/test/stdout/5840 @@ -14,8 +14,9 @@ ### A server with a nonverifying cert and no TLSA ### A server with a verifying cert and no TLSA ### A server with two MXs for which both TLSA lookups return defer -### A server lacking a TLSA, required -### A server lacking a TLSA, requested only +### A server lacking a TLSA, dane required (should fail) +### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) +### A server where the A is dnssec and the TLSA _fails_ ******** SERVER ******** ### TLSA (3 1 1) @@ -25,5 +26,6 @@ ### A server with a nonverifying cert and no TLSA ### A server with a verifying cert and no TLSA ### A server with two MXs for which both TLSA lookups return defer -### A server lacking a TLSA, required -### A server lacking a TLSA, requested only +### A server lacking a TLSA, dane required (should fail) +### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) +### A server where the A is dnssec and the TLSA _fails_ -- cgit v1.2.3 From ce889807c90746896f1310e9f4957215f46f7836 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 7 May 2017 17:40:41 +0100 Subject: Testsuite: add DANE cases for DNS secure no-TLSA lookups --- test/dnszones-src/db.test.ex | 12 +++++++++++- test/log/5840 | 12 ++++++++++++ test/scripts/5840-DANE-OpenSSL/5840 | 15 ++++++++------- test/src/fakens.c | 16 ++++++++++++++-- test/stderr/5840 | 4 ++++ test/stdout/5840 | 4 ++++ 6 files changed, 53 insertions(+), 10 deletions(-) (limited to 'test/stderr') diff --git a/test/dnszones-src/db.test.ex b/test/dnszones-src/db.test.ex index 50bd6b073..f7c9e313b 100644 --- a/test/dnszones-src/db.test.ex +++ b/test/dnszones-src/db.test.ex @@ -461,7 +461,8 @@ DNSSEC danelazy2 A 127.0.0.1 DNSSEC _1225._tcp.danelazy CNAME test.again.dns. DNSSEC _1225._tcp.danelazy2 CNAME test.again.dns. -; hosts with no TLSA +; hosts with no TLSA (just missing here, hence the TLSA NXDMAIN is _insecure_; a broken dane config) +; 1 for dane-required, 2 for merely requested DNSSEC dane.no.1 A HOSTIPV4 DNSSEC dane.no.2 A 127.0.0.1 @@ -469,6 +470,15 @@ DNSSEC dane.no.2 A 127.0.0.1 DNSSEC danebroken1 A 127.0.0.1 _1225._tcp.danebroken1 CNAME test.fail.dns. +; a good dns config saying there is no dane support, by securely returning NOXDOMAIN for TLSA lookups +; 3 for dane-required, 4 for merely requested +; the TLSA data here is dummy; ignored +DNSSEC dane.no.3 A HOSTIPV4 +DNSSEC dane.no.4 A 127.0.0.1 + +DNSSEC NXDOMAIN _1225._tcp.dane.no.3 TLSA 2 0 1 eec923139018c540a344c5191660ecba1ac3708525a98bfc338e17f31d3fa741 +DNSSEC NXDOMAIN _1225._tcp.dane.no.4 TLSA 2 0 1 eec923139018c540a344c5191660ecba1ac3708525a98bfc338e17f31d3fa741 + ; ------- Testing delays ------------ DELAY=500 delay500 A HOSTIPV4 diff --git a/test/log/5840 b/test/log/5840 index d02a4c7d7..b2f949009 100644 --- a/test/log/5840 +++ b/test/log/5840 @@ -27,6 +27,8 @@ 1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@dane.no.1.test.ex 1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@dane.no.2.test.ex 1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@danebroken1.test.ex +1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@dane.no.3.test.ex +1999-03-02 09:44:33 10HmbM-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@dane.no.4.test.ex 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmbH-0005vi-00 H=danelazy.test.ex [ip4.ip4.ip4.ip4]: DANE error: tlsa lookup DEFER 1999-03-02 09:44:33 10HmbH-0005vi-00 H=danelazy2.test.ex [127.0.0.1]: DANE error: tlsa lookup DEFER @@ -38,6 +40,13 @@ 1999-03-02 09:44:33 10HmbJ-0005vi-00 == CALLER@dane.no.2.test.ex R=client T=send_to_server defer (-36): DANE error: tlsa lookup DEFER 1999-03-02 09:44:33 10HmbK-0005vi-00 H=danebroken1.test.ex [127.0.0.1]: DANE error: tlsa lookup DEFER 1999-03-02 09:44:33 10HmbK-0005vi-00 == CALLER@danebroken1.test.ex R=client T=send_to_server defer (-36): DANE error: tlsa lookup DEFER +1999-03-02 09:44:33 10HmbL-0005vi-00 ** CALLER@dane.no.3.test.ex R=client T=send_to_server: DANE error: tlsa lookup FAIL +1999-03-02 09:44:33 10HmbL-0005vi-00 CALLER@dane.no.3.test.ex: error ignored +1999-03-02 09:44:33 10HmbL-0005vi-00 Completed +1999-03-02 09:44:33 10HmbM-0005vi-00 [127.0.0.1] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock +1999-03-02 09:44:33 10HmbM-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" H="dane.no.4.test.ex" +1999-03-02 09:44:33 10HmbM-0005vi-00 => CALLER@dane.no.4.test.ex R=client T=send_to_server H=dane.no.4.test.ex [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbN-0005vi-00" +1999-03-02 09:44:33 10HmbM-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qf ******** SERVER ******** @@ -61,3 +70,6 @@ 1999-03-02 09:44:33 10HmbG-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbG-0005vi-00 Completed 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmbN-0005vi-00 <= <> H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for CALLER@dane.no.4.test.ex +1999-03-02 09:44:33 10HmbN-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbN-0005vi-00 Completed diff --git a/test/scripts/5840-DANE-OpenSSL/5840 b/test/scripts/5840-DANE-OpenSSL/5840 index fdff36119..142a25ad4 100644 --- a/test/scripts/5840-DANE-OpenSSL/5840 +++ b/test/scripts/5840-DANE-OpenSSL/5840 @@ -73,13 +73,14 @@ Testing exim -odq CALLER@danebroken1.test.ex Testing **** -# ### A server securely saying "no TLSA records here", dane required (should fail) -# exim -odq CALLER@dane.no.3.test.ex -# Testing -# ### A server securely saying "no TLSA records here", dane requested only (should transmit) -# exim -odq CALLER@dane.no.4.test.ex -# Testing -# **** +### A server securely saying "no TLSA records here", dane required (should fail) +exim -odq CALLER@dane.no.3.test.ex +Testing +**** +### A server securely saying "no TLSA records here", dane requested only (should transmit) +exim -odq CALLER@dane.no.4.test.ex +Testing +**** exim -qf **** killdaemon diff --git a/test/src/fakens.c b/test/src/fakens.c index 34f5ea670..583b01282 100644 --- a/test/src/fakens.c +++ b/test/src/fakens.c @@ -53,11 +53,15 @@ HOST_NOT_FOUND. Any DNS record line in a zone file can be prefixed with "DELAY=" and a number of milliseconds (followed by one space). -Any DNS record line in a zone file can be prefixed with "DNSSEC "; +Any DNS record line can be prefixed with "DNSSEC "; if all the records found by a lookup are marked as such then the response will have the "AD" bit set. -Any DNS record line in a zone file can be prefixed with "AA " +Any DNS record line can be prefixed with "NXDOMAIN "; +The record will be ignored (but the prefix set still applied); +This lets us return a DNSSEC NXDOMAIN. + +Any DNS record line can be prefixed with "AA " if all the records found by a lookup are marked as such then the response will have the "AA" bit set. @@ -354,6 +358,7 @@ while (fgets(CS buffer, sizeof(buffer), f) != NULL) int qtlen = qtypelen; BOOL rr_sec = FALSE; BOOL rr_aa = FALSE; + BOOL rr_ignore = FALSE; int delay = 0; uint ttl = DEFAULT_TTL; @@ -379,6 +384,11 @@ while (fgets(CS buffer, sizeof(buffer), f) != NULL) rr_sec = TRUE; p += 7; } + if (Ustrncmp(p, US"NXDOMAIN ", 9) == 0) /* ignore record content */ + { + rr_ignore = TRUE; + p += 9; + } else if (Ustrncmp(p, US"AA ", 3) == 0) /* tagged as authoritative */ { rr_aa = TRUE; @@ -464,6 +474,8 @@ while (fgets(CS buffer, sizeof(buffer), f) != NULL) if (aa && !rr_aa) *aa = FALSE; /* cancel AA return */ + if (rr_ignore) continue; + yield = 0; *countptr = *countptr + 1; diff --git a/test/stderr/5840 b/test/stderr/5840 index 75f938ab4..5ccf7cda0 100644 --- a/test/stderr/5840 +++ b/test/stderr/5840 @@ -73,6 +73,8 @@ LOG: unexpected disconnection while reading SMTP command from [127.0.0.1] ### A server lacking a TLSA, dane required (should fail) ### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) ### A server where the A is dnssec and the TLSA _fails_ +### A server securely saying "no TLSA records here", dane required (should fail) +### A server securely saying "no TLSA records here", dane requested only (should transmit) ******** SERVER ******** ### TLSA (3 1 1) @@ -85,3 +87,5 @@ LOG: unexpected disconnection while reading SMTP command from [127.0.0.1] ### A server lacking a TLSA, dane required (should fail) ### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) ### A server where the A is dnssec and the TLSA _fails_ +### A server securely saying "no TLSA records here", dane required (should fail) +### A server securely saying "no TLSA records here", dane requested only (should transmit) diff --git a/test/stdout/5840 b/test/stdout/5840 index 5071e7de5..32425d2e2 100644 --- a/test/stdout/5840 +++ b/test/stdout/5840 @@ -17,6 +17,8 @@ ### A server lacking a TLSA, dane required (should fail) ### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) ### A server where the A is dnssec and the TLSA _fails_ +### A server securely saying "no TLSA records here", dane required (should fail) +### A server securely saying "no TLSA records here", dane requested only (should transmit) ******** SERVER ******** ### TLSA (3 1 1) @@ -29,3 +31,5 @@ ### A server lacking a TLSA, dane required (should fail) ### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) ### A server where the A is dnssec and the TLSA _fails_ +### A server securely saying "no TLSA records here", dane required (should fail) +### A server securely saying "no TLSA records here", dane requested only (should transmit) -- cgit v1.2.3 From 8b6b06fe3e009cb89ae7923b890e75f9dcd50118 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 21 May 2017 16:42:05 +0100 Subject: Debug: more info during server-side authentication --- src/src/smtp_in.c | 40 ++++++++++++++++++++++++---------------- test/stderr/3400 | 7 +++++++ 2 files changed, 31 insertions(+), 16 deletions(-) (limited to 'test/stderr') diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 5ff1b7f32..0ffa21939 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -4230,26 +4230,34 @@ while (done <= 0) auth_instance *au; BOOL first = TRUE; for (au = auths; au; au = au->next) - if (au->server && (au->advertise_condition == NULL || - expand_check_condition(au->advertise_condition, au->name, - US"authenticator"))) + { + au->advertised = FALSE; + if (au->server) { - int saveptr; - if (first) + DEBUG(D_auth+D_expand) debug_printf_indent( + "Evaluating advertise_condition for %s athenticator\n", + au->public_name); + if ( !au->advertise_condition + || expand_check_condition(au->advertise_condition, au->name, + US"authenticator") + ) { - s = string_catn(s, &size, &ptr, smtp_code, 3); - s = string_catn(s, &size, &ptr, US"-AUTH", 5); - first = FALSE; - auth_advertised = TRUE; + int saveptr; + if (first) + { + s = string_catn(s, &size, &ptr, smtp_code, 3); + s = string_catn(s, &size, &ptr, US"-AUTH", 5); + first = FALSE; + auth_advertised = TRUE; + } + saveptr = ptr; + s = string_catn(s, &size, &ptr, US" ", 1); + s = string_cat (s, &size, &ptr, au->public_name); + while (++saveptr < ptr) s[saveptr] = toupper(s[saveptr]); + au->advertised = TRUE; } - saveptr = ptr; - s = string_catn(s, &size, &ptr, US" ", 1); - s = string_cat (s, &size, &ptr, au->public_name); - while (++saveptr < ptr) s[saveptr] = toupper(s[saveptr]); - au->advertised = TRUE; } - else - au->advertised = FALSE; + } if (!first) s = string_catn(s, &size, &ptr, US"\r\n", 2); } diff --git a/test/stderr/3400 b/test/stderr/3400 index 99e927c6b..78b0e158f 100644 --- a/test/stderr/3400 +++ b/test/stderr/3400 @@ -440,6 +440,13 @@ host in "10.0.0.1"? no (end of list) host in "10.0.0.4"? no (end of list) host in "10.0.0.3 : 10.0.0.4"? no (end of list) host in auth_advertise_hosts? yes (matched "10.0.0.5") +Evaluating advertise_condition for mylogin athenticator +Evaluating advertise_condition for PLAIN athenticator +Evaluating advertise_condition for EXPLAIN athenticator +Evaluating advertise_condition for EXPANDED athenticator +Evaluating advertise_condition for EXPANDFAIL athenticator +Evaluating advertise_condition for DEFER athenticator +Evaluating advertise_condition for LOGIN athenticator host in chunking_advertise_hosts? no (end of list) SMTP>> 250-myhost.test.ex Hello CALLER at testing.testing [10.0.0.5] 250-SIZE 52428800 -- cgit v1.2.3 From 087b6b26fa9be49f9ce52bf8941b5a69d1ec31ce Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 2 Jun 2017 11:58:28 +0100 Subject: Testsuite: stabilize output sequence for 2x35/6 --- test/confs/2035 | 75 +++++++++++++++++------------------------- test/confs/2135 | 74 +++++++++++++++++------------------------ test/log/2035 | 10 +++--- test/log/2036 | 22 +++++-------- test/log/2037 | 8 ++--- test/log/2135 | 10 +++--- test/log/2136 | 24 +++++--------- test/log/2137 | 2 -- test/rejectlog/2037 | 9 +++-- test/scripts/2000-GnuTLS/2035 | 9 +++-- test/scripts/2000-GnuTLS/2036 | 6 ++++ test/scripts/2000-GnuTLS/2037 | 4 +-- test/scripts/2100-OpenSSL/2135 | 9 +++-- test/scripts/2100-OpenSSL/2136 | 4 +++ test/stderr/2035 | 73 ++++++++++++++++++++++++++++++++++++++++ test/stderr/2135 | 73 ++++++++++++++++++++++++++++++++++++++++ 16 files changed, 266 insertions(+), 146 deletions(-) create mode 100644 test/stderr/2035 create mode 100644 test/stderr/2135 (limited to 'test/stderr') diff --git a/test/confs/2035 b/test/confs/2035 index 52b9456b1..f7f225746 100644 --- a/test/confs/2035 +++ b/test/confs/2035 @@ -1,6 +1,4 @@ -# Exim test configuration 2035 - -OPT = +# Exim test configuration 2135 .include DIR/aux-var/tls_conf_prefix @@ -15,73 +13,62 @@ primary_hostname = myhost.test.ex # ----- Main settings ----- -acl_smtp_rcpt = check_rcpt -acl_smtp_data = check_data +.ifdef SERVER +acl_smtp_rcpt = srvr_rcpt +acl_smtp_data = srvr_data +.else +acl_smtp_rcpt = client_rcpt +acl_smtp_data = client_data +.endif log_selector = +received_recipients +outgoing_port -OPT + +.ifdef SERVER +queue_only +queue_run_in_order = true +.endif # ----- ACLs ----- begin acl -check_rcpt: +client_rcpt: accept - condition = ${if or { {!eq {SERVER}{server}} {= {$received_port}{PORT_S}} }} verify = recipient/callout=use_sender,hold - defer condition = ${if eq {SERVER}{server}} - local_parts = rcpt_defer + +client_data: accept -check_data: - warn logwrite = received on port $received_port - defer condition = ${if eq {SERVER}{server}} - condition = ${if eq {data_defer}{${local_part:$recipients}}} +srvr_rcpt: + defer local_parts = rcpt_defer accept -delay: - warn condition = ${if = {$received_port}{PORT_D}} - delay = 1s +srvr_data: + defer condition = ${if eq {data_defer}{${local_part:$recipients}}} accept # ----- Routers ----- begin routers -.ifdef SERVER - target: - driver = redirect - condition = ${if = {$received_port}{PORT_D}} - address_data = ${acl {delay}} - data = :blackhole: - -dut: - driver = manualroute - route_list = * 127.0.0.1 - self = send - transport = t1 - -.else + driver = redirect + condition = ${if or {{eq {SERVER}{server}} {queue_running}}} + data = :blackhole: client: - driver = manualroute - route_list = * 127.0.0.1 - self = send - transport = t1 - errors_to = "" - -.endif - + driver = manualroute + route_list= * 127.0.0.1::PORT_D + self = send + transport = t1 + errors_to = "" begin transports t1: - driver = smtp - port = PORT_D - tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem - tls_verify_cert_hostnames = : - + driver = smtp + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_verify_cert_hostnames = : # ----- Retry ----- begin retry diff --git a/test/confs/2135 b/test/confs/2135 index 68762146c..f7f225746 100644 --- a/test/confs/2135 +++ b/test/confs/2135 @@ -1,7 +1,5 @@ # Exim test configuration 2135 -OPT = - .include DIR/aux-var/tls_conf_prefix .ifdef SERVER @@ -15,77 +13,65 @@ primary_hostname = myhost.test.ex # ----- Main settings ----- -acl_smtp_rcpt = check_rcpt -acl_smtp_data = check_data +.ifdef SERVER +acl_smtp_rcpt = srvr_rcpt +acl_smtp_data = srvr_data +.else +acl_smtp_rcpt = client_rcpt +acl_smtp_data = client_data +.endif log_selector = +received_recipients +outgoing_port -OPT + +.ifdef SERVER +queue_only +queue_run_in_order = true +.endif # ----- ACLs ----- begin acl -check_rcpt: +client_rcpt: accept - condition = ${if or { {!eq {SERVER}{server}} {= {$received_port}{PORT_S}} }} verify = recipient/callout=use_sender,hold - defer condition = ${if eq {SERVER}{server}} - local_parts = rcpt_defer + +client_data: accept -check_data: - warn logwrite = received on port $received_port - defer condition = ${if eq {SERVER}{server}} - condition = ${if eq {data_defer}{${local_part:$recipients}}} +srvr_rcpt: + defer local_parts = rcpt_defer accept -delay: - warn condition = ${if = {$received_port}{PORT_D}} - delay = 1s +srvr_data: + defer condition = ${if eq {data_defer}{${local_part:$recipients}}} accept # ----- Routers ----- begin routers -.ifdef SERVER - target: - driver = redirect - condition = ${if = {$received_port}{PORT_D}} - address_data = ${acl {delay}} - data = :blackhole: - -dut: - driver = manualroute - route_list = * 127.0.0.1 - self = send - transport = t1 - -.else + driver = redirect + condition = ${if or {{eq {SERVER}{server}} {queue_running}}} + data = :blackhole: client: - driver = manualroute - route_list = * 127.0.0.1 - self = send - transport = t1 - errors_to = "" - -.endif - + driver = manualroute + route_list= * 127.0.0.1::PORT_D + self = send + transport = t1 + errors_to = "" begin transports t1: - driver = smtp - port = PORT_D - tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem - tls_verify_cert_hostnames = : - + driver = smtp + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_verify_cert_hostnames = : # ----- Retry ----- begin retry * * F,5d,10s - # End diff --git a/test/log/2035 b/test/log/2035 index 5d7edb1d0..423d9be13 100644 --- a/test/log/2035 +++ b/test/log/2035 @@ -1,11 +1,11 @@ -1999-03-02 09:44:33 10HmaX-0005vi-00 received on port 0 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for userb@test.ex -1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 10HmaY-0005vi-00 received on port 1225 1999-03-02 09:44:33 10HmaY-0005vi-00 <= usera@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for userb@test.ex -1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target -1999-03-02 09:44:33 10HmaY-0005vi-00 Completed diff --git a/test/log/2036 b/test/log/2036 index 17125939d..33b6423ef 100644 --- a/test/log/2036 +++ b/test/log/2036 @@ -1,18 +1,14 @@ +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmaX-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 -1999-03-02 09:44:33 10HmaX-0005vi-00 received on port 1224 1999-03-02 09:44:33 10HmaX-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd@test.ex -1999-03-02 09:44:33 10HmaY-0005vi-00 received on port 1225 -1999-03-02 09:44:33 10HmaY-0005vi-00 <= userc@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss for userd@test.ex -1999-03-02 09:44:33 10HmaX-0005vi-00 => userd@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" -1999-03-02 09:44:33 10HmaX-0005vi-00 Completed -1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target -1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 -1999-03-02 09:44:33 10HmaZ-0005vi-00 received on port 1224 -1999-03-02 09:44:33 10HmaZ-0005vi-00 <= usere@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userf@test.ex -1999-03-02 09:44:33 10HmbA-0005vi-00 received on port 1225 -1999-03-02 09:44:33 10HmbA-0005vi-00 <= usere@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss for userf@test.ex -1999-03-02 09:44:33 10HmaZ-0005vi-00 => userf@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 C="250 OK id=10HmbA-0005vi-00" -1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmaY-0005vi-00 <= usere@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userf@test.ex diff --git a/test/log/2037 b/test/log/2037 index 4ca37620f..ac307f28d 100644 --- a/test/log/2037 +++ b/test/log/2037 @@ -1,10 +1,8 @@ -1999-03-02 09:44:33 U=CALLER F= temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later -1999-03-02 09:44:33 10HmaY-0005vi-00 received on port 0 +1999-03-02 09:44:33 U=CALLER F=<> temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for data_defer@test.ex 1999-03-02 09:44:33 10HmaY-0005vi-00 == data_defer@test.ex R=client T=t1 defer (-46) H=127.0.0.1 [127.0.0.1]:1111: SMTP error from remote mail server after end of data: 451 Temporary local problem - please try later ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected RCPT -1999-03-02 09:44:33 10HmaX-0005vi-00 received on port 1225 -1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected after DATA +1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F=<> temporarily rejected RCPT +1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F=<> temporarily rejected after DATA diff --git a/test/log/2135 b/test/log/2135 index daade7dd3..ee8d8709a 100644 --- a/test/log/2135 +++ b/test/log/2135 @@ -1,11 +1,11 @@ -1999-03-02 09:44:33 10HmaX-0005vi-00 received on port 0 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for userb@test.ex -1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 10HmaY-0005vi-00 received on port 1225 1999-03-02 09:44:33 10HmaY-0005vi-00 <= usera@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for userb@test.ex -1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target -1999-03-02 09:44:33 10HmaY-0005vi-00 Completed diff --git a/test/log/2136 b/test/log/2136 index 027ea881e..33b6423ef 100644 --- a/test/log/2136 +++ b/test/log/2136 @@ -1,20 +1,14 @@ +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmaX-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 -1999-03-02 09:44:33 10HmaX-0005vi-00 received on port 1224 1999-03-02 09:44:33 10HmaX-0005vi-00 <= userc@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userd@test.ex -1999-03-02 09:44:33 10HmaY-0005vi-00 received on port 1225 -1999-03-02 09:44:33 10HmaY-0005vi-00 <= userc@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss for userd@test.ex -1999-03-02 09:44:33 10HmaX-0005vi-00 => userd@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" -1999-03-02 09:44:33 10HmaX-0005vi-00 Completed -1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target -1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224 -1999-03-02 09:44:33 10HmaZ-0005vi-00 received on port 1224 -1999-03-02 09:44:33 10HmaZ-0005vi-00 <= usere@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userf@test.ex -1999-03-02 09:44:33 10HmbA-0005vi-00 received on port 1225 -1999-03-02 09:44:33 10HmbA-0005vi-00 <= usere@ok.example H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss for userf@test.ex -1999-03-02 09:44:33 10HmaZ-0005vi-00 => userf@test.ex R=dut T=t1 H=127.0.0.1 [127.0.0.1]:1225 C="250 OK id=10HmbA-0005vi-00" -1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed -1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=target -1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 10HmaY-0005vi-00 <= usere@ok.example H=(test.ex) [127.0.0.1] P=esmtp S=sss for userf@test.ex diff --git a/test/log/2137 b/test/log/2137 index 5d0436069..360f31ed6 100644 --- a/test/log/2137 +++ b/test/log/2137 @@ -1,10 +1,8 @@ 1999-03-02 09:44:33 U=CALLER F=<> temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later -1999-03-02 09:44:33 10HmaY-0005vi-00 received on port 0 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for data_defer@test.ex 1999-03-02 09:44:33 10HmaY-0005vi-00 == data_defer@test.ex R=client T=t1 defer (-46) H=127.0.0.1 [127.0.0.1]:1111: SMTP error from remote mail server after end of data: 451 Temporary local problem - please try later ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no F=<> temporarily rejected RCPT -1999-03-02 09:44:33 10HmaX-0005vi-00 received on port 1225 1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no F=<> temporarily rejected after DATA diff --git a/test/rejectlog/2037 b/test/rejectlog/2037 index 19259d512..210641393 100644 --- a/test/rejectlog/2037 +++ b/test/rejectlog/2037 @@ -1,14 +1,13 @@ -1999-03-02 09:44:33 U=CALLER F= temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later +1999-03-02 09:44:33 U=CALLER F=<> temporarily rejected RCPT : Could not complete recipient verify callout: 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 451 Temporary local problem - please try later ******** SERVER ******** -1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected RCPT -1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F= temporarily rejected after DATA -Envelope-from: +1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F=<> temporarily rejected RCPT +1999-03-02 09:44:33 10HmaX-0005vi-00 H=localhost (myhost.test.ex) [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no F=<> temporarily rejected after DATA +Envelope-from: <> Envelope-to: P Received: from localhost ([127.0.0.1] helo=myhost.test.ex) by myhost.test.ex with esmtps (TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256) (Exim x.yz) - (envelope-from ) id 10HmaX-0005vi-00 for data_defer@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz) diff --git a/test/scripts/2000-GnuTLS/2035 b/test/scripts/2000-GnuTLS/2035 index 557a04e0f..94923aa60 100644 --- a/test/scripts/2000-GnuTLS/2035 +++ b/test/scripts/2000-GnuTLS/2035 @@ -6,9 +6,10 @@ need_ipv4 exim -bd -DSERVER=server -oX PORT_D **** # -# a recipient verify and continued-delivery +# A recipient verify and continued-delivery. The debug output should show "already connected to", +# "proxied TLS", and the DATA smtp command only done by the transport process. # cmdline -bs send -exim -bs +exim -d-all+transport -bs mail from: rcpt to: data @@ -18,8 +19,10 @@ body . quit **** -sleep 3 +sleep 1 killdaemon +exim -q +**** # # no_stdout_check diff --git a/test/scripts/2000-GnuTLS/2036 b/test/scripts/2000-GnuTLS/2036 index 76a55e227..cd6e9a121 100644 --- a/test/scripts/2000-GnuTLS/2036 +++ b/test/scripts/2000-GnuTLS/2036 @@ -2,6 +2,7 @@ gnutls need_ipv4 # +# a recipient verify and continued-delivery # smtp send # a tls-capable target for the verify/delivery connection on PORT_D # plus a daemon under test on PORT_S @@ -33,6 +34,8 @@ QUIT **** sleep 3 killdaemon +exim -q +**** # # # smtp send, deliver_drop_priv @@ -64,6 +67,9 @@ QUIT **** sleep 3 killdaemon +exim -q +**** +# # # no_stdout_check diff --git a/test/scripts/2000-GnuTLS/2037 b/test/scripts/2000-GnuTLS/2037 index 37891ad1a..ad13a3f94 100644 --- a/test/scripts/2000-GnuTLS/2037 +++ b/test/scripts/2000-GnuTLS/2037 @@ -6,7 +6,7 @@ exim -bd -DSERVER=server -oX PORT_D **** # cmdline -bs send, rcpt-time defer exim -bs -mail from: +mail from:<> rcpt to: quit **** @@ -14,7 +14,7 @@ sleep 3 # # cmdline -bs send, data-time defer exim -bs -mail from: +mail from:<> rcpt to: data Subject: test diff --git a/test/scripts/2100-OpenSSL/2135 b/test/scripts/2100-OpenSSL/2135 index 1f760e4ef..ff460c671 100644 --- a/test/scripts/2100-OpenSSL/2135 +++ b/test/scripts/2100-OpenSSL/2135 @@ -5,9 +5,10 @@ need_ipv4 exim -bd -DSERVER=server -oX PORT_D **** # -# a recipient verify and continued-delivery +# A recipient verify and continued-delivery. The debug output should show "already connected to", +# "proxied TLS", and the DATA smtp command only done by the transport process. # cmdline -bs send -exim -bs +exim -d-all+transport -bs mail from: rcpt to: data @@ -17,8 +18,10 @@ body . quit **** -sleep 3 +sleep 1 killdaemon +exim -q +**** # # no_stdout_check diff --git a/test/scripts/2100-OpenSSL/2136 b/test/scripts/2100-OpenSSL/2136 index c18cf946c..396075cc1 100644 --- a/test/scripts/2100-OpenSSL/2136 +++ b/test/scripts/2100-OpenSSL/2136 @@ -33,6 +33,8 @@ QUIT **** sleep 3 killdaemon +exim -q +**** # # # smtp send, deliver_drop_priv @@ -64,6 +66,8 @@ QUIT **** sleep 3 killdaemon +exim -q +**** # # # diff --git a/test/stderr/2035 b/test/stderr/2035 new file mode 100644 index 000000000..aa0e43805 --- /dev/null +++ b/test/stderr/2035 @@ -0,0 +1,73 @@ +Exim version x.yz .... +configuration file is TESTSUITE/test-config +admin user +LOG: smtp_connection MAIN + SMTP connection from CALLER +Transport port=25 replaced by host-specific port=1225 +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250-STARTTLS + 250 HELP + SMTP>> STARTTLS +cmd buf flush ddd bytes + SMTP<< 220 TLS go ahead + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP +using PIPELINING +not using DSN + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted +LOG: MAIN + <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss +LOG: smtp_connection MAIN + SMTP connection from CALLER closed by QUIT +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user +>>>>>>>>>>>>>>>> Remote deliveries >>>>>>>>>>>>>>>> +--------> userb@test.ex <-------- +t1 transport entered + userb@test.ex +hostlist: + 127.0.0.1:1225 +already connected to 127.0.0.1 [127.0.0.1] (on fd 0) +checking status of 127.0.0.1 +127.0.0.1 [127.0.0.1]:1111 retry-status = usable +delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (userb@test.ex) +continued connection, proxied TLS + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP>> writing message and terminating "." +cannot use sendfile for body: spoolfile not wireformat +writing data block fd=dddd size=sss timeout=300 + SMTP<< 250 OK id=10HmaY-0005vi-00 +ok=1 send_quit=1 send_rset=0 continue_more=0 yield=0 first_address is NULL + SMTP>> QUIT +cmd buf flush ddd bytes + SMTP(close)>> +Leaving t1 transport +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +LOG: MAIN + => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" +LOG: MAIN + Completed +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> + +******** SERVER ******** diff --git a/test/stderr/2135 b/test/stderr/2135 new file mode 100644 index 000000000..c61239a11 --- /dev/null +++ b/test/stderr/2135 @@ -0,0 +1,73 @@ +Exim version x.yz .... +configuration file is TESTSUITE/test-config +admin user +LOG: smtp_connection MAIN + SMTP connection from CALLER +Transport port=25 replaced by host-specific port=1225 +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250-STARTTLS + 250 HELP + SMTP>> STARTTLS +cmd buf flush ddd bytes + SMTP<< 220 TLS go ahead + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP +using PIPELINING +not using DSN + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted +LOG: MAIN + <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss +LOG: smtp_connection MAIN + SMTP connection from CALLER closed by QUIT +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user +>>>>>>>>>>>>>>>> Remote deliveries >>>>>>>>>>>>>>>> +--------> userb@test.ex <-------- +t1 transport entered + userb@test.ex +hostlist: + 127.0.0.1:1225 +already connected to 127.0.0.1 [127.0.0.1] (on fd 0) +checking status of 127.0.0.1 +127.0.0.1 [127.0.0.1]:1111 retry-status = usable +delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (userb@test.ex) +continued connection, proxied TLS + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP>> writing message and terminating "." +cannot use sendfile for body: spoolfile not wireformat +writing data block fd=dddd size=sss timeout=300 + SMTP<< 250 OK id=10HmaY-0005vi-00 +ok=1 send_quit=1 send_rset=0 continue_more=0 yield=0 first_address is NULL + SMTP>> QUIT +cmd buf flush ddd bytes + SMTP(close)>> +Leaving t1 transport +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +LOG: MAIN + => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" +LOG: MAIN + Completed +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> + +******** SERVER ******** -- cgit v1.2.3 From a843a57ecb56c45c42bd0e8e8bd66defe48bb6bd Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 2 Jun 2017 14:22:42 +0100 Subject: Fix logging of delivery port for callout lazy-close, when port specified by router --- doc/doc-txt/ChangeLog | 3 +++ src/src/transports/smtp.c | 19 ++++++++++--------- test/log/2035 | 2 +- test/log/2135 | 2 +- test/stderr/2035 | 3 ++- test/stderr/2135 | 3 ++- 6 files changed, 19 insertions(+), 13 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 7f2e9d097..336935329 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -106,6 +106,9 @@ JH/15 Fix a crash in the smtp transport caused when two hosts in succession are unsuable for non-message-specific reasons - eg. connection timeout, banner-time rejection. +JH/16 Fix logging of delivery remote port, when specified by router, under + callout/hold. + Exim version 4.89 ----------------- diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index dc9e03be1..d6a52034b 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -1846,7 +1846,7 @@ else else { sx->inblock.sock = sx->outblock.sock = 0; /* stdin */ - sx->host->port = sx->port; /* Record the port that was used */ + smtp_port_for_connect(sx->host, sx->port); /* Record the port that was used */ } smtp_command = big_buffer; sx->helo_data = NULL; /* ensure we re-expand ob->helo_data */ @@ -2660,7 +2660,8 @@ Arguments: failed by one of them. host host to deliver to host_af AF_INET or AF_INET6 - port default TCP/IP port to use, in host byte order + defport default TCP/IP port to use if host does not specify, in host + byte order interface interface to bind to, or NULL tblock transport instance block message_defer set TRUE if yield is OK, but all addresses were deferred @@ -2682,7 +2683,7 @@ Returns: OK - the connection was made and the delivery attempted; */ static int -smtp_deliver(address_item *addrlist, host_item *host, int host_af, int port, +smtp_deliver(address_item *addrlist, host_item *host, int host_af, int defport, uschar *interface, transport_instance *tblock, BOOL *message_defer, BOOL suppress_tls) { @@ -2705,7 +2706,7 @@ suppress_tls = suppress_tls; /* stop compiler warning when no TLS support */ sx.addrlist = addrlist; sx.host = host; sx.host_af = host_af, -sx.port = port; +sx.port = defport; sx.interface = interface; sx.helo_data = NULL; sx.tblock = tblock; @@ -3661,7 +3662,7 @@ smtp_transport_entry( address_item *addrlist) /* addresses we are working on */ { int cutoff_retry; -int port; +int defport; int hosts_defer = 0; int hosts_fail = 0; int hosts_looked_up = 0; @@ -3816,7 +3817,7 @@ else if (ob->hosts_randomize && hostlist->mx == MX_NONE && !continue_hostname) /* Sort out the default port. */ -if (!smtp_get_port(ob->port, addrlist, &port, tid)) return FALSE; +if (!smtp_get_port(ob->port, addrlist, &defport, tid)) return FALSE; /* For each host-plus-IP-address on the list: @@ -4055,7 +4056,7 @@ for (cutoff_retry = 0; the default. */ pistring = string_sprintf(":%d", host->port == PORT_NONE - ? port : host->port); + ? defport : host->port); if (Ustrcmp(pistring, ":25") == 0) pistring = US""; /* Select IPv4 or IPv6, and choose an outgoing interface. If the interface @@ -4255,7 +4256,7 @@ for (cutoff_retry = 0; /* Attempt the delivery. */ total_hosts_tried++; - rc = smtp_deliver(addrlist, thost, host_af, port, interface, tblock, + rc = smtp_deliver(addrlist, thost, host_af, defport, interface, tblock, &message_defer, FALSE); /* Yield is one of: @@ -4302,7 +4303,7 @@ for (cutoff_retry = 0; "%s: delivering unencrypted to H=%s [%s] (not in hosts_require_tls)", first_addr->message, host->name, host->address); first_addr = prepare_addresses(addrlist, host); - rc = smtp_deliver(addrlist, thost, host_af, port, interface, tblock, + rc = smtp_deliver(addrlist, thost, host_af, defport, interface, tblock, &message_defer, TRUE); if (rc == DEFER && first_addr->basic_errno != ERRNO_AUTHFAIL) write_logs(first_addr, host); diff --git a/test/log/2035 b/test/log/2035 index 423d9be13..ea335213a 100644 --- a/test/log/2035 +++ b/test/log/2035 @@ -1,5 +1,5 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for userb@test.ex -1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 Start queue run: pid=pppp 1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target diff --git a/test/log/2135 b/test/log/2135 index ee8d8709a..50a8dbc19 100644 --- a/test/log/2135 +++ b/test/log/2135 @@ -1,5 +1,5 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss for userb@test.ex -1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 Start queue run: pid=pppp 1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=target diff --git a/test/stderr/2035 b/test/stderr/2035 index aa0e43805..e37495092 100644 --- a/test/stderr/2035 +++ b/test/stderr/2035 @@ -50,6 +50,7 @@ already connected to 127.0.0.1 [127.0.0.1] (on fd 0) checking status of 127.0.0.1 127.0.0.1 [127.0.0.1]:1111 retry-status = usable delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (userb@test.ex) +Transport port=25 replaced by host-specific port=1225 continued connection, proxied TLS SMTP>> DATA cmd buf flush ddd bytes @@ -65,7 +66,7 @@ cmd buf flush ddd bytes Leaving t1 transport >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" + => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmaY-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stderr/2135 b/test/stderr/2135 index c61239a11..5a4de14ec 100644 --- a/test/stderr/2135 +++ b/test/stderr/2135 @@ -50,6 +50,7 @@ already connected to 127.0.0.1 [127.0.0.1] (on fd 0) checking status of 127.0.0.1 127.0.0.1 [127.0.0.1]:1111 retry-status = usable delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (userb@test.ex) +Transport port=25 replaced by host-specific port=1225 continued connection, proxied TLS SMTP>> DATA cmd buf flush ddd bytes @@ -65,7 +66,7 @@ cmd buf flush ddd bytes Leaving t1 transport >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:25 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" + => userb@test.ex R=client T=t1 H=127.0.0.1 [127.0.0.1]:1225 X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmaY-0005vi-00" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -- cgit v1.2.3 From 2575efb776f2163ff6220bc597c4d1d53247f016 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 11 Jun 2017 21:03:21 +0100 Subject: Testsuite: testcase for continued-delivery with transport hosts_override --- test/confs/2113 | 10 ++++++ test/log/2113 | 25 +++++++++++++ test/scripts/2100-OpenSSL/2113 | 19 +++++++++- test/stderr/2113 | 79 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 132 insertions(+), 1 deletion(-) (limited to 'test/stderr') diff --git a/test/confs/2113 b/test/confs/2113 index bb64867a9..95b6842a9 100644 --- a/test/confs/2113 +++ b/test/confs/2113 @@ -29,6 +29,15 @@ tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} begin routers +.ifdef REQUIRE +cl_override: + driver = manualroute + route_data = HOSTIPV4 + retry_use_local_part + transport = send_to_server + self = send +.endif + client: driver = accept condition = ${if eq {SERVER}{server}{no}{yes}} @@ -54,6 +63,7 @@ local_delivery: send_to_server: driver = smtp allow_localhost + hosts_override hosts = 127.0.0.1 hosts_noproxy_tls = : port = PORT_D diff --git a/test/log/2113 b/test/log/2113 index 144154088..1d3ca3332 100644 --- a/test/log/2113 +++ b/test/log/2113 @@ -9,6 +9,17 @@ 1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbC-0005vi-00" 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qqf +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for usera@test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for userb@test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for userc@test.ex +1999-03-02 09:44:33 Start queue run: pid=pppp -qqf +1999-03-02 09:44:33 10HmbD-0005vi-00 => usera@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbG-0005vi-00" +1999-03-02 09:44:33 10HmbD-0005vi-00 Completed +1999-03-02 09:44:33 10HmbF-0005vi-00 => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbH-0005vi-00" +1999-03-02 09:44:33 10HmbF-0005vi-00 Completed +1999-03-02 09:44:33 10HmbE-0005vi-00 => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbI-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp -qqf ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 @@ -25,3 +36,17 @@ 1999-03-02 09:44:33 10HmbC-0005vi-00 => usery R=server T=local_delivery 1999-03-02 09:44:33 10HmbC-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qf +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1112 (TCP/IP connection count = 1) +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex for usera@test.ex +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex for userc@test.ex +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for userb@test.ex +1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1112 closed by QUIT +1999-03-02 09:44:33 Start queue run: pid=pppp -qf +1999-03-02 09:44:33 10HmbG-0005vi-00 => usera R=server T=local_delivery +1999-03-02 09:44:33 10HmbG-0005vi-00 Completed +1999-03-02 09:44:33 10HmbH-0005vi-00 => userc R=server T=local_delivery +1999-03-02 09:44:33 10HmbH-0005vi-00 Completed +1999-03-02 09:44:33 10HmbI-0005vi-00 => userb R=server T=local_delivery +1999-03-02 09:44:33 10HmbI-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/scripts/2100-OpenSSL/2113 b/test/scripts/2100-OpenSSL/2113 index e483763a3..3265b460d 100644 --- a/test/scripts/2100-OpenSSL/2113 +++ b/test/scripts/2100-OpenSSL/2113 @@ -10,7 +10,24 @@ Test message 2 exim userz@test.ex Test message 3 **** -exim -qqf -d-all+acl +exim -d-all+acl -qqf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** +# +exim -DSERVER=server -bd -oX PORT_D +**** +exim usera@test.ex +Test message 1 +**** +exim userb@test.ex +Test message 2 +**** +exim userc@test.ex +Test message 3 +**** +exim -DEQUIRE -d-all+acl -qqf **** killdaemon exim -DSERVER=server -DNOTDAEMON -qf diff --git a/test/stderr/2113 b/test/stderr/2113 index af5ff730f..35cdabe47 100644 --- a/test/stderr/2113 +++ b/test/stderr/2113 @@ -77,5 +77,84 @@ LOG: MAIN LOG: queue_run MAIN End queue run: pid=pppp -qqf >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +admin user +LOG: queue_run MAIN + Start queue run: pid=pppp -qqf +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250-STARTTLS + 250 HELP + SMTP>> STARTTLS +cmd buf flush ddd bytes + SMTP<< 220 TLS go ahead + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP<< 250 OK id=10HmbG-0005vi-00 +LOG: MAIN + => usera@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbG-0005vi-00" +LOG: MAIN + Completed +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP<< 250 OK id=10HmbH-0005vi-00 + SMTP(close)>> +LOG: MAIN + => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbH-0005vi-00" +LOG: MAIN + Completed +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP<< 250 OK id=10HmbI-0005vi-00 + SMTP>> QUIT +cmd buf flush ddd bytes + SMTP(close)>> +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +LOG: MAIN + => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbI-0005vi-00" +LOG: MAIN + Completed +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +LOG: queue_run MAIN + End queue run: pid=pppp -qqf +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> ******** SERVER ******** -- cgit v1.2.3 From e47252f5116d092a96bad199c9a17783885eeef6 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 11 Jun 2017 23:47:08 +0100 Subject: In tls-proxy process take case to close unused pipe ends, select also for exception conditions on data fds --- src/src/deliver.c | 7 +++++- src/src/transports/smtp.c | 39 ++++++++++++++++++++----------- test/log/2113 | 20 +++++++++------- test/mail/2113.usera | 18 +++++++++++++++ test/mail/2113.userb | 18 +++++++++++++++ test/mail/2113.userc | 18 +++++++++++++++ test/stderr/2113 | 59 ++++++++++++++++++++++++++++++++++++++--------- 7 files changed, 145 insertions(+), 34 deletions(-) create mode 100644 test/mail/2113.usera create mode 100644 test/mail/2113.userb create mode 100644 test/mail/2113.userc (limited to 'test/stderr') diff --git a/src/src/deliver.c b/src/src/deliver.c index fe156c696..0e59d5108 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -4468,7 +4468,10 @@ for (delivery_count = 0; addr_remote; delivery_count++) if (!ok) { - DEBUG(D_deliver) debug_printf("not suitable for continue_transport\n"); + DEBUG(D_deliver) debug_printf("not suitable for continue_transport (%s)\n", + Ustrcmp(continue_transport, tp->name) != 0 + ? string_sprintf("tpt %s vs %s", continue_transport, tp->name) + : string_sprintf("no host matching %s", continue_hostname)); if (serialize_key) enq_end(serialize_key); if (addr->fallback_hosts && !fallback) @@ -8467,12 +8470,14 @@ if (cutthrough.fd >= 0 && cutthrough.callout_hold_only) else if (pid == 0) /* child: fork again to totally dosconnect */ { + close(pfd[1]); if ((pid = fork())) _exit(pid ? EXIT_FAILURE : EXIT_SUCCESS); smtp_proxy_tls(big_buffer, big_buffer_size, pfd[0], 5*60); exim_exit(0); } + close(pfd[0]); waitpid(pid, NULL, 0); (void) close(channel_fd); /* release the client socket */ channel_fd = pfd[1]; diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index d6a52034b..fc2c0ea4d 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -2568,14 +2568,14 @@ Arguments: void smtp_proxy_tls(uschar * buf, size_t bsize, int proxy_fd, int timeout) { -fd_set fds; +fd_set rfds, efds; int max_fd = MAX(proxy_fd, tls_out.active) + 1; int rc, i, fd_bits, nbytes; set_process_info("proxying TLS connection for continued transport"); -FD_ZERO(&fds); -FD_SET(tls_out.active, &fds); -FD_SET(proxy_fd, &fds); +FD_ZERO(&rfds); +FD_SET(tls_out.active, &rfds); +FD_SET(proxy_fd, &rfds); for (fd_bits = 3; fd_bits; ) { @@ -2583,11 +2583,13 @@ for (fd_bits = 3; fd_bits; ) time_t time_start = time(NULL); /* wait for data */ + efds = rfds; do { struct timeval tv = { time_left, 0 }; - rc = select(max_fd, (SELECT_ARG2_TYPE *)&fds, NULL, NULL, &tv); + rc = select(max_fd, + (SELECT_ARG2_TYPE *)&rfds, NULL, (SELECT_ARG2_TYPE *)&efds, &tv); if (rc < 0 && errno == EINTR) if ((time_left -= time(NULL) - time_start) > 0) continue; @@ -2597,16 +2599,24 @@ for (fd_bits = 3; fd_bits; ) DEBUG(D_transport) if (rc == 0) debug_printf("%s: timed out\n", __FUNCTION__); return; } + + if (FD_ISSET(tls_out.active, &efds) || FD_ISSET(proxy_fd, &efds)) + { + DEBUG(D_transport) debug_printf("select: exceptional cond on %s fd\n", + FD_ISSET(proxy_fd, &efds) ? "proxy" : "tls"); + return; + } } - while (rc < 0 || !(FD_ISSET(tls_out.active, &fds) || FD_ISSET(proxy_fd, &fds))); + while (rc < 0 || !(FD_ISSET(tls_out.active, &rfds) || FD_ISSET(proxy_fd, &rfds))); /* handle inbound data */ - if (FD_ISSET(tls_out.active, &fds)) + if (FD_ISSET(tls_out.active, &rfds)) if ((rc = tls_read(FALSE, buf, bsize)) <= 0) { fd_bits &= ~1; - FD_CLR(tls_out.active, &fds); + FD_CLR(tls_out.active, &rfds); shutdown(proxy_fd, SHUT_WR); + timeout = 5; } else { @@ -2614,15 +2624,14 @@ for (fd_bits = 3; fd_bits; ) if ((i = write(proxy_fd, buf + nbytes, rc - nbytes)) < 0) return; } else if (fd_bits & 1) - FD_SET(tls_out.active, &fds); + FD_SET(tls_out.active, &rfds); /* handle outbound data */ - if (FD_ISSET(proxy_fd, &fds)) + if (FD_ISSET(proxy_fd, &rfds)) if ((rc = read(proxy_fd, buf, bsize)) <= 0) { - fd_bits &= ~2; - FD_CLR(proxy_fd, &fds); - shutdown(tls_out.active, SHUT_WR); + fd_bits = 0; + tls_close(FALSE, TRUE); } else { @@ -2631,7 +2640,7 @@ for (fd_bits = 3; fd_bits; ) return; } else if (fd_bits & 2) - FD_SET(proxy_fd, &fds); + FD_SET(proxy_fd, &rfds); } } #endif @@ -3458,6 +3467,7 @@ propagate it from the initial if (pid > 0) /* parent */ { DEBUG(D_transport) debug_printf("proxy-proc inter-pid %d\n", pid); + close(pfd[0]); waitpid(pid, NULL, 0); tls_close(FALSE, FALSE); (void)close(sx.inblock.sock); @@ -3467,6 +3477,7 @@ propagate it from the initial } else if (pid == 0) /* child; fork again to disconnect totally */ { + close(pfd[1]); if ((pid = fork())) { DEBUG(D_transport) debug_printf("proxy-prox final-pid %d\n", pid); diff --git a/test/log/2113 b/test/log/2113 index 1d3ca3332..056c28298 100644 --- a/test/log/2113 +++ b/test/log/2113 @@ -15,10 +15,10 @@ 1999-03-02 09:44:33 Start queue run: pid=pppp -qqf 1999-03-02 09:44:33 10HmbD-0005vi-00 => usera@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbG-0005vi-00" 1999-03-02 09:44:33 10HmbD-0005vi-00 Completed -1999-03-02 09:44:33 10HmbF-0005vi-00 => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbH-0005vi-00" -1999-03-02 09:44:33 10HmbF-0005vi-00 Completed -1999-03-02 09:44:33 10HmbE-0005vi-00 => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbI-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbH-0005vi-00" 1999-03-02 09:44:33 10HmbE-0005vi-00 Completed +1999-03-02 09:44:33 10HmbF-0005vi-00 => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbI-0005vi-00" +1999-03-02 09:44:33 10HmbF-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qqf ******** SERVER ******** @@ -39,14 +39,18 @@ 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1112 (TCP/IP connection count = 1) 1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex for usera@test.ex -1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex for userc@test.ex -1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for userb@test.ex -1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1112 closed by QUIT +1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1112 lost +1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1113 (TCP/IP connection count = 1) +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1113 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for userb@test.ex +1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1113 closed by QUIT +1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1114 (TCP/IP connection count = 1) +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1114 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex for userc@test.ex +1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1114 closed by QUIT 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmbG-0005vi-00 => usera R=server T=local_delivery 1999-03-02 09:44:33 10HmbG-0005vi-00 Completed -1999-03-02 09:44:33 10HmbH-0005vi-00 => userc R=server T=local_delivery +1999-03-02 09:44:33 10HmbH-0005vi-00 => userb R=server T=local_delivery 1999-03-02 09:44:33 10HmbH-0005vi-00 Completed -1999-03-02 09:44:33 10HmbI-0005vi-00 => userb R=server T=local_delivery +1999-03-02 09:44:33 10HmbI-0005vi-00 => userc R=server T=local_delivery 1999-03-02 09:44:33 10HmbI-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/mail/2113.usera b/test/mail/2113.usera new file mode 100644 index 000000000..43e950776 --- /dev/null +++ b/test/mail/2113.usera @@ -0,0 +1,18 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from localhost ([127.0.0.1]:1112 helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLSv1:AES256-SHA:256) + (Exim x.yz) + (envelope-from ) + id 10HmbG-0005vi-00 + for usera@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmbD-0005vi-00 + for usera@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLSv1:AES256-SHA:256 peerdn= + +Test message 1 + diff --git a/test/mail/2113.userb b/test/mail/2113.userb new file mode 100644 index 000000000..a19f5fd76 --- /dev/null +++ b/test/mail/2113.userb @@ -0,0 +1,18 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from localhost ([127.0.0.1]:1113 helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLSv1:AES256-SHA:256) + (Exim x.yz) + (envelope-from ) + id 10HmbH-0005vi-00 + for userb@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmbE-0005vi-00 + for userb@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLSv1:AES256-SHA:256 peerdn= + +Test message 2 + diff --git a/test/mail/2113.userc b/test/mail/2113.userc new file mode 100644 index 000000000..e623a0664 --- /dev/null +++ b/test/mail/2113.userc @@ -0,0 +1,18 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from localhost ([127.0.0.1]:1114 helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLSv1:AES256-SHA:256) + (Exim x.yz) + (envelope-from ) + id 10HmbI-0005vi-00 + for userc@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmbF-0005vi-00 + for userc@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLSv1:AES256-SHA:256 peerdn= + +Test message 3 + diff --git a/test/stderr/2113 b/test/stderr/2113 index 35cdabe47..8d25729d3 100644 --- a/test/stderr/2113 +++ b/test/stderr/2113 @@ -118,26 +118,65 @@ Exim version x.yz .... configuration file is TESTSUITE/test-config trusted user admin user +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250-STARTTLS + 250 HELP + SMTP>> STARTTLS +cmd buf flush ddd bytes + SMTP<< 220 TLS go ahead + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP SMTP>> MAIL FROM: SIZE=ssss - SMTP>> RCPT TO: + SMTP>> RCPT TO: SMTP>> DATA cmd buf flush ddd bytes SMTP<< 250 OK SMTP<< 250 Accepted SMTP<< 354 Enter message, ending with "." on a line by itself SMTP<< 250 OK id=10HmbH-0005vi-00 + SMTP>> QUIT +cmd buf flush ddd bytes SMTP(close)>> LOG: MAIN - => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbH-0005vi-00" + => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbH-0005vi-00" LOG: MAIN Completed ->>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -Exim version x.yz .... -configuration file is TESTSUITE/test-config -trusted user -admin user +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250-STARTTLS + 250 HELP + SMTP>> STARTTLS +cmd buf flush ddd bytes + SMTP<< 220 TLS go ahead + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP SMTP>> MAIL FROM: SIZE=ssss - SMTP>> RCPT TO: + SMTP>> RCPT TO: SMTP>> DATA cmd buf flush ddd bytes SMTP<< 250 OK @@ -147,12 +186,10 @@ cmd buf flush ddd bytes SMTP>> QUIT cmd buf flush ddd bytes SMTP(close)>> ->>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbI-0005vi-00" + => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbI-0005vi-00" LOG: MAIN Completed ->>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: queue_run MAIN End queue run: pid=pppp -qqf >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -- cgit v1.2.3 From e39fdc8556cb9c21af32e56b1a2aba69a2736f0b Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 11 Jun 2017 20:58:21 +0100 Subject: On a continued-transport delivery, do not check the hostlist for mismatch in the transport dispatch level when the transport does hosts-override. Instead do the full trasport process call and let it decide on compatibility with the connection. --- src/OS/Makefile-Base | 2 +- src/src/deliver.c | 32 ++++++++++++++---- test/confs/2013 | 11 ++++++ test/log/2013 | 25 ++++++++++++++ test/log/2113 | 20 +++++------ test/mail/2013.usera | 18 ++++++++++ test/mail/2013.userb | 18 ++++++++++ test/mail/2013.userc | 18 ++++++++++ test/mail/2113.userb | 4 +-- test/mail/2113.userc | 4 +-- test/scripts/2000-GnuTLS/2013 | 19 ++++++++++- test/stderr/2013 | 79 +++++++++++++++++++++++++++++++++++++++++++ test/stderr/2113 | 59 ++++++-------------------------- 13 files changed, 236 insertions(+), 73 deletions(-) create mode 100644 test/mail/2013.usera create mode 100644 test/mail/2013.userb create mode 100644 test/mail/2013.userc (limited to 'test/stderr') diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base index f3903180b..3b7246109 100644 --- a/src/OS/Makefile-Base +++ b/src/OS/Makefile-Base @@ -602,7 +602,7 @@ crypt16.o: $(HDRS) crypt16.c daemon.o: $(HDRS) daemon.c dbfn.o: $(HDRS) dbfn.c debug.o: $(HDRS) debug.c -deliver.o: $(HDRS) deliver.c +deliver.o: $(HDRS) transports/smtp.h deliver.c directory.o: $(HDRS) directory.c dns.o: $(HDRS) dns.c enq.o: $(HDRS) enq.c diff --git a/src/src/deliver.c b/src/src/deliver.c index 0e59d5108..e5c951560 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -9,6 +9,7 @@ #include "exim.h" +#include "transports/smtp.h" #include @@ -4453,14 +4454,31 @@ for (delivery_count = 0; addr_remote; delivery_count++) if (continue_transport) { BOOL ok = Ustrcmp(continue_transport, tp->name) == 0; - if (ok && addr->host_list) + + /* If the transport is about to override the host list do not check + it here but take the cost of running the transport process to discover + if the continued_hostname connection is suitable. This is a layering + violation which is unfortunate as it requires we haul in the smtp + include file. */ + + if (ok) { - host_item *h; - ok = FALSE; - for (h = addr->host_list; h; h = h->next) - if (Ustrcmp(h->name, continue_hostname) == 0) -/*XXX should also check port here */ - { ok = TRUE; break; } + smtp_transport_options_block * ob; + + if ( !( tp->info->driver_name == US"smtp" + && (ob = (smtp_transport_options_block *)tp->options_block) + && ob->hosts_override && ob->hosts + ) + && addr->host_list + ) + { + host_item * h; + ok = FALSE; + for (h = addr->host_list; h; h = h->next) + if (Ustrcmp(h->name, continue_hostname) == 0) + /*XXX should also check port here */ + { ok = TRUE; break; } + } } /* Addresses not suitable; defer or queue for fallback hosts (which diff --git a/test/confs/2013 b/test/confs/2013 index 45d683cb4..208e17c41 100644 --- a/test/confs/2013 +++ b/test/confs/2013 @@ -29,6 +29,15 @@ tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} begin routers +.ifdef REQUIRE +cl_override: + driver = manualroute + route_data = HOSTIPV4 + retry_use_local_part + transport = send_to_server + self = send +.endif + client: driver = accept condition = ${if eq {SERVER}{server}{no}{yes}} @@ -54,8 +63,10 @@ local_delivery: send_to_server: driver = smtp allow_localhost + hosts_override hosts = 127.0.0.1 hosts_noproxy_tls = : port = PORT_D + tls_try_verify_hosts = : # End diff --git a/test/log/2013 b/test/log/2013 index e66fdbfae..fc71b5f24 100644 --- a/test/log/2013 +++ b/test/log/2013 @@ -9,6 +9,17 @@ 1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbC-0005vi-00" 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qqf +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for usera@test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for userb@test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for userc@test.ex +1999-03-02 09:44:33 Start queue run: pid=pppp -qqf +1999-03-02 09:44:33 10HmbD-0005vi-00 => usera@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmbG-0005vi-00" +1999-03-02 09:44:33 10HmbD-0005vi-00 Completed +1999-03-02 09:44:33 10HmbF-0005vi-00 => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbH-0005vi-00" +1999-03-02 09:44:33 10HmbF-0005vi-00 Completed +1999-03-02 09:44:33 10HmbE-0005vi-00 => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbI-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp -qqf ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 @@ -25,3 +36,17 @@ 1999-03-02 09:44:33 10HmbC-0005vi-00 => usery R=server T=local_delivery 1999-03-02 09:44:33 10HmbC-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qf +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1112 (TCP/IP connection count = 1) +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex for usera@test.ex +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex for userc@test.ex +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for userb@test.ex +1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1112 closed by QUIT +1999-03-02 09:44:33 Start queue run: pid=pppp -qf +1999-03-02 09:44:33 10HmbG-0005vi-00 => usera R=server T=local_delivery +1999-03-02 09:44:33 10HmbG-0005vi-00 Completed +1999-03-02 09:44:33 10HmbH-0005vi-00 => userc R=server T=local_delivery +1999-03-02 09:44:33 10HmbH-0005vi-00 Completed +1999-03-02 09:44:33 10HmbI-0005vi-00 => userb R=server T=local_delivery +1999-03-02 09:44:33 10HmbI-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/log/2113 b/test/log/2113 index 056c28298..1d3ca3332 100644 --- a/test/log/2113 +++ b/test/log/2113 @@ -15,10 +15,10 @@ 1999-03-02 09:44:33 Start queue run: pid=pppp -qqf 1999-03-02 09:44:33 10HmbD-0005vi-00 => usera@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbG-0005vi-00" 1999-03-02 09:44:33 10HmbD-0005vi-00 Completed -1999-03-02 09:44:33 10HmbE-0005vi-00 => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbH-0005vi-00" -1999-03-02 09:44:33 10HmbE-0005vi-00 Completed -1999-03-02 09:44:33 10HmbF-0005vi-00 => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbI-0005vi-00" +1999-03-02 09:44:33 10HmbF-0005vi-00 => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbH-0005vi-00" 1999-03-02 09:44:33 10HmbF-0005vi-00 Completed +1999-03-02 09:44:33 10HmbE-0005vi-00 => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbI-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qqf ******** SERVER ******** @@ -39,18 +39,14 @@ 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1112 (TCP/IP connection count = 1) 1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex for usera@test.ex -1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1112 lost -1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1113 (TCP/IP connection count = 1) -1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1113 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for userb@test.ex -1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1113 closed by QUIT -1999-03-02 09:44:33 SMTP connection from [127.0.0.1]:1114 (TCP/IP connection count = 1) -1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1114 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex for userc@test.ex -1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1114 closed by QUIT +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex for userc@test.ex +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1]:1112 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for userb@test.ex +1999-03-02 09:44:33 SMTP connection from localhost (myhost.test.ex) [127.0.0.1]:1112 closed by QUIT 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmbG-0005vi-00 => usera R=server T=local_delivery 1999-03-02 09:44:33 10HmbG-0005vi-00 Completed -1999-03-02 09:44:33 10HmbH-0005vi-00 => userb R=server T=local_delivery +1999-03-02 09:44:33 10HmbH-0005vi-00 => userc R=server T=local_delivery 1999-03-02 09:44:33 10HmbH-0005vi-00 Completed -1999-03-02 09:44:33 10HmbI-0005vi-00 => userc R=server T=local_delivery +1999-03-02 09:44:33 10HmbI-0005vi-00 => userb R=server T=local_delivery 1999-03-02 09:44:33 10HmbI-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/mail/2013.usera b/test/mail/2013.usera new file mode 100644 index 000000000..8e17aeefc --- /dev/null +++ b/test/mail/2013.usera @@ -0,0 +1,18 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from localhost ([127.0.0.1]:1112 helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256) + (Exim x.yz) + (envelope-from ) + id 10HmbG-0005vi-00 + for usera@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmbD-0005vi-00 + for usera@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 peerdn= + +Test message 1 + diff --git a/test/mail/2013.userb b/test/mail/2013.userb new file mode 100644 index 000000000..556fb35e8 --- /dev/null +++ b/test/mail/2013.userb @@ -0,0 +1,18 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from localhost ([127.0.0.1]:1112 helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256) + (Exim x.yz) + (envelope-from ) + id 10HmbI-0005vi-00 + for userb@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmbE-0005vi-00 + for userb@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 peerdn= + +Test message 2 + diff --git a/test/mail/2013.userc b/test/mail/2013.userc new file mode 100644 index 000000000..818aafb5e --- /dev/null +++ b/test/mail/2013.userc @@ -0,0 +1,18 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from localhost ([127.0.0.1]:1112 helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256) + (Exim x.yz) + (envelope-from ) + id 10HmbH-0005vi-00 + for userc@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmbF-0005vi-00 + for userc@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 peerdn= + +Test message 3 + diff --git a/test/mail/2113.userb b/test/mail/2113.userb index a19f5fd76..d93f45f7c 100644 --- a/test/mail/2113.userb +++ b/test/mail/2113.userb @@ -1,9 +1,9 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 -Received: from localhost ([127.0.0.1]:1113 helo=myhost.test.ex) +Received: from localhost ([127.0.0.1]:1112 helo=myhost.test.ex) by myhost.test.ex with esmtps (TLSv1:AES256-SHA:256) (Exim x.yz) (envelope-from ) - id 10HmbH-0005vi-00 + id 10HmbI-0005vi-00 for userb@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) diff --git a/test/mail/2113.userc b/test/mail/2113.userc index e623a0664..5bc9043fb 100644 --- a/test/mail/2113.userc +++ b/test/mail/2113.userc @@ -1,9 +1,9 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 -Received: from localhost ([127.0.0.1]:1114 helo=myhost.test.ex) +Received: from localhost ([127.0.0.1]:1112 helo=myhost.test.ex) by myhost.test.ex with esmtps (TLSv1:AES256-SHA:256) (Exim x.yz) (envelope-from ) - id 10HmbI-0005vi-00 + id 10HmbH-0005vi-00 for userc@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) diff --git a/test/scripts/2000-GnuTLS/2013 b/test/scripts/2000-GnuTLS/2013 index 0c2ccba35..cf29efecd 100644 --- a/test/scripts/2000-GnuTLS/2013 +++ b/test/scripts/2000-GnuTLS/2013 @@ -11,7 +11,24 @@ Test message 2 exim userz@test.ex Test message 3 **** -exim -qqf -d-all+acl +exim -d-all+acl -qqf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** +# +exim -DSERVER=server -bd -oX PORT_D +**** +exim usera@test.ex +Test message 1 +**** +exim userb@test.ex +Test message 2 +**** +exim userc@test.ex +Test message 3 +**** +exim -DEQUIRE -d-all+acl -qqf **** killdaemon exim -DSERVER=server -DNOTDAEMON -qf diff --git a/test/stderr/2013 b/test/stderr/2013 index 4c1b0ce12..dc42978c7 100644 --- a/test/stderr/2013 +++ b/test/stderr/2013 @@ -77,5 +77,84 @@ LOG: MAIN LOG: queue_run MAIN End queue run: pid=pppp -qqf >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +admin user +LOG: queue_run MAIN + Start queue run: pid=pppp -qqf +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250-STARTTLS + 250 HELP + SMTP>> STARTTLS +cmd buf flush ddd bytes + SMTP<< 220 TLS go ahead + SMTP>> EHLO myhost.test.ex +cmd buf flush ddd bytes + SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP<< 250 OK id=10HmbG-0005vi-00 +LOG: MAIN + => usera@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmbG-0005vi-00" +LOG: MAIN + Completed +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP<< 250 OK id=10HmbH-0005vi-00 + SMTP(close)>> +LOG: MAIN + => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbH-0005vi-00" +LOG: MAIN + Completed +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA +cmd buf flush ddd bytes + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP<< 250 OK id=10HmbI-0005vi-00 + SMTP>> QUIT +cmd buf flush ddd bytes + SMTP(close)>> +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +LOG: MAIN + => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C="250 OK id=10HmbI-0005vi-00" +LOG: MAIN + Completed +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +LOG: queue_run MAIN + End queue run: pid=pppp -qqf +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> ******** SERVER ******** diff --git a/test/stderr/2113 b/test/stderr/2113 index 8d25729d3..35cdabe47 100644 --- a/test/stderr/2113 +++ b/test/stderr/2113 @@ -118,65 +118,26 @@ Exim version x.yz .... configuration file is TESTSUITE/test-config trusted user admin user ->>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> ->>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected - SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 - SMTP>> EHLO myhost.test.ex -cmd buf flush ddd bytes - SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] - 250-SIZE 52428800 - 250-8BITMIME - 250-PIPELINING - 250-STARTTLS - 250 HELP - SMTP>> STARTTLS -cmd buf flush ddd bytes - SMTP<< 220 TLS go ahead - SMTP>> EHLO myhost.test.ex -cmd buf flush ddd bytes - SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] - 250-SIZE 52428800 - 250-8BITMIME - 250-PIPELINING - 250 HELP SMTP>> MAIL FROM: SIZE=ssss - SMTP>> RCPT TO: + SMTP>> RCPT TO: SMTP>> DATA cmd buf flush ddd bytes SMTP<< 250 OK SMTP<< 250 Accepted SMTP<< 354 Enter message, ending with "." on a line by itself SMTP<< 250 OK id=10HmbH-0005vi-00 - SMTP>> QUIT -cmd buf flush ddd bytes SMTP(close)>> LOG: MAIN - => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbH-0005vi-00" + => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbH-0005vi-00" LOG: MAIN Completed -Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected - SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 - SMTP>> EHLO myhost.test.ex -cmd buf flush ddd bytes - SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] - 250-SIZE 52428800 - 250-8BITMIME - 250-PIPELINING - 250-STARTTLS - 250 HELP - SMTP>> STARTTLS -cmd buf flush ddd bytes - SMTP<< 220 TLS go ahead - SMTP>> EHLO myhost.test.ex -cmd buf flush ddd bytes - SMTP<< 250-myhost.test.ex Hello localhost [127.0.0.1] - 250-SIZE 52428800 - 250-8BITMIME - 250-PIPELINING - 250 HELP +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user SMTP>> MAIL FROM: SIZE=ssss - SMTP>> RCPT TO: + SMTP>> RCPT TO: SMTP>> DATA cmd buf flush ddd bytes SMTP<< 250 OK @@ -186,10 +147,12 @@ cmd buf flush ddd bytes SMTP>> QUIT cmd buf flush ddd bytes SMTP(close)>> +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: MAIN - => userc@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbI-0005vi-00" + => userb@test.ex R=cl_override T=send_to_server H=127.0.0.1 [127.0.0.1]* X=TLSv1:AES256-SHA:256 CV=no C="250 OK id=10HmbI-0005vi-00" LOG: MAIN Completed +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> LOG: queue_run MAIN End queue run: pid=pppp -qqf >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -- cgit v1.2.3 From af542dcfa62fc2341e8253f10c5c778b887444b9 Mon Sep 17 00:00:00 2001 From: "Heiko Schlittermann (HS12-RIPE)" Date: Sun, 25 Jun 2017 23:35:06 +0200 Subject: Bail out if a configuration file starts with a byte order mark --- src/src/readconf.c | 5 +++++ test/confs/0907 | 3 +++ test/confs/0908 | 1 + test/scripts/0000-Basic/0907 | 4 ++++ test/scripts/0000-Basic/0908 | 1 + test/stderr/0907 | 2 ++ test/stderr/0908 | 2 ++ 7 files changed, 18 insertions(+) create mode 100644 test/confs/0907 create mode 100644 test/confs/0908 create mode 100644 test/scripts/0000-Basic/0907 create mode 120000 test/scripts/0000-Basic/0908 create mode 100644 test/stderr/0907 create mode 100644 test/stderr/0908 (limited to 'test/stderr') diff --git a/src/src/readconf.c b/src/src/readconf.c index 95abaf5be..fd9657e0e 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -3469,6 +3469,11 @@ a macro definition. */ while ((s = get_config_line()) != NULL) { + + if (config_lineno == 1 && Ustrstr(s, "\xef\xbb\xbf") == s) + log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, + "found unexpected BOM (Byte Order Mark)"); + if (isupper(s[0])) read_macro_assignment(s); else if (Ustrncmp(s, "domainlist", 10) == 0) diff --git a/test/confs/0907 b/test/confs/0907 new file mode 100644 index 000000000..8cb2b1b6d --- /dev/null +++ b/test/confs/0907 @@ -0,0 +1,3 @@ +# This file contains a BOM at the very beginning +tls_advertise_hosts = +keep_environment = diff --git a/test/confs/0908 b/test/confs/0908 new file mode 100644 index 000000000..27af1d5f2 --- /dev/null +++ b/test/confs/0908 @@ -0,0 +1 @@ +.include DIR/confs/0907 diff --git a/test/scripts/0000-Basic/0907 b/test/scripts/0000-Basic/0907 new file mode 100644 index 000000000..341a63f48 --- /dev/null +++ b/test/scripts/0000-Basic/0907 @@ -0,0 +1,4 @@ +# check for BOM in an included config file (0908) +# +1 +exim -bP config diff --git a/test/scripts/0000-Basic/0908 b/test/scripts/0000-Basic/0908 new file mode 120000 index 000000000..8cc1a8c6e --- /dev/null +++ b/test/scripts/0000-Basic/0908 @@ -0,0 +1 @@ +0907 \ No newline at end of file diff --git a/test/stderr/0907 b/test/stderr/0907 new file mode 100644 index 000000000..fe9ba7150 --- /dev/null +++ b/test/stderr/0907 @@ -0,0 +1,2 @@ +1999-03-02 09:44:33 Exim configuration error in line 1 of TESTSUITE/test-config: + found unexpected BOM (Byte Order Mark) diff --git a/test/stderr/0908 b/test/stderr/0908 new file mode 100644 index 000000000..ad35a1ae6 --- /dev/null +++ b/test/stderr/0908 @@ -0,0 +1,2 @@ +1999-03-02 09:44:33 Exim configuration error in line 1 of TESTSUITE/confs/0907: + found unexpected BOM (Byte Order Mark) -- cgit v1.2.3 From a09f294202729d7e532a1584536fa14e491a0b71 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 5 Jul 2017 14:30:05 +0100 Subject: Add $smtp_command_history variable --- doc/doc-docbook/spec.xfpt | 9 +++++++++ doc/doc-txt/NewStuff | 3 +++ src/src/expand.c | 1 + src/src/functions.h | 1 + src/src/smtp_in.c | 22 +++++++++++++++++++++- test/confs/0021 | 2 +- test/paniclog/0021 | 8 ++++---- test/stderr/0021 | 17 ++++++++++------- 8 files changed, 50 insertions(+), 13 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index aab8c00d5..84540508f 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -12793,6 +12793,15 @@ argument, that is, the text that follows the command name, with leading white space removed. Following the introduction of &$smtp_command$&, this variable is somewhat redundant, but is retained for backwards compatibility. +.new +.vitem &$smtp_command_history$& +.cindex SMTP "command history" +.vindex "&$smtp_command_history$&" +A comma-separated list (with no whitespace) of the most-recent SMTP commands +received, in time-order left to right. Only a limited number of commands +are remembered. +.wen + .vitem &$smtp_count_at_connection_start$& .vindex "&$smtp_count_at_connection_start$&" This variable is set greater than zero only in processes spawned by the Exim diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 17fe1979a..f3050a950 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -41,6 +41,9 @@ Version 4.90 9. New option modifier "no_check" for quota and quota_filecount appendfile transport. +10. Variable $smtp_command_history returning a comma-sep list of recent + SMTP commands. + Version 4.89 ------------ diff --git a/src/src/expand.c b/src/src/expand.c index a064e34e4..4eb1818f1 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -680,6 +680,7 @@ static var_entry var_table[] = { { "smtp_active_hostname", vtype_stringptr, &smtp_active_hostname }, { "smtp_command", vtype_stringptr, &smtp_cmd_buffer }, { "smtp_command_argument", vtype_stringptr, &smtp_cmd_argument }, + { "smtp_command_history", vtype_string_func, &smtp_cmd_hist }, { "smtp_count_at_connection_start", vtype_int, &smtp_accept_count }, { "smtp_notquit_reason", vtype_stringptr, &smtp_notquit_reason }, { "sn0", vtype_filter_int, &filter_sn[0] }, diff --git a/src/src/functions.h b/src/src/functions.h index f7173576b..9c9caaf97 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -394,6 +394,7 @@ extern int sieve_interpret(uschar *, int, uschar *, uschar *, uschar *, extern void sigalrm_handler(int); extern BOOL smtp_buffered(void); extern void smtp_closedown(uschar *); +extern uschar *smtp_cmd_hist(void); extern int smtp_connect(host_item *, int, uschar *, int, transport_instance *); extern int smtp_sock_connect(host_item *, int, int, uschar *, diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 92dbac4ce..629634267 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1795,7 +1795,7 @@ for (i = 0; i < smtp_ch_index; i++) sep = US","; } -if (s != NULL) s[ptr] = 0; else s = US""; +if (s) s[ptr] = 0; else s = US""; log_write(0, LOG_MAIN, "no MAIL in SMTP connection from %s D=%s%s", host_and_ident(FALSE), readconf_printtime( (int) ((long)time(NULL) - (long)smtp_connection_start)), @@ -1803,6 +1803,26 @@ log_write(0, LOG_MAIN, "no MAIL in SMTP connection from %s D=%s%s", } +/* Return list of recent smtp commands */ + +uschar * +smtp_cmd_hist(void) +{ +uschar * list = NULL; +int size = 0, len = 0, i; + +for (i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++) + if (smtp_connection_had[i] != SCH_NONE) + list = string_append_listele(list, &size, &len, ',', + smtp_names[smtp_connection_had[i]]); +for (i = 0; i < smtp_ch_index; i++) + list = string_append_listele(list, &size, &len, ',', + smtp_names[smtp_connection_had[i]]); +return list ? list : US""; +} + + + /************************************************* * Check HELO line and set sender_helo_name * diff --git a/test/confs/0021 b/test/confs/0021 index ae5a309b9..cb057386e 100644 --- a/test/confs/0021 +++ b/test/confs/0021 @@ -67,7 +67,7 @@ mail: rcpt: accept senders = +ok_senders sender_domains = +ok_sender_domains - logwrite = :panic: rcpt accepted + logwrite = :panic: rcpt accepted C=$smtp_command_history # ----- Routers ----- diff --git a/test/paniclog/0021 b/test/paniclog/0021 index dae415203..d6e91d346 100644 --- a/test/paniclog/0021 +++ b/test/paniclog/0021 @@ -1,6 +1,6 @@ -1999-03-02 09:44:33 rcpt accepted -1999-03-02 09:44:33 rcpt accepted +1999-03-02 09:44:33 rcpt accepted C=MAIL,MAIL,RCPT +1999-03-02 09:44:33 rcpt accepted C=MAIL,MAIL,RCPT,RCPT 1999-03-02 09:44:33 ACL "warn" with "message" setting found in a non-message (EHLO or HELO) ACL: cannot specify header lines here: message ignored -1999-03-02 09:44:33 rcpt accepted +1999-03-02 09:44:33 rcpt accepted C=MAIL,RCPT 1999-03-02 09:44:33 ACL "warn" with "message" setting found in a non-message (EHLO or HELO) ACL: cannot specify header lines here: message ignored -1999-03-02 09:44:33 rcpt accepted +1999-03-02 09:44:33 rcpt accepted C=EHLO,MAIL,RCPT diff --git a/test/stderr/0021 b/test/stderr/0021 index 7c5a79ee9..299cc4974 100644 --- a/test/stderr/0021 +++ b/test/stderr/0021 @@ -80,9 +80,10 @@ ok@test1 in "+ok_senders"? yes (matched "+ok_senders") check sender_domains = +ok_sender_domains test1 in "somewhere : test1 : test3"? yes (matched "test1") test1 in "+ok_sender_domains"? yes (matched "+ok_sender_domains") -check logwrite = :panic: rcpt accepted +check logwrite = :panic: rcpt accepted C=$smtp_command_history + = :panic: rcpt accepted C=MAIL,MAIL,RCPT LOG: PANIC - rcpt accepted + rcpt accepted C=MAIL,MAIL,RCPT accept: condition test succeeded in ACL "rcpt" end of ACL "rcpt": ACCEPT using ACL "rcpt" @@ -94,9 +95,10 @@ ok@test1 in "+ok_senders"? yes (matched "+ok_senders" - cached) check sender_domains = +ok_sender_domains cached yes match for +ok_sender_domains test1 in "+ok_sender_domains"? yes (matched "+ok_sender_domains" - cached) -check logwrite = :panic: rcpt accepted +check logwrite = :panic: rcpt accepted C=$smtp_command_history + = :panic: rcpt accepted C=MAIL,MAIL,RCPT,RCPT LOG: PANIC - rcpt accepted + rcpt accepted C=MAIL,MAIL,RCPT,RCPT accept: condition test succeeded in ACL "rcpt" end of ACL "rcpt": ACCEPT LOG: smtp_connection MAIN @@ -173,9 +175,10 @@ ok@test3 in "+ok_senders"? yes (matched "+ok_senders") check sender_domains = +ok_sender_domains test3 in "somewhere : test1 : test3"? yes (matched "test3") test3 in "+ok_sender_domains"? yes (matched "+ok_sender_domains") -check logwrite = :panic: rcpt accepted +check logwrite = :panic: rcpt accepted C=$smtp_command_history + = :panic: rcpt accepted C=MAIL,RCPT LOG: PANIC - rcpt accepted + rcpt accepted C=MAIL,RCPT accept: condition test succeeded in ACL "rcpt" end of ACL "rcpt": ACCEPT >>Headers added by MAIL or RCPT ACL: @@ -197,4 +200,4 @@ LOG: smtp_connection MAIN SMTP connection from CALLER closed by QUIT >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> 1999-03-02 09:44:33 ACL "warn" with "message" setting found in a non-message (EHLO or HELO) ACL: cannot specify header lines here: message ignored -1999-03-02 09:44:33 rcpt accepted +1999-03-02 09:44:33 rcpt accepted C=EHLO,MAIL,RCPT -- cgit v1.2.3 From 0a6c178c6c5f45668b5bb37b8be723cc9d1e72ae Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 5 Jul 2017 12:57:24 +0100 Subject: Use the BDB "environment" so that a database config file is not looked for. Bug 2141 --- doc/doc-txt/ChangeLog | 5 ++ src/OS/Makefile-Base | 3 +- src/src/acl.c | 3 +- src/src/dbfn.c | 19 ++--- src/src/dbstuff.h | 189 ++++++++++++++++++++++++++++++++--------- src/src/exim_dbmbuild.c | 1 + src/src/exim_dbutil.c | 37 ++++---- src/src/transports/autoreply.c | 127 ++++++++++++--------------- test/runtest | 4 + test/stderr/0275 | 10 ++- test/stderr/0278 | 10 ++- test/stderr/0361 | 20 +++-- test/stderr/0386 | 20 +++-- test/stderr/0388 | 25 +++--- test/stderr/0398 | 15 ++-- test/stderr/0402 | 35 +++++--- test/stderr/0403 | 15 ++-- test/stderr/0404 | 25 +++--- test/stderr/0408 | 10 ++- test/stderr/0432 | 15 ++-- test/stderr/0487 | 10 ++- test/stderr/2600 | 10 ++- test/stderr/5004 | 15 ++-- test/stderr/5005 | 50 ++++++----- test/stderr/5006 | 10 ++- 25 files changed, 422 insertions(+), 261 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index da6f19820..de8151f65 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -123,6 +123,11 @@ JH/18 Prebuild the data-structure for "builtin" macros, for faster startup. was met in the configuration file input during startup; now it is done during compilation. +JH/19 Bug 2141: Use the full-complex API for Berkeley DB rather than the legacy- + compatible one, to avoid the (poorly documented) possibility of a config + file in the working directory redirecting the DB files, possibly correpting + some existing file. + Exim version 4.89 ----------------- diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base index bddd313ee..7746597ba 100644 --- a/src/OS/Makefile-Base +++ b/src/OS/Makefile-Base @@ -580,7 +580,8 @@ exim_tidydb.o: $(HDRS) exim_dbutil.c exim_dbmbuild.o: $(HDRS) exim_dbmbuild.c @echo "$(CC) exim_dbmbuild.c" - $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) -o exim_dbmbuild.o exim_dbmbuild.c + $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY \ + -o exim_dbmbuild.o exim_dbmbuild.c # Utilities use special versions of some modules - typically with debugging # calls cut out. diff --git a/src/src/acl.c b/src/src/acl.c index efebf9c69..cf7e42aa4 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -2352,8 +2352,7 @@ if (t != NULL) /* We aren't using a pre-computed rate, so get a previously recorded rate from the database, which will be updated and written back if required. */ -dbm = dbfn_open(US"ratelimit", O_RDWR, &dbblock, TRUE); -if (dbm == NULL) +if (!(dbm = dbfn_open(US"ratelimit", O_RDWR, &dbblock, TRUE))) { store_pool = old_pool; sender_rate = NULL; diff --git a/src/src/dbfn.c b/src/src/dbfn.c index 62259eb0d..5529fe93f 100644 --- a/src/src/dbfn.c +++ b/src/src/dbfn.c @@ -161,9 +161,7 @@ it easy to pin this down, there are now debug statements on either side of the open call. */ snprintf(CS filename, sizeof(filename), "%s/%s", dirname, name); -DEBUG(D_hints_lookup) debug_printf("EXIM_DBOPEN(%s)\n", filename); EXIM_DBOPEN(filename, dirname, flags, EXIMDB_MODE, &(dbblock->dbptr)); -DEBUG(D_hints_lookup) debug_printf("returned from EXIM_DBOPEN\n"); if (!dbblock->dbptr && errno == ENOENT && flags == O_RDWR) { @@ -171,7 +169,6 @@ if (!dbblock->dbptr && errno == ENOENT && flags == O_RDWR) debug_printf("%s appears not to exist: trying to create\n", filename); created = TRUE; EXIM_DBOPEN(filename, dirname, flags|O_CREAT, EXIMDB_MODE, &(dbblock->dbptr)); - DEBUG(D_hints_lookup) debug_printf("returned from EXIM_DBOPEN\n"); } save_errno = errno; @@ -217,17 +214,17 @@ if (created && geteuid() == root_uid) } /* If the open has failed, return NULL, leaving errno set. If lof is TRUE, -log the event - also for debugging - but not if the file just doesn't exist. */ +log the event - also for debugging - but debug only if the file just doesn't +exist. */ if (!dbblock->dbptr) { - if (save_errno != ENOENT) - if (lof) - log_write(0, LOG_MAIN, "%s", string_open_failed(save_errno, "DB file %s", + if (lof && save_errno != ENOENT) + log_write(0, LOG_MAIN, "%s", string_open_failed(save_errno, "DB file %s", filename)); - else - DEBUG(D_hints_lookup) - debug_printf("%s", CS string_open_failed(save_errno, "DB file %s\n", + else + DEBUG(D_hints_lookup) + debug_printf("%s\n", CS string_open_failed(save_errno, "DB file %s", filename)); (void)close(dbblock->lockfd); errno = save_errno; @@ -532,7 +529,7 @@ while (Ufgets(buffer, 256, stdin) != NULL) odb = dbfn_open(s, O_RDWR, dbblock + i, TRUE); stop = clock(); - if (odb != NULL) + if (odb) { current = i; printf("opened %d\n", current); diff --git a/src/src/dbstuff.h b/src/src/dbstuff.h index ace46c24c..a4ee603bb 100644 --- a/src/src/dbstuff.h +++ b/src/src/dbstuff.h @@ -39,7 +39,7 @@ tdb_traverse to be called) */ /* Access functions */ /* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed */ -#define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ +#define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \ *(dbpp) = tdb_open(CS name, 0, TDB_DEFAULT, flags, mode) /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */ @@ -77,7 +77,7 @@ free() must not die when passed NULL */ #define EXIM_DBDELETE_CURSOR(cursor) free(cursor) /* EXIM_DBCLOSE */ -#define EXIM_DBCLOSE(db) tdb_close(db) +#define EXIM_DBCLOSE__(db) tdb_close(db) /* Datum access types - these are intended to be assignable */ @@ -113,8 +113,8 @@ definition of DB_VERSION_STRING, which is present in versions 2.x onwards. */ /***************** Berkeley db 3.x/4.x native definitions ******************/ /* Basic DB type */ -#define EXIM_DB DB - +#if DB_VERSION_MAJOR > 4 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) +# define EXIM_DB DB_ENV /* Cursor type, for scanning */ #define EXIM_CURSOR DBC @@ -122,78 +122,161 @@ definition of DB_VERSION_STRING, which is present in versions 2.x onwards. */ #define EXIM_DATUM DBT /* Some text for messages */ -#define EXIM_DBTYPE "db (v3/4)" +#define EXIM_DBTYPE "db (v4.1+)" /* Access functions */ /* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed. The -API changed for DB 4.1. */ +API changed for DB 4.1. - and we also starting using the "env" with a +specified working dir, to avoid the DBCONFIG file trap. */ + +# define ENV_TO_DB(env) ((DB *)((env)->app_private)) + +# define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \ + if ( db_env_create(dbpp, 0) != 0 \ + || ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), 0) \ + || (*dbpp)->open(*dbpp, CS dirname, DB_CREATE|DB_INIT_MPOOL|DB_PRIVATE, 0) != 0\ + ) \ + *dbpp = NULL; \ + else if (db_create((DB **) &((*dbpp)->app_private), *dbpp, 0) != 0) \ + { \ + ((DB_ENV *)(*dbpp))->close((DB_ENV *)(*dbpp), 0); \ + *dbpp = NULL; \ + } \ + else if (ENV_TO_DB(*dbpp)->open(ENV_TO_DB(*dbpp), NULL, CS name, NULL, \ + (flags) == O_RDONLY ? DB_UNKNOWN : DB_HASH, \ + (flags) == O_RDONLY ? DB_RDONLY : DB_CREATE, \ + mode) != 0 \ + ) \ + { \ + ENV_TO_DB(*dbpp)->close(ENV_TO_DB(*dbpp), 0); \ + ((DB_ENV *)(*dbpp))->close((DB_ENV *)(*dbpp), 0); \ + *dbpp = NULL; \ + } -#if DB_VERSION_MAJOR > 4 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) -#define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ - if (db_create(dbpp, NULL, 0) != 0 || \ - ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), \ - ((*dbpp)->open)(*dbpp, NULL, CS name, NULL, \ - ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \ - ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ - mode)) != 0) *(dbpp) = NULL -#else -#define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ +/* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */ +# define EXIM_DBGET(db, key, data) \ + (ENV_TO_DB(db)->get(ENV_TO_DB(db), NULL, &key, &data, 0) == 0) + +/* EXIM_DBPUT - returns nothing useful, assumes replace mode */ +# define EXIM_DBPUT(db, key, data) \ + ENV_TO_DB(db)->put(ENV_TO_DB(db), NULL, &key, &data, 0) + +/* EXIM_DBPUTB - non-overwriting for use by dbmbuild */ +# define EXIM_DBPUTB(db, key, data) \ + ENV_TO_DB(db)->put(ENV_TO_DB(db), NULL, &key, &data, DB_NOOVERWRITE) + +/* Return values from EXIM_DBPUTB */ + +# define EXIM_DBPUTB_OK 0 +# define EXIM_DBPUTB_DUP DB_KEYEXIST + +/* EXIM_DBDEL */ +# define EXIM_DBDEL(db, key) ENV_TO_DB(db)->del(ENV_TO_DB(db), NULL, &key, 0) + +/* EXIM_DBCREATE_CURSOR - initialize for scanning operation */ + +# define EXIM_DBCREATE_CURSOR(db, cursor) \ + ENV_TO_DB(db)->cursor(ENV_TO_DB(db), NULL, cursor, 0) + +/* EXIM_DBSCAN - returns TRUE if data is returned, FALSE at end */ +# define EXIM_DBSCAN(db, key, data, first, cursor) \ + ((cursor)->c_get(cursor, &key, &data, \ + (first? DB_FIRST : DB_NEXT)) == 0) + +/* EXIM_DBDELETE_CURSOR - terminate scanning operation */ +# define EXIM_DBDELETE_CURSOR(cursor) \ + (cursor)->c_close(cursor) + +/* EXIM_DBCLOSE */ +# define EXIM_DBCLOSE__(db) \ + (ENV_TO_DB(db)->close(ENV_TO_DB(db), 0) , ((DB_ENV *)(db))->close((DB_ENV *)(db), DB_FORCESYNC)) + +/* Datum access types - these are intended to be assignable. */ + +# define EXIM_DATUM_SIZE(datum) (datum).size +# define EXIM_DATUM_DATA(datum) (datum).data + +/* The whole datum structure contains other fields that must be cleared +before use, but we don't have to free anything after reading data. */ + +# define EXIM_DATUM_INIT(datum) memset(&datum, 0, sizeof(datum)) +# define EXIM_DATUM_FREE(datum) + +#else /* pre- 4.1 */ + +# define EXIM_DB DB + +/* Cursor type, for scanning */ +# define EXIM_CURSOR DBC + +/* The datum type used for queries */ +# define EXIM_DATUM DBT + +/* Some text for messages */ +# define EXIM_DBTYPE "db (v3/4)" + +/* Access functions */ + +/* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed. */ + +# define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \ if (db_create(dbpp, NULL, 0) != 0 || \ ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), \ ((*dbpp)->open)(*dbpp, CS name, NULL, \ ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \ ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ mode)) != 0) *(dbpp) = NULL -#endif /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */ -#define EXIM_DBGET(db, key, data) \ +# define EXIM_DBGET(db, key, data) \ ((db)->get(db, NULL, &key, &data, 0) == 0) /* EXIM_DBPUT - returns nothing useful, assumes replace mode */ -#define EXIM_DBPUT(db, key, data) \ +# define EXIM_DBPUT(db, key, data) \ (db)->put(db, NULL, &key, &data, 0) /* EXIM_DBPUTB - non-overwriting for use by dbmbuild */ -#define EXIM_DBPUTB(db, key, data) \ +# define EXIM_DBPUTB(db, key, data) \ (db)->put(db, NULL, &key, &data, DB_NOOVERWRITE) /* Return values from EXIM_DBPUTB */ -#define EXIM_DBPUTB_OK 0 -#define EXIM_DBPUTB_DUP DB_KEYEXIST +# define EXIM_DBPUTB_OK 0 +# define EXIM_DBPUTB_DUP DB_KEYEXIST /* EXIM_DBDEL */ -#define EXIM_DBDEL(db, key) (db)->del(db, NULL, &key, 0) +# define EXIM_DBDEL(db, key) (db)->del(db, NULL, &key, 0) /* EXIM_DBCREATE_CURSOR - initialize for scanning operation */ -#define EXIM_DBCREATE_CURSOR(db, cursor) \ +# define EXIM_DBCREATE_CURSOR(db, cursor) \ (db)->cursor(db, NULL, cursor, 0) /* EXIM_DBSCAN - returns TRUE if data is returned, FALSE at end */ -#define EXIM_DBSCAN(db, key, data, first, cursor) \ +# define EXIM_DBSCAN(db, key, data, first, cursor) \ ((cursor)->c_get(cursor, &key, &data, \ (first? DB_FIRST : DB_NEXT)) == 0) /* EXIM_DBDELETE_CURSOR - terminate scanning operation */ -#define EXIM_DBDELETE_CURSOR(cursor) \ +# define EXIM_DBDELETE_CURSOR(cursor) \ (cursor)->c_close(cursor) /* EXIM_DBCLOSE */ -#define EXIM_DBCLOSE(db) (db)->close(db, 0) +# define EXIM_DBCLOSE__(db) (db)->close(db, 0) /* Datum access types - these are intended to be assignable. */ -#define EXIM_DATUM_SIZE(datum) (datum).size -#define EXIM_DATUM_DATA(datum) (datum).data +# define EXIM_DATUM_SIZE(datum) (datum).size +# define EXIM_DATUM_DATA(datum) (datum).data /* The whole datum structure contains other fields that must be cleared before use, but we don't have to free anything after reading data. */ -#define EXIM_DATUM_INIT(datum) memset(&datum, 0, sizeof(datum)) -#define EXIM_DATUM_FREE(datum) +# define EXIM_DATUM_INIT(datum) memset(&datum, 0, sizeof(datum)) +# define EXIM_DATUM_FREE(datum) + +#endif #else /* DB_VERSION_MAJOR >= 3 */ @@ -215,7 +298,7 @@ before use, but we don't have to free anything after reading data. */ /* Access functions */ /* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed */ -#define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ +#define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \ if ((errno = db_open(CS name, DB_HASH, \ ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ mode, NULL, NULL, dbpp)) != 0) *(dbpp) = NULL @@ -264,7 +347,7 @@ the new option that is available, so I guess that it happened at 2.5.x. */ (cursor)->c_close(cursor) /* EXIM_DBCLOSE */ -#define EXIM_DBCLOSE(db) (db)->close(db, 0) +#define EXIM_DBCLOSE__(db) (db)->close(db, 0) /* Datum access types - these are intended to be assignable. */ @@ -312,7 +395,7 @@ before been able to pass successfully. */ /* Access functions */ /* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed */ -#define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ +#define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \ *(dbpp) = dbopen(CS name, flags, mode, DB_HASH, NULL) /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */ @@ -347,7 +430,7 @@ refer to cursor, to keep picky compilers happy. */ #define EXIM_DBDELETE_CURSOR(cursor) { cursor = cursor; } /* EXIM_DBCLOSE */ -#define EXIM_DBCLOSE(db) (db)->close(db) +#define EXIM_DBCLOSE__(db) (db)->close(db) /* Datum access types - these are intended to be assignable */ @@ -389,7 +472,7 @@ typedef struct { /* Access functions */ /* EXIM_DBOPEN - returns a EXIM_DB *, NULL if failed */ -#define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ +#define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \ { (*(dbpp)) = (EXIM_DB *) malloc(sizeof(EXIM_DB));\ if (*(dbpp) != NULL) { \ (*(dbpp))->lkey.dptr = NULL;\ @@ -435,7 +518,7 @@ refer to cursor, to keep picky compilers happy. */ #define EXIM_DBDELETE_CURSOR(cursor) { cursor = cursor; } /* EXIM_DBCLOSE */ -#define EXIM_DBCLOSE(db) \ +#define EXIM_DBCLOSE__(db) \ { gdbm_close((db)->gdbm);\ if ((db)->lkey.dptr != NULL) free((db)->lkey.dptr);\ free(db); } @@ -478,7 +561,7 @@ interface */ /* Access functions */ /* EXIM_DBOPEN - returns a EXIM_DB *, NULL if failed */ -#define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ +#define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \ *(dbpp) = dbm_open(CS name, flags, mode) /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */ @@ -513,7 +596,7 @@ refer to cursor, to keep picky compilers happy. */ #define EXIM_DBDELETE_CURSOR(cursor) { cursor = cursor; } /* EXIM_DBCLOSE */ -#define EXIM_DBCLOSE(db) dbm_close(db) +#define EXIM_DBCLOSE__(db) dbm_close(db) /* Datum access types - these are intended to be assignable */ @@ -528,6 +611,34 @@ after reading data. */ #endif /* USE_GDBM */ + + + + +# ifdef COMPILE_UTILITY + +# define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ + EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) +# define EXIM_DBCLOSE(db) EXIM_DBCLOSE__(db) + +# else + +# define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \ + do { \ + DEBUG(D_hints_lookup) \ + debug_printf("EXIM_DBOPEN: file <%s> dir <%s> flags 0x%x\n", \ + (name), (dirname), flags); \ + EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); \ + DEBUG(D_hints_lookup) debug_printf("returned from EXIM_DBOPEN: %p\n", *dbpp); \ + } while(0) +# define EXIM_DBCLOSE(db) \ + do { \ + DEBUG(D_hints_lookup) debug_printf("EXIM_DBCLOSE(%p)\n", db); \ + EXIM_DBCLOSE__(db); \ + } while(0) + +# endif + /********************* End of dbm library definitions **********************/ diff --git a/src/src/exim_dbmbuild.c b/src/src/exim_dbmbuild.c index eb19005a2..7431bbc03 100644 --- a/src/src/exim_dbmbuild.c +++ b/src/src/exim_dbmbuild.c @@ -30,6 +30,7 @@ characters. */ #include "exim.h" +uschar * spool_directory = NULL; /* dummy for dbstuff.h */ #define max_insize 20000 #define max_outsize 100000 diff --git a/src/src/exim_dbutil.c b/src/src/exim_dbutil.c index eb3ae16b3..fb455bbd3 100644 --- a/src/src/exim_dbutil.c +++ b/src/src/exim_dbutil.c @@ -517,15 +517,16 @@ uschar keybuffer[1024]; dbdata_type = check_args(argc, argv, US"dumpdb", US""); spool_directory = argv[1]; -dbm = dbfn_open(argv[2], O_RDONLY, &dbblock, FALSE); -if (dbm == NULL) exit(1); +if (!(dbm = dbfn_open(argv[2], O_RDONLY, &dbblock, FALSE))) + exit(1); /* Scan the file, formatting the information for each entry. Note that data is returned in a malloc'ed block, in order that it be correctly aligned. */ -key = dbfn_scan(dbm, TRUE, &cursor); -while (key != NULL) +for (key = dbfn_scan(dbm, TRUE, &cursor); + key; + key = dbfn_scan(dbm, FALSE, &cursor)) { dbdata_retry *retry; dbdata_wait *wait; @@ -547,9 +548,8 @@ while (key != NULL) return 1; } Ustrcpy(keybuffer, key); - value = dbfn_read_with_length(dbm, keybuffer, &length); - if (value == NULL) + if (!(value = dbfn_read_with_length(dbm, keybuffer, &length))) fprintf(stderr, "**** Entry \"%s\" was in the key scan, but the record " "was not found in the file - something is wrong!\n", CS keybuffer); @@ -669,7 +669,6 @@ while (key != NULL) } store_reset(value); } - key = dbfn_scan(dbm, FALSE, &cursor); } dbfn_close(dbm); @@ -776,8 +775,9 @@ for(;;) { int verify = 1; spool_directory = argv[1]; - dbm = dbfn_open(argv[2], O_RDWR, &dbblock, FALSE); - if (dbm == NULL) continue; + + if (!(dbm = dbfn_open(argv[2], O_RDWR, &dbblock, FALSE))) + continue; if (Ustrcmp(field, "d") == 0) { @@ -973,11 +973,10 @@ for(;;) /* Handle a read request, or verify after an update. */ spool_directory = argv[1]; - dbm = dbfn_open(argv[2], O_RDONLY, &dbblock, FALSE); - if (dbm == NULL) continue; + if (!(dbm = dbfn_open(argv[2], O_RDONLY, &dbblock, FALSE))) + continue; - record = dbfn_read_with_length(dbm, name, &oldlength); - if (record == NULL) + if (!(record = dbfn_read_with_length(dbm, name, &oldlength))) { printf("record %s not found\n", name); name[0] = 0; @@ -1160,8 +1159,8 @@ oldest = time(NULL) - maxkeep; printf("Tidying Exim hints database %s/db/%s\n", argv[1], argv[2]); spool_directory = argv[1]; -dbm = dbfn_open(argv[2], O_RDWR, &dbblock, FALSE); -if (dbm == NULL) exit(1); +if (!(dbm = dbfn_open(argv[2], O_RDWR, &dbblock, FALSE))) + exit(1); /* Prepare for building file names */ @@ -1174,14 +1173,14 @@ to the file while scanning it. Pity the man page doesn't warn you about that. Therefore, we scan and build a list of all the keys. Then we use that to read the records and possibly update them. */ -key = dbfn_scan(dbm, TRUE, &cursor); -while (key != NULL) +for (key = dbfn_scan(dbm, TRUE, &cursor); + key; + key = dbfn_scan(dbm, FALSE, &cursor)) { key_item *k = store_get(sizeof(key_item) + Ustrlen(key)); k->next = keychain; keychain = k; Ustrcpy(k->key, key); - key = dbfn_scan(dbm, FALSE, &cursor); } /* Now scan the collected keys and operate on the records, resetting @@ -1189,7 +1188,7 @@ the store each time round. */ reset_point = store_get(0); -while (keychain != NULL) +while (keychain) { dbdata_generic *value; diff --git a/src/src/transports/autoreply.c b/src/src/transports/autoreply.c index 4a3fe4714..ba6669b4d 100644 --- a/src/src/transports/autoreply.c +++ b/src/src/transports/autoreply.c @@ -346,33 +346,22 @@ else file_expand = ob->file_expand; return_message = ob->return_message; - if ((from != NULL && - (from = checkexpand(from, addr, tblock->name, cke_hdr)) == NULL) || - (reply_to != NULL && - (reply_to = checkexpand(reply_to, addr, tblock->name, cke_hdr)) == NULL) || - (to != NULL && - (to = checkexpand(to, addr, tblock->name, cke_hdr)) == NULL) || - (cc != NULL && - (cc = checkexpand(cc, addr, tblock->name, cke_hdr)) == NULL) || - (bcc != NULL && - (bcc = checkexpand(bcc, addr, tblock->name, cke_hdr)) == NULL) || - (subject != NULL && - (subject = checkexpand(subject, addr, tblock->name, cke_hdr)) == NULL) || - (headers != NULL && - (headers = checkexpand(headers, addr, tblock->name, cke_text)) == NULL) || - (text != NULL && - (text = checkexpand(text, addr, tblock->name, cke_text)) == NULL) || - (file != NULL && - (file = checkexpand(file, addr, tblock->name, cke_file)) == NULL) || - (logfile != NULL && - (logfile = checkexpand(logfile, addr, tblock->name, cke_file)) == NULL) || - (oncelog != NULL && - (oncelog = checkexpand(oncelog, addr, tblock->name, cke_file)) == NULL) || - (oncerepeat != NULL && - (oncerepeat = checkexpand(oncerepeat, addr, tblock->name, cke_file)) == NULL)) + if ( from && !(from = checkexpand(from, addr, tblock->name, cke_hdr)) + || reply_to && !(reply_to = checkexpand(reply_to, addr, tblock->name, cke_hdr)) + || to && !(to = checkexpand(to, addr, tblock->name, cke_hdr)) + || cc && !(cc = checkexpand(cc, addr, tblock->name, cke_hdr)) + || bcc && !(bcc = checkexpand(bcc, addr, tblock->name, cke_hdr)) + || subject && !(subject = checkexpand(subject, addr, tblock->name, cke_hdr)) + || headers && !(headers = checkexpand(headers, addr, tblock->name, cke_text)) + || text && !(text = checkexpand(text, addr, tblock->name, cke_text)) + || file && !(file = checkexpand(file, addr, tblock->name, cke_file)) + || logfile && !(logfile = checkexpand(logfile, addr, tblock->name, cke_file)) + || oncelog && !(oncelog = checkexpand(oncelog, addr, tblock->name, cke_file)) + || oncerepeat && !(oncerepeat = checkexpand(oncerepeat, addr, tblock->name, cke_file)) + ) return FALSE; - if (oncerepeat != NULL) + if (oncerepeat) { once_repeat_sec = readconf_readtime(oncerepeat, 0, FALSE); if (once_repeat_sec < 0) @@ -388,11 +377,11 @@ else /* If the never_mail option is set, we have to scan all the recipients and remove those that match. */ -if (ob->never_mail != NULL) +if (ob->never_mail) { const uschar *never_mail = expand_string(ob->never_mail); - if (never_mail == NULL) + if (!never_mail) { addr->transport_return = FAIL; addr->message = string_sprintf("Failed to expand \"%s\" for " @@ -400,11 +389,11 @@ if (ob->never_mail != NULL) return FALSE; } - if (to != NULL) check_never_mail(&to, never_mail); - if (cc != NULL) check_never_mail(&cc, never_mail); - if (bcc != NULL) check_never_mail(&bcc, never_mail); + if (to) check_never_mail(&to, never_mail); + if (cc) check_never_mail(&cc, never_mail); + if (bcc) check_never_mail(&bcc, never_mail); - if (to == NULL && cc == NULL && bcc == NULL) + if (!to && !cc && !bcc) { DEBUG(D_transport) debug_printf("*** all recipients removed by never_mail\n"); @@ -430,7 +419,7 @@ recipient, the effect might not be quite as envisaged. If once_file_size is set, instead of a dbm file, we use a regular file containing a circular buffer recipient cache. */ -if (oncelog != NULL && *oncelog != 0 && to != NULL) +if (oncelog && *oncelog != 0 && to) { time_t then = 0; @@ -438,7 +427,7 @@ if (oncelog != NULL && *oncelog != 0 && to != NULL) if (ob->once_file_size > 0) { - uschar *p; + uschar * p, * nextp; struct stat statbuf; cache_fd = Uopen(oncelog, O_CREAT|O_RDWR, ob->mode); @@ -475,18 +464,16 @@ if (oncelog != NULL && *oncelog != 0 && to != NULL) zero. If we find a match, put the time into "then", and the place where it was found into "cache_time". Otherwise, "then" is left at zero. */ - p = cache_buff; - while (p < cache_buff + cache_size) + for (p = cache_buff; p < cache_buff + cache_size; p = nextp) { uschar *s = p + sizeof(time_t); - uschar *nextp = s + Ustrlen(s) + 1; + nextp = s + Ustrlen(s) + 1; if (Ustrcmp(to, s) == 0) { memcpy(&then, p, sizeof(time_t)); cache_time = p; break; } - p = nextp; } } @@ -524,10 +511,9 @@ if (oncelog != NULL && *oncelog != 0 && to != NULL) can be abolished. */ if (EXIM_DATUM_SIZE(result_datum) == sizeof(time_t)) - { memcpy(&then, EXIM_DATUM_DATA(result_datum), sizeof(time_t)); - } - else then = now; + else + then = now; } } @@ -559,10 +545,10 @@ if (oncelog != NULL && *oncelog != 0 && to != NULL) /* We are going to send a message. Ensure any requested file is available. */ -if (file != NULL) +if (file) { ff = Ufopen(file, "rb"); - if (ff == NULL && !ob->file_optional) + if (!ff && !ob->file_optional) { addr->transport_return = DEFER; addr->message = string_sprintf("Failed to open file %s when sending " @@ -583,6 +569,7 @@ if (pid < 0) addr->message = string_sprintf("Failed to create child process to send " "message from %s transport: %s", tblock->name, strerror(errno)); DEBUG(D_transport) debug_printf("%s\n", addr->message); + if (dbm_file) EXIM_DBCLOSE(dbm_file); return FALSE; } @@ -592,20 +579,20 @@ are newlines in it which might, if placed earlier, screw up other headers. */ f = fdopen(fd, "wb"); -if (from != NULL) fprintf(f, "From: %s\n", from); -if (reply_to != NULL) fprintf(f, "Reply-To: %s\n", reply_to); -if (to != NULL) fprintf(f, "To: %s\n", to); -if (cc != NULL) fprintf(f, "Cc: %s\n", cc); -if (bcc != NULL) fprintf(f, "Bcc: %s\n", bcc); -if (subject != NULL) fprintf(f, "Subject: %s\n", subject); +if (from) fprintf(f, "From: %s\n", from); +if (reply_to) fprintf(f, "Reply-To: %s\n", reply_to); +if (to) fprintf(f, "To: %s\n", to); +if (cc) fprintf(f, "Cc: %s\n", cc); +if (bcc) fprintf(f, "Bcc: %s\n", bcc); +if (subject) fprintf(f, "Subject: %s\n", subject); /* Generate In-Reply-To from the message_id header; there should always be one, but code defensively. */ -for (h = header_list; h != NULL; h = h->next) +for (h = header_list; h; h = h->next) if (h->type == htype_id) break; -if (h != NULL) +if (h) { message_id = Ustrchr(h->text, ':') + 1; while (isspace(*message_id)) message_id++; @@ -615,12 +602,12 @@ if (h != NULL) /* Generate a References header if there is at least one of Message-ID:, References:, or In-Reply-To: (see RFC 2822). */ -for (h = header_list; h != NULL; h = h->next) +for (h = header_list; h; h = h->next) if (h->type != htype_old && strncmpic(US"References:", h->text, 11) == 0) break; -if (h == NULL) - for (h = header_list; h != NULL; h = h->next) +if (!h) + for (h = header_list; h; h = h->next) if (h->type != htype_old && strncmpic(US"In-Reply-To:", h->text, 12) == 0) break; @@ -629,10 +616,10 @@ limit, some systems do not like headers growing beyond recognition. Keep the first message ID for the thread root and the last few for the position inside the thread, up to a maximum of 12 altogether. */ -if (h != NULL || message_id != NULL) +if (h || message_id) { fprintf(f, "References:"); - if (h != NULL) + if (h) { uschar *s, *id, *error; uschar *referenced_ids[12]; @@ -656,8 +643,8 @@ if (h != NULL || message_id != NULL) /* The message id will have a newline on the end of it. */ - if (message_id != NULL) fprintf(f, " %s", message_id); - else fprintf(f, "\n"); + if (message_id) fprintf(f, " %s", message_id); + else fprintf(f, "\n"); } /* Add an Auto-Submitted: header */ @@ -666,16 +653,16 @@ fprintf(f, "Auto-Submitted: auto-replied\n"); /* Add any specially requested headers */ -if (headers != NULL) fprintf(f, "%s\n", headers); +if (headers) fprintf(f, "%s\n", headers); fprintf(f, "\n"); -if (text != NULL) +if (text) { fprintf(f, "%s", CS text); if (text[Ustrlen(text)-1] != '\n') fprintf(f, "\n"); } -if (ff != NULL) +if (ff) { while (Ufgets(big_buffer, big_buffer_size, ff) != NULL) { @@ -684,11 +671,11 @@ if (ff != NULL) uschar *s = expand_string(big_buffer); DEBUG(D_transport) { - if (s == NULL) + if (!s) debug_printf("error while expanding line from file:\n %s\n %s\n", big_buffer, expand_string_message); } - fprintf(f, "%s", (s == NULL)? CS big_buffer : CS s); + fprintf(f, "%s", s ? CS s : CS big_buffer); } else fprintf(f, "%s", CS big_buffer); } @@ -807,7 +794,6 @@ try will skip, of course. However, if there were no recipients in the message, we do not fail. */ if (rc != 0) - { if (rc == EXIT_NORECIPIENTS) { DEBUG(D_any) debug_printf("%s transport: message contained no recipients\n", @@ -820,7 +806,6 @@ if (rc != 0) "transport (%d)", tblock->name, rc); goto END_OFF; } - } /* Log the sending of the message if successful and required. If the file fails to open, it's hard to know what to do. We cannot write to the Exim @@ -831,7 +816,7 @@ file opened for appending, in order to avoid interleaving of output from different processes. The log_buffer can be used exactly as for main log writing. */ -if (logfile != NULL) +if (logfile) { int log_fd = Uopen(logfile, O_WRONLY|O_APPEND|O_CREAT, ob->mode); if (log_fd >= 0) @@ -840,37 +825,37 @@ if (logfile != NULL) DEBUG(D_transport) debug_printf("logging message details\n"); sprintf(CS ptr, "%s\n", tod_stamp(tod_log)); while(*ptr) ptr++; - if (from != NULL) + if (from) { (void)string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer), " From: %s\n", from); while(*ptr) ptr++; } - if (to != NULL) + if (to) { (void)string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer), " To: %s\n", to); while(*ptr) ptr++; } - if (cc != NULL) + if (cc) { (void)string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer), " Cc: %s\n", cc); while(*ptr) ptr++; } - if (bcc != NULL) + if (bcc) { (void)string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer), " Bcc: %s\n", bcc); while(*ptr) ptr++; } - if (subject != NULL) + if (subject) { (void)string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer), " Subject: %s\n", subject); while(*ptr) ptr++; } - if (headers != NULL) + if (headers) { (void)string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer), " %s\n", headers); diff --git a/test/runtest b/test/runtest index 373043c4d..0e7e8ee0b 100755 --- a/test/runtest +++ b/test/runtest @@ -1106,6 +1106,10 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^(ppppp )?setsockopt FASTOPEN: Protocol not available$/; + # Specific pointer values reported for DB operations change from run to run + s/^(returned from EXIM_DBOPEN: 0x)[0-9a-f]+/$1AAAAAAAA/; + s/^(EXIM_DBCLOSE.0x)[0-9a-f]+/$1AAAAAAAA/; + # When Exim is checking the size of directories for maildir, it uses # the check_dir_size() function to scan directories. Of course, the order # of the files that are obtained using readdir() varies from system to diff --git a/test/stderr/0275 b/test/stderr/0275 index 5f76af09a..089dc2a8b 100644 --- a/test/stderr/0275 +++ b/test/stderr/0275 @@ -198,9 +198,10 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -307,8 +308,9 @@ search_tidyup called --------> userx@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to userx transport=t1 diff --git a/test/stderr/0278 b/test/stderr/0278 index 2d9967293..b7c7913df 100644 --- a/test/stderr/0278 +++ b/test/stderr/0278 @@ -145,9 +145,10 @@ Delivery address list: CALLER@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: CALLER@test.ex @@ -209,8 +210,9 @@ search_tidyup called --------> CALLER@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to CALLER transport=t1 diff --git a/test/stderr/0361 b/test/stderr/0361 index 2506e1cfb..4d3bb363b 100644 --- a/test/stderr/0361 +++ b/test/stderr/0361 @@ -86,8 +86,9 @@ Delivery address list: kilos@recurse.test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: kilos@recurse.test.ex @@ -122,8 +123,9 @@ rewrite_one_header: type=F: re-routed to kilos@recurse.test.ex.test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: kilos@recurse.test.ex.test.ex @@ -161,8 +163,9 @@ routed by r3 router transport: locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: kilos@recurse.test.ex.test.ex @@ -209,8 +212,9 @@ search_tidyup called --------> kilos@recurse.test.ex.test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to kilos transport=t2 diff --git a/test/stderr/0386 b/test/stderr/0386 index 6fb8a5536..5573a9964 100644 --- a/test/stderr/0386 +++ b/test/stderr/0386 @@ -252,9 +252,10 @@ Delivery address list: 2@b locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: 2@b @@ -289,8 +290,9 @@ search_tidyup called --------> 2@b <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to 2 <2@b> transport=t1 @@ -434,8 +436,9 @@ Delivery address list: 2@b locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: 2@b @@ -470,8 +473,9 @@ search_tidyup called --------> 2@b <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to 2 <2@b> transport=t1 diff --git a/test/stderr/0388 b/test/stderr/0388 index 92b3f23e1..5a21445c9 100644 --- a/test/stderr/0388 +++ b/test/stderr/0388 @@ -9,9 +9,10 @@ set_process_info: pppp delivering specified messages set_process_info: pppp delivering 10HmaX-0005vi-00 locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: x@y @@ -76,8 +77,9 @@ set_process_info: pppp delivering 10HmaX-0005vi-00 using smtp checking status of 127.0.0.1 locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available 127.0.0.1 in serialize_hosts? no (option unset) set_process_info: pppp delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (x@y) @@ -107,8 +109,9 @@ address match test: subject=*@127.0.0.1 pattern=* checking status of V4NET.0.0.0 locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available V4NET.0.0.0 in serialize_hosts? no (option unset) set_process_info: pppp delivering 10HmaX-0005vi-00 to V4NET.0.0.0 [V4NET.0.0.0] (x@y) @@ -137,8 +140,8 @@ Deferred addresses: x@y locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x2 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/retry: flags=O_RDWR address match test: subject=x@y pattern=* y in "*"? yes (matched "*") @@ -164,6 +167,7 @@ dbfn_write: key=T:V4NET.0.0.0:V4NET.0.0.0:1224 timed out: all retries expired LOG: MAIN ** x@y: retry timeout exceeded +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile end of retry processing exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d=0xebb95ced -odi -odi -t -oem -oi -f <> -E10HmaX-0005vi-00 @@ -236,8 +240,8 @@ set_process_info: pppp delivering specified messages set_process_info: pppp delivering 10HmaY-0005vi-00 locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/retry: flags=O_RDONLY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: CALLER@myhost.test.ex @@ -248,6 +252,7 @@ dbfn_read: key=R:CALLER@myhost.test.ex:<> no domain retry record no address retry record CALLER@myhost.test.ex: queued for routing +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> routing CALLER@myhost.test.ex diff --git a/test/stderr/0398 b/test/stderr/0398 index b975ad05a..f61f37457 100644 --- a/test/stderr/0398 +++ b/test/stderr/0398 @@ -120,13 +120,14 @@ routed by r2 router Attempting full verification using callout locking TESTSUITE/spool/db/callout.lockfile locked TESTSUITE/spool/db/callout.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/callout) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x2 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/callout: flags=O_RDWR dbfn_read: key=remote callout cache: found domain record for remote dbfn_read: key=qq@remote callout cache: no address record found for qq@remote +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile interface=NULL port=1224 Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected @@ -150,14 +151,15 @@ cmd buf flush ddd bytes SMTP(close)>> locking TESTSUITE/spool/db/callout.lockfile locked TESTSUITE/spool/db/callout.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/callout) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x42 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/callout: flags=O_RDWR|O_CREAT dbfn_write: key=remote wrote callout cache domain record for remote: result=1 postmaster=0 random=0 dbfn_write: key=qq@remote wrote negative callout cache address record for qq@remote +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile ----------- end verify ------------ l_message: $acl_verify_message @@ -231,14 +233,15 @@ routed by r2 router Attempting full verification using callout locking TESTSUITE/spool/db/callout.lockfile locked TESTSUITE/spool/db/callout.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/callout) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x2 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/callout: flags=O_RDWR dbfn_read: key=remote callout cache: found domain record for remote dbfn_read: key=qq@remote callout cache: found address record for qq@remote callout cache: address record is negative +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile ----------- end verify ------------ l_message: $acl_verify_message diff --git a/test/stderr/0402 b/test/stderr/0402 index 7f301651b..8d62a2ef5 100644 --- a/test/stderr/0402 +++ b/test/stderr/0402 @@ -221,9 +221,10 @@ Delivery address list: rd+usery@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: CALLER@test.ex @@ -416,8 +417,9 @@ routed by r1 router transport: t1 locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: TESTSUITE/test-mail/junk @@ -443,8 +445,9 @@ search_tidyup called --------> TESTSUITE/test-mail/junk <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available ┌considering: /non-exist/$local_part ├──expanding: /non-exist/$local_part @@ -502,8 +505,9 @@ LOG: MAIN --------> TESTSUITE/test-mail/junk <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to TESTSUITE/test-mail/junk transport=ft1 @@ -558,8 +562,9 @@ LOG: MAIN --------> CALLER@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to CALLER transport=t1 @@ -583,8 +588,9 @@ LOG: MAIN --------> usery@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available ┌considering: /non-exist/$local_part ├──expanding: /non-exist/$local_part @@ -611,8 +617,9 @@ LOG: MAIN --------> userz@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available ┌considering: /$local_part ├──expanding: /$local_part diff --git a/test/stderr/0403 b/test/stderr/0403 index 716cabdf2..a77d8cd98 100644 --- a/test/stderr/0403 +++ b/test/stderr/0403 @@ -74,9 +74,10 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -137,8 +138,9 @@ routed by r1 router transport: locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: TESTSUITE/test-mail/junk @@ -156,8 +158,9 @@ search_tidyup called --------> TESTSUITE/test-mail/junk <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to TESTSUITE/test-mail/junk transport=t1 diff --git a/test/stderr/0404 b/test/stderr/0404 index 3b7605ba7..1718307be 100644 --- a/test/stderr/0404 +++ b/test/stderr/0404 @@ -177,9 +177,10 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -220,8 +221,9 @@ routed by r2 router transport: locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: >sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex, ... @@ -239,8 +241,9 @@ search_tidyup called --------> >sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex, ... <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to >sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex, ... <>sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex,sender@test.ex, ...> transport=t1 @@ -3375,8 +3378,9 @@ Delivery address list: sender@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: sender@test.ex @@ -17981,8 +17985,9 @@ sender@test.ex is a duplicate address: discarded --------> sender@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to sender transport=t2 diff --git a/test/stderr/0408 b/test/stderr/0408 index 9cdb41d96..fddbe4a46 100644 --- a/test/stderr/0408 +++ b/test/stderr/0408 @@ -74,9 +74,10 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -138,8 +139,9 @@ search_tidyup called --------> userx@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to userx transport=t1 diff --git a/test/stderr/0432 b/test/stderr/0432 index 6ac5a0428..79117e25a 100644 --- a/test/stderr/0432 +++ b/test/stderr/0432 @@ -81,13 +81,14 @@ get[host|ipnode]byname[2] looked up these IP addresses: Attempting full verification using callout locking TESTSUITE/spool/db/callout.lockfile locked TESTSUITE/spool/db/callout.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/callout) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x2 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/callout: flags=O_RDWR dbfn_read: key=y callout cache: no domain record found for y dbfn_read: key=x@y callout cache: no address record found for x@y +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile interface=NULL port=1224 Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected @@ -111,14 +112,15 @@ cmd buf flush ddd bytes SMTP(close)>> locking TESTSUITE/spool/db/callout.lockfile locked TESTSUITE/spool/db/callout.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/callout) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x42 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/callout: flags=O_RDWR|O_CREAT dbfn_write: key=y wrote callout cache domain record for y: result=1 postmaster=0 random=0 dbfn_write: key=x@y wrote positive callout cache address record for x@y +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile ----------- end verify ------------ sender x@y verified ok @@ -189,14 +191,15 @@ get[host|ipnode]byname[2] looked up these IP addresses: Attempting full verification using callout locking TESTSUITE/spool/db/callout.lockfile locked TESTSUITE/spool/db/callout.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/callout) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x2 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/callout: flags=O_RDWR dbfn_read: key=y callout cache: found domain record for y dbfn_read: key=x@y callout cache: found address record for x@y callout cache: address record is positive +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile ----------- end verify ------------ sender x@y verified ok diff --git a/test/stderr/0487 b/test/stderr/0487 index 70da61fff..56e21b60e 100644 --- a/test/stderr/0487 +++ b/test/stderr/0487 @@ -103,9 +103,10 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -140,8 +141,9 @@ search_tidyup called --------> userx@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to userx transport=t1 diff --git a/test/stderr/2600 b/test/stderr/2600 index 599be797a..ffdad152f 100644 --- a/test/stderr/2600 +++ b/test/stderr/2600 @@ -362,9 +362,10 @@ Delivery address list: userx@myhost.test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@myhost.test.ex @@ -409,8 +410,9 @@ search_tidyup called --------> userx@myhost.test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to userx transport=t1 diff --git a/test/stderr/5004 b/test/stderr/5004 index bedf5be2e..08b4c9784 100644 --- a/test/stderr/5004 +++ b/test/stderr/5004 @@ -78,9 +78,10 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -116,8 +117,9 @@ routed by r1 router transport: locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: TESTSUITE/test-mail @@ -135,8 +137,9 @@ search_tidyup called --------> TESTSUITE/test-mail <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to TESTSUITE/test-mail transport=t1 diff --git a/test/stderr/5005 b/test/stderr/5005 index a68bc11c9..7e6ea98b2 100644 --- a/test/stderr/5005 +++ b/test/stderr/5005 @@ -74,9 +74,10 @@ Delivery address list: nofile@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: nofile@test.ex @@ -111,8 +112,9 @@ search_tidyup called --------> nofile@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to nofile transport=t1 @@ -263,8 +265,9 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -299,8 +302,9 @@ search_tidyup called --------> userx@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to userx transport=t1 @@ -453,8 +457,9 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -489,8 +494,9 @@ search_tidyup called --------> userx@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to userx transport=t1 @@ -547,8 +553,8 @@ Deferred addresses: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x2 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/retry: flags=O_RDWR address match test: subject=userx@test.ex pattern=* test.ex in "*"? yes (matched "*") @@ -560,6 +566,7 @@ Writing retry data for T:userx@test.ex first failed=dddd last try=dddd next try=+86400 expired=0 errno=-22 more_errno=dd mailbox is full (MTA-imposed quota exceeded while writing to tmp/MAILDIR.myhost.test.ex) dbfn_write: key=T:userx@test.ex +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile end of retry processing delivery deferred: update_spool=1 header_rewritten=0 @@ -651,8 +658,8 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/retry: flags=O_RDONLY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -663,6 +670,7 @@ dbfn_read: key=R:userx@test.ex: no domain retry record no address retry record userx@test.ex: queued for routing +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> routing userx@test.ex @@ -691,12 +699,13 @@ search_tidyup called --------> userx@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/retry: flags=O_RDONLY dbfn_read: key=T:userx@test.ex retry record exists: age=ttt (max 1w) time to retry = tttt expired = 0 +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile search_tidyup called changed uid/gid: local delivery to userx transport=t1 @@ -740,8 +749,8 @@ Deferred addresses: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x2 +returned from EXIM_DBOPEN: 0xAAAAAAAA opened hints database TESTSUITE/spool/db/retry: flags=O_RDWR address match test: subject=userx@test.ex pattern=* test.ex in "*"? yes (matched "*") @@ -753,6 +762,7 @@ Writing retry data for T:userx@test.ex first failed=dddd last try=dddd next try=+86400 expired=0 errno=-22 more_errno=dd mailbox is full (MTA-imposed quota exceeded while writing to tmp/MAILDIR.myhost.test.ex) dbfn_write: key=T:userx@test.ex +EXIM_DBCLOSE(0xAAAAAAAA) closed hints database and lockfile end of retry processing delivery deferred: update_spool=1 header_rewritten=0 diff --git a/test/stderr/5006 b/test/stderr/5006 index 771f5fd56..e494f83b5 100644 --- a/test/stderr/5006 +++ b/test/stderr/5006 @@ -74,9 +74,10 @@ Delivery address list: userx@test.ex locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) ensuring TESTSUITE/spool/db/retry.lockfile is owned by exim +failed to open DB file TESTSUITE/spool/db/retry.lockfile: No such file or directory no retry data available >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Considering: userx@test.ex @@ -111,8 +112,9 @@ search_tidyup called --------> userx@test.ex <-------- locking TESTSUITE/spool/db/retry.lockfile locked TESTSUITE/spool/db/retry.lockfile -EXIM_DBOPEN(TESTSUITE/spool/db/retry) -returned from EXIM_DBOPEN +EXIM_DBOPEN: file dir flags 0x0 +returned from EXIM_DBOPEN: (nil) +failed to open DB file TESTSUITE/spool/db/retry: No such file or directory no retry data available search_tidyup called changed uid/gid: local delivery to userx transport=t1 -- cgit v1.2.3 From fae8970db0e012deb28c139744583aad49ab9fa4 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 18 Jul 2017 23:10:33 +0100 Subject: Fix cache-cold random callout verify. Bug 2147 --- doc/doc-txt/ChangeLog | 4 ++++ src/src/verify.c | 4 +++- test/log/0376 | 4 ---- test/log/0578 | 4 ---- test/rejectlog/0376 | 4 ---- test/rejectlog/0578 | 4 ---- test/stderr/0376 | 8 -------- test/stderr/0578 | 8 -------- test/stdout/0376 | 4 ++-- test/stdout/0578 | 4 ++-- 10 files changed, 11 insertions(+), 37 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index de8151f65..c5de41961 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -128,6 +128,10 @@ JH/19 Bug 2141: Use the full-complex API for Berkeley DB rather than the legacy- file in the working directory redirecting the DB files, possibly correpting some existing file. +JH/20 Bug 2147: Do not defer for a verify-with-callout-and-random which is not + cache-hot. Previously, although the result was properly cached, the + initial verify call returned a defer. + Exim version 4.89 ----------------- diff --git a/src/src/verify.c b/src/src/verify.c index 3a8f9b6bc..cda0b72e2 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -795,7 +795,9 @@ tls_retry_connection: { case PENDING_OK: new_domain_record.random_result = ccache_accept; - break; + yield = OK; /* Only usable result we can return */ + done = TRUE; + goto no_conn; case FAIL: new_domain_record.random_result = ccache_reject; diff --git a/test/log/0376 b/test/log/0376 index 0e2f661ac..fa191bcd5 100644 --- a/test/log/0376 +++ b/test/log/0376 @@ -12,10 +12,6 @@ 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root F= temporarily rejected RCPT : Could not complete sender verify callout -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root F= temporarily rejected RCPT : Could not complete sender verify callout 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : SMTP timeout after RCPT TO: 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= temporarily rejected RCPT : Could not complete sender verify callout 1999-03-02 09:44:33 10HmaX-0005vi-00 <= ok7@otherhost53 H=[V4NET.0.0.7] U=root P=smtp S=sss diff --git a/test/log/0578 b/test/log/0578 index 7c38e638c..60ddf3c13 100644 --- a/test/log/0578 +++ b/test/log/0578 @@ -12,10 +12,6 @@ 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK accepting that random recipient -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root F= temporarily rejected RCPT : Could not complete sender verify callout -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root F= temporarily rejected RCPT : Could not complete sender verify callout 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : SMTP timeout after RCPT TO: 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= temporarily rejected RCPT : Could not complete sender verify callout 1999-03-02 09:44:33 10HmaX-0005vi-00 <= ok7@otherhost53 H=[V4NET.0.0.7] U=root P=smtp S=sss diff --git a/test/rejectlog/0376 b/test/rejectlog/0376 index 47ad1638d..1702cec04 100644 --- a/test/rejectlog/0376 +++ b/test/rejectlog/0376 @@ -12,9 +12,5 @@ 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root F= temporarily rejected RCPT : Could not complete sender verify callout -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root F= temporarily rejected RCPT : Could not complete sender verify callout 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : SMTP timeout after RCPT TO: 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= temporarily rejected RCPT : Could not complete sender verify callout diff --git a/test/rejectlog/0578 b/test/rejectlog/0578 index db94a4d6e..bf20a240d 100644 --- a/test/rejectlog/0578 +++ b/test/rejectlog/0578 @@ -12,9 +12,5 @@ 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK accepting that random recipient -1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root F= temporarily rejected RCPT : Could not complete sender verify callout -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -1999-03-02 09:44:33 H=[V4NET.0.0.4] U=root F= temporarily rejected RCPT : Could not complete sender verify callout 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : SMTP timeout after RCPT TO: 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= temporarily rejected RCPT : Could not complete sender verify callout diff --git a/test/stderr/0376 b/test/stderr/0376 index bcddefdfa..abd462b01 100644 --- a/test/stderr/0376 +++ b/test/stderr/0376 @@ -323,10 +323,6 @@ Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected SMTP(close)>> wrote callout cache domain record for otherhost3: result=1 postmaster=0 random=1 -LOG: MAIN REJECT - H=[V4NET.0.0.3] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -LOG: MAIN REJECT - H=[V4NET.0.0.3] U=root F= temporarily rejected RCPT : Could not complete sender verify callout LOG: smtp_connection MAIN SMTP connection from root closed by QUIT >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> @@ -373,10 +369,6 @@ Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected SMTP(close)>> wrote callout cache domain record for otherhost4: result=1 postmaster=0 random=1 -LOG: MAIN REJECT - H=[V4NET.0.0.4] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -LOG: MAIN REJECT - H=[V4NET.0.0.4] U=root F= temporarily rejected RCPT : Could not complete sender verify callout LOG: smtp_connection MAIN SMTP connection from root closed by QUIT >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stderr/0578 b/test/stderr/0578 index 74581fd9c..9f634c8c4 100644 --- a/test/stderr/0578 +++ b/test/stderr/0578 @@ -337,10 +337,6 @@ Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected SMTP(close)>> wrote callout cache domain record for otherhost3: result=1 postmaster=0 random=1 -LOG: MAIN REJECT - H=[V4NET.0.0.3] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK accepting that random recipient -LOG: MAIN REJECT - H=[V4NET.0.0.3] U=root F= temporarily rejected RCPT : Could not complete sender verify callout LOG: smtp_connection MAIN SMTP connection from root closed by QUIT >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> @@ -389,10 +385,6 @@ Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected SMTP(close)>> wrote callout cache domain record for otherhost4: result=1 postmaster=0 random=1 -LOG: MAIN REJECT - H=[V4NET.0.0.4] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : response to "RCPT TO:" was: 250 OK -LOG: MAIN REJECT - H=[V4NET.0.0.4] U=root F= temporarily rejected RCPT : Could not complete sender verify callout LOG: smtp_connection MAIN SMTP connection from root closed by QUIT >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stdout/0376 b/test/stdout/0376 index 8c2b9685c..a0af2cb92 100644 --- a/test/stdout/0376 +++ b/test/stdout/0376 @@ -78,7 +78,7 @@ 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK -451 Could not complete sender verify callout +250 Accepted 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK @@ -86,7 +86,7 @@ 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK -451 Could not complete sender verify callout +250 Accepted 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK diff --git a/test/stdout/0578 b/test/stdout/0578 index 40b265041..d3089e7e4 100644 --- a/test/stdout/0578 +++ b/test/stdout/0578 @@ -78,7 +78,7 @@ 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK -451 Could not complete sender verify callout +250 Accepted 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK @@ -86,7 +86,7 @@ 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK -451 Could not complete sender verify callout +250 Accepted 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK -- cgit v1.2.3 From 14de8063d82edc5bf003ed50abdea55ac542679b Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 22 Jul 2017 16:38:08 +0100 Subject: On callout avoid SIZE every time but noncacheable rcpt main-verify. Bug 2151 --- doc/doc-txt/ChangeLog | 4 ++ src/src/deliver.c | 2 +- src/src/exim.c | 10 ++-- src/src/macros.h | 16 +++--- src/src/transport.c | 10 ++-- src/src/transports/smtp.c | 126 ++++++++++++++++++++++--------------------- src/src/transports/smtp.h | 1 + src/src/verify.c | 20 ++++--- test/confs/0227 | 2 + test/log/0227 | 3 ++ test/rejectlog/0227 | 3 ++ test/scripts/0000-Basic/0227 | 84 ++++++++++++++++++++++++++++- test/stderr/0227 | 67 ++++++++++++++++++++++- test/stderr/2035 | 2 +- test/stderr/2135 | 2 +- test/stderr/5410 | 6 +-- test/stderr/5420 | 6 +-- test/stderr/5840 | 4 +- test/stdout/0227 | 79 ++++++++++++++++++++++++++- 19 files changed, 344 insertions(+), 103 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index c5de41961..cc0b90134 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -132,6 +132,10 @@ JH/20 Bug 2147: Do not defer for a verify-with-callout-and-random which is not cache-hot. Previously, although the result was properly cached, the initial verify call returned a defer. +JH/21 Bug 2151 (partial): + Avoid using SIZE on the MAIL for a callout verify, on any but + the main verify for receipient in uncached-mode. + Exim version 4.89 ----------------- diff --git a/src/src/deliver.c b/src/src/deliver.c index bf465c977..49281f93d 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -8474,7 +8474,7 @@ if (cutthrough.fd >= 0 && cutthrough.callout_hold_only) #ifdef SUPPORT_TLS if (cutthrough.is_tls) { - smtp_peer_options |= PEER_OFFERED_TLS; + smtp_peer_options |= OPTION_TLS; sending_ip_address = cutthrough.snd_ip; sending_port = cutthrough.snd_port; diff --git a/src/src/exim.c b/src/src/exim.c index 0285e162a..37cf8bc6e 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -2738,7 +2738,7 @@ for (i = 1; i < argc; i++) /* -MCD: set the smtp_use_dsn flag; this indicates that the host that exim is connected to supports the esmtp extension DSN */ - case 'D': smtp_peer_options |= PEER_OFFERED_DSN; break; + case 'D': smtp_peer_options |= OPTION_DSN; break; /* -MCG: set the queue name, to a non-default value */ @@ -2748,12 +2748,12 @@ for (i = 1; i < argc; i++) /* -MCK: the peer offered CHUNKING. Must precede -MC */ - case 'K': smtp_peer_options |= PEER_OFFERED_CHUNKING; break; + case 'K': smtp_peer_options |= OPTION_CHUNKING; break; /* -MCP: set the smtp_use_pipelining flag; this is useful only when it preceded -MC (see above) */ - case 'P': smtp_peer_options |= PEER_OFFERED_PIPE; break; + case 'P': smtp_peer_options |= OPTION_PIPE; break; /* -MCQ: pass on the pid of the queue-running process that started this chain of deliveries and the fd of its synchronizing pipe; this @@ -2768,7 +2768,7 @@ for (i = 1; i < argc; i++) /* -MCS: set the smtp_use_size flag; this is useful only when it precedes -MC (see above) */ - case 'S': smtp_peer_options |= PEER_OFFERED_SIZE; break; + case 'S': smtp_peer_options |= OPTION_SIZE; break; #ifdef SUPPORT_TLS /* -MCt: similar to -MCT below but the connection is still open @@ -2788,7 +2788,7 @@ for (i = 1; i < argc; i++) precedes -MC (see above). The flag indicates that the host to which Exim is connected has offered TLS support. */ - case 'T': smtp_peer_options |= PEER_OFFERED_TLS; break; + case 'T': smtp_peer_options |= OPTION_TLS; break; #endif default: badarg = TRUE; break; diff --git a/src/src/macros.h b/src/src/macros.h index 8b608f7f8..a8022adf6 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -972,14 +972,14 @@ enum { FILTER_UNSET, FILTER_FORWARD, FILTER_EXIM, FILTER_SIEVE }; /* Codes for ESMTP facilities offered by peer */ -#define PEER_OFFERED_TLS BIT(0) -#define PEER_OFFERED_IGNQ BIT(1) -#define PEER_OFFERED_PRDR BIT(2) -#define PEER_OFFERED_UTF8 BIT(3) -#define PEER_OFFERED_DSN BIT(4) -#define PEER_OFFERED_PIPE BIT(5) -#define PEER_OFFERED_SIZE BIT(6) -#define PEER_OFFERED_CHUNKING BIT(7) +#define OPTION_TLS BIT(0) +#define OPTION_IGNQ BIT(1) +#define OPTION_PRDR BIT(2) +#define OPTION_UTF8 BIT(3) +#define OPTION_DSN BIT(4) +#define OPTION_PIPE BIT(5) +#define OPTION_SIZE BIT(6) +#define OPTION_CHUNKING BIT(7) /* Argument for *_getc */ diff --git a/src/src/transport.c b/src/src/transport.c index 6590fa7fb..b26251c88 100644 --- a/src/src/transport.c +++ b/src/src/transport.c @@ -1866,12 +1866,12 @@ but we have a number of extras that may be added. */ argv = CUSS child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0); if (smtp_authenticated) argv[i++] = US"-MCA"; -if (smtp_peer_options & PEER_OFFERED_CHUNKING) argv[i++] = US"-MCK"; -if (smtp_peer_options & PEER_OFFERED_DSN) argv[i++] = US"-MCD"; -if (smtp_peer_options & PEER_OFFERED_PIPE) argv[i++] = US"-MCP"; -if (smtp_peer_options & PEER_OFFERED_SIZE) argv[i++] = US"-MCS"; +if (smtp_peer_options & OPTION_CHUNKING) argv[i++] = US"-MCK"; +if (smtp_peer_options & OPTION_DSN) argv[i++] = US"-MCD"; +if (smtp_peer_options & OPTION_PIPE) argv[i++] = US"-MCP"; +if (smtp_peer_options & OPTION_SIZE) argv[i++] = US"-MCS"; #ifdef SUPPORT_TLS -if (smtp_peer_options & PEER_OFFERED_TLS) +if (smtp_peer_options & OPTION_TLS) if (tls_out.active >= 0 || continue_proxy_cipher) { argv[i++] = US"-MCt"; diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index 477cdac4d..11a996c65 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -1316,44 +1316,44 @@ ehlo_response(uschar * buf, uschar checks) size_t bsize = Ustrlen(buf); #ifdef SUPPORT_TLS -if ( checks & PEER_OFFERED_TLS +if ( checks & OPTION_TLS && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_TLS; + checks &= ~OPTION_TLS; #endif -if ( checks & PEER_OFFERED_IGNQ +if ( checks & OPTION_IGNQ && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_IGNQ; + checks &= ~OPTION_IGNQ; -if ( checks & PEER_OFFERED_CHUNKING +if ( checks & OPTION_CHUNKING && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_CHUNKING; + checks &= ~OPTION_CHUNKING; #ifndef DISABLE_PRDR -if ( checks & PEER_OFFERED_PRDR +if ( checks & OPTION_PRDR && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_PRDR; + checks &= ~OPTION_PRDR; #endif #ifdef SUPPORT_I18N -if ( checks & PEER_OFFERED_UTF8 +if ( checks & OPTION_UTF8 && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_UTF8; + checks &= ~OPTION_UTF8; #endif -if ( checks & PEER_OFFERED_DSN +if ( checks & OPTION_DSN && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_DSN; + checks &= ~OPTION_DSN; -if ( checks & PEER_OFFERED_PIPE +if ( checks & OPTION_PIPE && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_PIPE; + checks &= ~OPTION_PIPE; -if ( checks & PEER_OFFERED_SIZE +if ( checks & OPTION_SIZE && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) - checks &= ~PEER_OFFERED_SIZE; + checks &= ~OPTION_SIZE; return checks; } @@ -1512,6 +1512,7 @@ sx->dane_required = verify_check_given_host(&sx->ob->hosts_require_dane, sx->hos if ((sx->max_rcpt = sx->tblock->max_addresses) == 0) sx->max_rcpt = 999999; sx->peer_offered = 0; +sx->avoid_option = 0; sx->igquotstr = US""; if (!sx->helo_data) sx->helo_data = sx->ob->helo_data; #ifdef EXPERIMENTAL_DSN_INFO @@ -1753,7 +1754,7 @@ goto SEND_QUIT; #ifdef SUPPORT_TLS if (sx->smtps) { - smtp_peer_options |= PEER_OFFERED_TLS; + smtp_peer_options |= OPTION_TLS; suppress_tls = FALSE; sx->ob->tls_tempfail_tryclear = FALSE; smtp_command = US"SSL-on-connect"; @@ -1818,18 +1819,18 @@ goto SEND_QUIT; } } - sx->peer_offered = smtp_peer_options = 0; + sx->avoid_option = sx->peer_offered = smtp_peer_options = 0; if (sx->esmtp || sx->lmtp) { sx->peer_offered = ehlo_response(sx->buffer, - PEER_OFFERED_TLS /* others checked later */ + OPTION_TLS /* others checked later */ ); /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */ #ifdef SUPPORT_TLS - smtp_peer_options |= sx->peer_offered & PEER_OFFERED_TLS; + smtp_peer_options |= sx->peer_offered & OPTION_TLS; #endif } } @@ -1871,7 +1872,7 @@ else ) { sx->peer_offered = smtp_peer_options; - pipelining_active = !!(smtp_peer_options & PEER_OFFERED_PIPE); + pipelining_active = !!(smtp_peer_options & OPTION_PIPE); HDEBUG(D_transport) debug_printf("continued connection, %s TLS\n", continue_proxy_cipher ? "proxied" : "verify conn with"); return OK; @@ -1888,7 +1889,7 @@ the client not be required to use TLS. If the response is bad, copy the buffer for error analysis. */ #ifdef SUPPORT_TLS -if ( smtp_peer_options & PEER_OFFERED_TLS +if ( smtp_peer_options & OPTION_TLS && !suppress_tls && verify_check_given_host(&sx->ob->hosts_avoid_tls, sx->host) != OK && ( !sx->verify @@ -2034,7 +2035,7 @@ else if ( sx->smtps { errno = ERRNO_TLSREQUIRED; message = string_sprintf("a TLS session is required, but %s", - smtp_peer_options & PEER_OFFERED_TLS + smtp_peer_options & OPTION_TLS ? "an attempt to start TLS failed" : "the server did not offer TLS support"); goto TLS_FAILED; } @@ -2055,60 +2056,60 @@ if (continue_hostname == NULL { sx->peer_offered = ehlo_response(sx->buffer, 0 /* no TLS */ - | (sx->lmtp && sx->ob->lmtp_ignore_quota ? PEER_OFFERED_IGNQ : 0) - | PEER_OFFERED_CHUNKING - | PEER_OFFERED_PRDR + | (sx->lmtp && sx->ob->lmtp_ignore_quota ? OPTION_IGNQ : 0) + | OPTION_CHUNKING + | OPTION_PRDR #ifdef SUPPORT_I18N - | (sx->addrlist->prop.utf8_msg ? PEER_OFFERED_UTF8 : 0) + | (sx->addrlist->prop.utf8_msg ? OPTION_UTF8 : 0) /*XXX if we hand peercaps on to continued-conn processes, must not depend on this addr */ #endif - | PEER_OFFERED_DSN - | PEER_OFFERED_PIPE - | (sx->ob->size_addition >= 0 ? PEER_OFFERED_SIZE : 0) + | OPTION_DSN + | OPTION_PIPE + | (sx->ob->size_addition >= 0 ? OPTION_SIZE : 0) ); /* Set for IGNOREQUOTA if the response to LHLO specifies support and the lmtp_ignore_quota option was set. */ - sx->igquotstr = sx->peer_offered & PEER_OFFERED_IGNQ ? US" IGNOREQUOTA" : US""; + sx->igquotstr = sx->peer_offered & OPTION_IGNQ ? US" IGNOREQUOTA" : US""; /* If the response to EHLO specified support for the SIZE parameter, note this, provided size_addition is non-negative. */ - smtp_peer_options |= sx->peer_offered & PEER_OFFERED_SIZE; + smtp_peer_options |= sx->peer_offered & OPTION_SIZE; /* Note whether the server supports PIPELINING. If hosts_avoid_esmtp matched the current host, esmtp will be false, so PIPELINING can never be used. If the current host matches hosts_avoid_pipelining, don't do it. */ - if ( sx->peer_offered & PEER_OFFERED_PIPE + if ( sx->peer_offered & OPTION_PIPE && verify_check_given_host(&sx->ob->hosts_avoid_pipelining, sx->host) != OK) - smtp_peer_options |= PEER_OFFERED_PIPE; + smtp_peer_options |= OPTION_PIPE; DEBUG(D_transport) debug_printf("%susing PIPELINING\n", - smtp_peer_options & PEER_OFFERED_PIPE ? "" : "not "); + smtp_peer_options & OPTION_PIPE ? "" : "not "); - if ( sx->peer_offered & PEER_OFFERED_CHUNKING + if ( sx->peer_offered & OPTION_CHUNKING && verify_check_given_host(&sx->ob->hosts_try_chunking, sx->host) != OK) - sx->peer_offered &= ~PEER_OFFERED_CHUNKING; + sx->peer_offered &= ~OPTION_CHUNKING; - if (sx->peer_offered & PEER_OFFERED_CHUNKING) + if (sx->peer_offered & OPTION_CHUNKING) {DEBUG(D_transport) debug_printf("CHUNKING usable\n");} #ifndef DISABLE_PRDR - if ( sx->peer_offered & PEER_OFFERED_PRDR + if ( sx->peer_offered & OPTION_PRDR && verify_check_given_host(&sx->ob->hosts_try_prdr, sx->host) != OK) - sx->peer_offered &= ~PEER_OFFERED_PRDR; + sx->peer_offered &= ~OPTION_PRDR; - if (sx->peer_offered & PEER_OFFERED_PRDR) + if (sx->peer_offered & OPTION_PRDR) {DEBUG(D_transport) debug_printf("PRDR usable\n");} #endif /* Note if the server supports DSN */ - smtp_peer_options |= sx->peer_offered & PEER_OFFERED_DSN; + smtp_peer_options |= sx->peer_offered & OPTION_DSN; DEBUG(D_transport) debug_printf("%susing DSN\n", - sx->peer_offered & PEER_OFFERED_DSN ? "" : "not "); + sx->peer_offered & OPTION_DSN ? "" : "not "); /* Note if the response to EHLO specifies support for the AUTH extension. If it has, check that this host is one we want to authenticate to, and do @@ -2125,7 +2126,7 @@ if (continue_hostname == NULL } } } -pipelining_active = !!(smtp_peer_options & PEER_OFFERED_PIPE); +pipelining_active = !!(smtp_peer_options & OPTION_PIPE); /* The setting up of the SMTP call is now complete. Any subsequent errors are message-specific. */ @@ -2143,7 +2144,7 @@ if (sx->addrlist->prop.utf8_msg) } /* If this is an international message we need the host to speak SMTPUTF8 */ -if (sx->utf8_needed && !(sx->peer_offered & PEER_OFFERED_UTF8)) +if (sx->utf8_needed && !(sx->peer_offered & OPTION_UTF8)) { errno = ERRNO_UTF8_FWD; goto RESPONSE_FAILED; @@ -2270,14 +2271,15 @@ int address_count; *p = 0; -/* If we know the receiving MTA supports the SIZE qualification, +/* If we know the receiving MTA supports the SIZE qualification, and we know it, send it, adding something to the message size to allow for imprecision and things that get added en route. Exim keeps the number of lines in a message, so we can give an accurate value for the original message, but we need some additional to handle added headers. (Double "." characters don't get included in the count.) */ -if (sx->peer_offered & PEER_OFFERED_SIZE) +if ( message_size > 0 + && sx->peer_offered & OPTION_SIZE && !(sx->avoid_option & OPTION_SIZE)) { /*XXX problem here under spool_files_wireformat? Or just forget about lines? Or inflate by a fixed proportion? */ @@ -2291,7 +2293,7 @@ Or just forget about lines? Or inflate by a fixed proportion? */ request that */ sx->prdr_active = FALSE; -if (sx->peer_offered & PEER_OFFERED_PRDR) +if (sx->peer_offered & OPTION_PRDR) for (addr = addrlist; addr; addr = addr->next) if (addr->transport_return == PENDING_DEFER) { @@ -2310,7 +2312,7 @@ if (sx->peer_offered & PEER_OFFERED_PRDR) /* If it supports internationalised messages, and this meesage need that, request it */ -if ( sx->peer_offered & PEER_OFFERED_UTF8 +if ( sx->peer_offered & OPTION_UTF8 && addrlist->prop.utf8_msg && !addrlist->prop.utf8_downcvt ) @@ -2332,7 +2334,7 @@ for (sx->dsn_all_lasthop = TRUE, addr = addrlist, address_count = 0; /* Add any DSN flags to the mail command */ -if (sx->peer_offered & PEER_OFFERED_DSN && !sx->dsn_all_lasthop) +if (sx->peer_offered & OPTION_DSN && !sx->dsn_all_lasthop) { if (dsn_ret == dsn_ret_hdrs) { Ustrcpy(p, " RET=HDRS"); p += 9; } @@ -2368,7 +2370,7 @@ uschar * p = sx->buffer; /* Add any DSN flags to the rcpt command */ -if (sx->peer_offered & PEER_OFFERED_DSN && !(addr->dsn_flags & rf_dsnlasthop)) +if (sx->peer_offered & OPTION_DSN && !(addr->dsn_flags & rf_dsnlasthop)) { if (addr->dsn_flags & rf_dsnflags) { @@ -2438,7 +2440,7 @@ sx->pending_MAIL = TRUE; /* The block starts with MAIL */ the delivery log line. */ if ( sx->addrlist->prop.utf8_msg - && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & PEER_OFFERED_UTF8)) + && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & OPTION_UTF8)) ) { if (s = string_address_utf8_to_alabel(s, &errstr), errstr) @@ -2502,7 +2504,7 @@ for (addr = sx->first_addr, address_count = 0; BOOL no_flush; uschar * rcpt_addr; - addr->dsn_aware = sx->peer_offered & PEER_OFFERED_DSN + addr->dsn_aware = sx->peer_offered & OPTION_DSN ? dsn_support_yes : dsn_support_no; address_count++; @@ -2762,10 +2764,10 @@ if (tblock->filter_command) if ( transport_filter_argv && *transport_filter_argv && **transport_filter_argv - && sx.peer_offered & PEER_OFFERED_CHUNKING + && sx.peer_offered & OPTION_CHUNKING ) { - sx.peer_offered &= ~PEER_OFFERED_CHUNKING; + sx.peer_offered &= ~OPTION_CHUNKING; DEBUG(D_transport) debug_printf("CHUNKING not usable due to transport filter\n"); } } @@ -2847,7 +2849,7 @@ are pipelining. The responses are all handled by sync_responses(). If using CHUNKING, do not send a BDAT until we know how big a chunk we want to send is. */ -if ( !(sx.peer_offered & PEER_OFFERED_CHUNKING) +if ( !(sx.peer_offered & OPTION_CHUNKING) && (sx.ok || (pipelining_active && !mua_wrapper))) { int count = smtp_write_command(&sx.outblock, SCMD_FLUSH, "DATA\r\n"); @@ -2877,7 +2879,7 @@ for handling the SMTP dot-handling protocol, flagging to apply to headers as well as body. Set the appropriate timeout value to be used for each chunk. (Haven't been able to make it work using select() for writing yet.) */ -if (!(sx.peer_offered & PEER_OFFERED_CHUNKING) && !sx.ok) +if (!(sx.peer_offered & OPTION_CHUNKING) && !sx.ok) { /* Save the first address of the next batch. */ sx.first_addr = sx.next_addr; @@ -2904,7 +2906,7 @@ else of responses. The callback needs a whole bunch of state so set up a transport-context structure to be passed around. */ - if (sx.peer_offered & PEER_OFFERED_CHUNKING) + if (sx.peer_offered & OPTION_CHUNKING) { tctx.check_string = tctx.escape_string = NULL; tctx.options |= topt_use_bdat; @@ -2929,7 +2931,7 @@ else transport_write_timeout = sx.ob->data_timeout; smtp_command = US"sending data block"; /* For error messages */ DEBUG(D_transport|D_v) - if (sx.peer_offered & PEER_OFFERED_CHUNKING) + if (sx.peer_offered & OPTION_CHUNKING) debug_printf(" will write message using CHUNKING\n"); else debug_printf(" SMTP>> writing message and terminating \".\"\n"); @@ -2964,7 +2966,7 @@ else smtp_command = US"end of data"; - if (sx.peer_offered & PEER_OFFERED_CHUNKING && sx.cmd_count > 1) + if (sx.peer_offered & OPTION_CHUNKING && sx.cmd_count > 1) { /* Reap any outstanding MAIL & RCPT commands, but not a DATA-go-ahead */ switch(sync_responses(&sx, sx.cmd_count-1, 0)) @@ -3119,7 +3121,7 @@ else #ifndef DISABLE_PRDR if (sx.prdr_active) addr->flags |= af_prdr_used; #endif - if (sx.peer_offered & PEER_OFFERED_CHUNKING) addr->flags |= af_chunking_used; + if (sx.peer_offered & OPTION_CHUNKING) addr->flags |= af_chunking_used; flag = '-'; #ifndef DISABLE_PRDR @@ -3441,7 +3443,7 @@ if (sx.completed_addr && sx.ok && sx.send_quit) { /* Set up a pipe for proxying TLS for the new transport process */ - smtp_peer_options |= PEER_OFFERED_TLS; + smtp_peer_options |= OPTION_TLS; if (sx.ok = (socketpair(AF_UNIX, SOCK_STREAM, 0, pfd) == 0)) socket_fd = pfd[1]; else diff --git a/src/src/transports/smtp.h b/src/src/transports/smtp.h index 88b608bcc..c965a72a7 100644 --- a/src/src/transports/smtp.h +++ b/src/src/transports/smtp.h @@ -130,6 +130,7 @@ typedef struct { int cmd_count; uschar peer_offered; + uschar avoid_option; uschar * igquotstr; uschar * helo_data; #ifdef EXPERIMENTAL_DSN_INFO diff --git a/src/src/verify.c b/src/src/verify.c index cda0b72e2..6c71d7feb 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -785,8 +785,12 @@ tls_retry_connection: postmaster-verify. The sync_responses() would need to be taught about it and we'd need another return code filtering out to here. + + Avoid using a SIZE option on the MAIL for all randon-rcpt checks. */ + sx.avoid_option = OPTION_SIZE; + /* Remember when we last did a random test */ new_domain_record.random_stamp = time(NULL); @@ -798,8 +802,9 @@ tls_retry_connection: yield = OK; /* Only usable result we can return */ done = TRUE; goto no_conn; - case FAIL: + case FAIL: /* the preferred result */ new_domain_record.random_result = ccache_reject; + sx.avoid_option = 0; /* Between each check, issue RSET, because some servers accept only one recipient after MAIL FROM:<>. @@ -844,12 +849,14 @@ tls_retry_connection: else done = TRUE; - /* Main verify. If the host is accepting all local parts, as determined - by the "random" check, we don't need to waste time doing any further - checking. */ + /* Main verify. For rcpt-verify use SIZE if we know it and we're not cacheing; + for sndr-verify never use it. */ if (done) { + if (!(options & vopt_is_recipient && options & vopt_callout_no_cache)) + sx.avoid_option = OPTION_SIZE; + done = FALSE; switch(smtp_write_mail_and_rcpt_cmds(&sx, &yield)) { @@ -858,12 +865,12 @@ tls_retry_connection: case PENDING_OK: done = TRUE; new_address_record.result = ccache_accept; break; - case FAIL: done = TRUE; + case FAIL: done = TRUE; yield = FAIL; *failure_ptr = US"recipient"; new_address_record.result = ccache_reject; break; - default: break; + default: break; } break; @@ -916,6 +923,7 @@ tls_retry_connection: sx.ok = FALSE; sx.send_rset = TRUE; sx.completed_addr = FALSE; + sx.avoid_option = OPTION_SIZE; if( smtp_write_mail_and_rcpt_cmds(&sx, &yield) == 0 && addr->transport_return == PENDING_OK diff --git a/test/confs/0227 b/test/confs/0227 index ed988ac85..fea66e16f 100644 --- a/test/confs/0227 +++ b/test/confs/0227 @@ -24,6 +24,8 @@ check_recipient: !verify = sender/callout=no_cache deny hosts = V4NET.0.0.3 !verify = recipient/callout=no_cache + deny hosts = V4NET.0.0.7 + !verify = recipient/callout=no_cache,use_sender,random deny hosts = V4NET.0.0.5 !verify = sender/callout=no_cache/check_postmaster deny hosts = V4NET.0.0.6 diff --git a/test/log/0227 b/test/log/0227 index f1e64701c..d91075fb6 100644 --- a/test/log/0227 +++ b/test/log/0227 @@ -14,6 +14,9 @@ 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= rejected RCPT : relay not permitted 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root sender verify fail for : 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 550 Don't like postmaster 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= rejected RCPT : Sender verify failed +1999-03-02 09:44:33 H=(me) [V4NET.0.0.3] U=root F= rejected RCPT : relay not permitted +1999-03-02 09:44:33 H=(me) [V4NET.0.0.3] U=root F= rejected RCPT : relay not permitted +1999-03-02 09:44:33 H=(me) [V4NET.0.0.7] U=root F= rejected RCPT : relay not permitted 1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root F= rejected RCPT : 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 550 Recipient not liked 1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : Remote host closed connection in response to initial connection 1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root F= temporarily rejected RCPT : Could not complete sender verify callout diff --git a/test/rejectlog/0227 b/test/rejectlog/0227 index 8f5c0ad15..e44ddafbc 100644 --- a/test/rejectlog/0227 +++ b/test/rejectlog/0227 @@ -30,6 +30,9 @@ F From: abcd@x.y.z 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= rejected RCPT : relay not permitted 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root sender verify fail for : 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 550 Don't like postmaster 1999-03-02 09:44:33 H=[V4NET.0.0.5] U=root F= rejected RCPT : Sender verify failed +1999-03-02 09:44:33 H=(me) [V4NET.0.0.3] U=root F= rejected RCPT : relay not permitted +1999-03-02 09:44:33 H=(me) [V4NET.0.0.3] U=root F= rejected RCPT : relay not permitted +1999-03-02 09:44:33 H=(me) [V4NET.0.0.7] U=root F= rejected RCPT : relay not permitted 1999-03-02 09:44:33 H=[V4NET.0.0.3] U=root F= rejected RCPT : 127.0.0.1 [127.0.0.1] : SMTP error from remote mail server after RCPT TO:: 550 Recipient not liked 1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root sender verify defer for : Could not complete sender verify callout: 127.0.0.1 [127.0.0.1] : Remote host closed connection in response to initial connection 1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root F= temporarily rejected RCPT : Could not complete sender verify callout diff --git a/test/scripts/0000-Basic/0227 b/test/scripts/0000-Basic/0227 index a67dab2eb..e53c1da7f 100644 --- a/test/scripts/0000-Basic/0227 +++ b/test/scripts/0000-Basic/0227 @@ -12,11 +12,13 @@ RCPT TO QUIT 250 OK **** +# sender sudo exim -v -bs -oMa V4NET.0.0.1 MAIL FROM: RCPT TO: QUIT **** +# sender, no callout sudo exim -v -bs -oMa V4NET.0.0.2 MAIL FROM: RCPT TO: @@ -33,6 +35,7 @@ RCPT TO QUIT 250 OK **** +# sender, refused sudo exim -v -bs -oMa V4NET.0.0.1 MAIL FROM: RCPT TO: @@ -49,6 +52,7 @@ RCPT TO QUIT 250 OK **** +# sender, tmperr sudo exim -v -bs -oMa V4NET.0.0.1 MAIL FROM: RCPT TO: @@ -63,6 +67,7 @@ MAIL FROM QUIT 250 OK **** +# sender, err on mailfrom sudo exim -v -bs -oMa V4NET.0.0.1 MAIL FROM: RCPT TO: @@ -78,6 +83,7 @@ MAIL FROM QUIT 250 OK **** +# sender, err on mailfrom sudo exim -v -bs -oMa V4NET.0.0.1 MAIL FROM: RCPT TO: @@ -94,6 +100,7 @@ RCPT TO QUIT 250 OK **** +# recipient, refused sudo exim -v -bs -oMa V4NET.0.0.3 MAIL FROM: RCPT TO: @@ -111,11 +118,13 @@ RCPT TO QUIT 250 OK **** +# recipient, refused sudo exim -v -bs -oMa V4NET.0.0.3 MAIL FROM: RCPT TO: QUIT **** +# recipient, no conneect sudo exim -v -bs -oMa V4NET.0.0.3 MAIL FROM: RCPT TO: @@ -207,16 +216,17 @@ QUIT server PORT_S 220 Server ready EHLO -250- wotcher +250- wotcher sverifier 250-SIZE 250 OK -MAIL FROM +MAIL FROM:<> 250 OK RCPT TO 250 OK QUIT 250 OK **** +# sender, size known, tgt supports sixe sudo exim -v -bs -oMa V4NET.0.0.6 EHLO me MAIL FROM: SIZE=420000 @@ -226,6 +236,76 @@ QUIT # server PORT_S 220 Server ready +EHLO +250- wotcher rverifier +250-SIZE +250 OK +MAIL FROM:<> SIZE= +250 OK +RCPT TO +250 OK +QUIT +250 OK +**** +# receipient, size known, tgt supports size +sudo exim -v -bs -oMa V4NET.0.0.3 +EHLO me +MAIL FROM: SIZE=420000 +RCPT TO: +QUIT +**** +# +server PORT_S +220 Server ready +EHLO +250- wotcher rverifier +250-SIZE +250 OK +MAIL FROM:<> +250 OK +RCPT TO +250 OK +QUIT +250 OK +**** +# receipient, size unknown, tgt supports size +sudo exim -v -bs -oMa V4NET.0.0.3 +EHLO me +MAIL FROM: +RCPT TO: +QUIT +**** +# +server PORT_S +220 Server ready +EHLO +250- wotcher rverifier +250-SIZE +250 OK +MAIL FROM: +250 OK +RCPT TO: SIZE= +250 OK +RCPT TO: +250 OK +QUIT +250 OK +**** +# receipient, size known, tgt supports size, use_sender, w/random +# stdout should see SIZE on the main but not on the random receipient's MAIL FROM +sudo exim -v -bs -oMa V4NET.0.0.7 +EHLO me +MAIL FROM: SIZE=420000 +RCPT TO: +QUIT +**** +# +server PORT_S +220 Server ready LHLO 250 OK MAIL FROM diff --git a/test/stderr/0227 b/test/stderr/0227 index 6a8ee1f7e..e3282cc6f 100644 --- a/test/stderr/0227 +++ b/test/stderr/0227 @@ -222,10 +222,10 @@ LOG: smtp_connection MAIN Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected SMTP<< 220 Server ready SMTP>> EHLO myhost.test.ex - SMTP<< 250- wotcher + SMTP<< 250- wotcher sverifier 250-SIZE 250 OK - SMTP>> MAIL FROM:<> SIZE=ssss + SMTP>> MAIL FROM:<> SMTP<< 250 OK SMTP>> RCPT TO: SMTP<< 250 OK @@ -236,6 +236,69 @@ LOG: smtp_connection MAIN SMTP connection from root closed by QUIT LOG: smtp_connection MAIN SMTP connection from root +Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected + SMTP<< 220 Server ready + SMTP>> EHLO myhost.test.ex + SMTP<< 250- wotcher rverifier + 250-SIZE + 250 OK + SMTP>> MAIL FROM:<> SIZE=ssss + SMTP<< 250 OK + SMTP>> RCPT TO: + SMTP<< 250 OK + SMTP>> QUIT + SMTP<< 250 OK + SMTP(close)>> +LOG: MAIN REJECT + H=(me) [V4NET.0.0.3] U=root F= rejected RCPT : relay not permitted +LOG: smtp_connection MAIN + SMTP connection from root closed by QUIT +LOG: smtp_connection MAIN + SMTP connection from root +Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected + SMTP<< 220 Server ready + SMTP>> EHLO myhost.test.ex + SMTP<< 250- wotcher rverifier + 250-SIZE + 250 OK + SMTP>> MAIL FROM:<> + SMTP<< 250 OK + SMTP>> RCPT TO: + SMTP<< 250 OK + SMTP>> QUIT + SMTP<< 250 OK + SMTP(close)>> +LOG: MAIN REJECT + H=(me) [V4NET.0.0.3] U=root F= rejected RCPT : relay not permitted +LOG: smtp_connection MAIN + SMTP connection from root closed by QUIT +LOG: smtp_connection MAIN + SMTP connection from root +Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected + SMTP<< 220 Server ready + SMTP>> EHLO myhost.test.ex + SMTP<< 250- wotcher rverifier + 250-SIZE + 250 OK + SMTP>> MAIL FROM: + SMTP<< 250 OK + SMTP>> RCPT TO: + SMTP<< 550 RANDOM NOT OK + SMTP>> RSET + SMTP<< 250 OK + SMTP>> MAIL FROM: SIZE=ssss + SMTP<< 250 OK + SMTP>> RCPT TO: + SMTP<< 250 OK + SMTP>> QUIT + SMTP<< 250 OK + SMTP(close)>> +LOG: MAIN REJECT + H=(me) [V4NET.0.0.7] U=root F= rejected RCPT : relay not permitted +LOG: smtp_connection MAIN + SMTP connection from root closed by QUIT +LOG: smtp_connection MAIN + SMTP connection from root Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected SMTP<< 220 Server ready SMTP>> LHLO myhost.test.ex diff --git a/test/stderr/2035 b/test/stderr/2035 index e37495092..dedf4ad48 100644 --- a/test/stderr/2035 +++ b/test/stderr/2035 @@ -26,7 +26,7 @@ cmd buf flush ddd bytes 250 HELP using PIPELINING not using DSN - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK diff --git a/test/stderr/2135 b/test/stderr/2135 index 5a4de14ec..ac524d2af 100644 --- a/test/stderr/2135 +++ b/test/stderr/2135 @@ -26,7 +26,7 @@ cmd buf flush ddd bytes 250 HELP using PIPELINING not using DSN - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK diff --git a/test/stderr/5410 b/test/stderr/5410 index 6a37deb6e..b4db690ab 100644 --- a/test/stderr/5410 +++ b/test/stderr/5410 @@ -119,7 +119,7 @@ cmd buf flush ddd bytes using PIPELINING not using DSN 127.0.0.1 in hosts_require_auth? no (option unset) - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK @@ -345,7 +345,7 @@ cmd buf flush ddd bytes using PIPELINING not using DSN 127.0.0.1 in hosts_require_auth? no (option unset) - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK @@ -571,7 +571,7 @@ cmd buf flush ddd bytes using PIPELINING not using DSN 127.0.0.1 in hosts_require_auth? no (option unset) - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK diff --git a/test/stderr/5420 b/test/stderr/5420 index eaa40bce8..b34440046 100644 --- a/test/stderr/5420 +++ b/test/stderr/5420 @@ -118,7 +118,7 @@ cmd buf flush ddd bytes using PIPELINING not using DSN 127.0.0.1 in hosts_require_auth? no (option unset) - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK @@ -344,7 +344,7 @@ cmd buf flush ddd bytes using PIPELINING not using DSN 127.0.0.1 in hosts_require_auth? no (option unset) - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK @@ -570,7 +570,7 @@ cmd buf flush ddd bytes using PIPELINING not using DSN 127.0.0.1 in hosts_require_auth? no (option unset) - SMTP>> MAIL FROM: SIZE=ssss + SMTP>> MAIL FROM: SMTP>> RCPT TO: cmd buf flush ddd bytes SMTP<< 250 OK diff --git a/test/stderr/5840 b/test/stderr/5840 index 5ccf7cda0..bc8aeca30 100644 --- a/test/stderr/5840 +++ b/test/stderr/5840 @@ -50,9 +50,9 @@ >>> 250 HELP >>> ip4.ip4.ip4.ip4 in hosts_avoid_pipelining? no (option unset) >>> ip4.ip4.ip4.ip4 in hosts_require_auth? no (option unset) ->>> SMTP>> MAIL FROM:<> SIZE=ssss +>>> SMTP>> MAIL FROM:<> >>> SMTP>> RCPT TO: ->>> cmd buf flush 62 bytes +>>> cmd buf flush 52 bytes >>> SMTP<< 250 OK >>> SMTP<< 250 Accepted >>> SMTP>> QUIT diff --git a/test/stdout/0227 b/test/stdout/0227 index ea8520ef1..9ee7e9f54 100644 --- a/test/stdout/0227 +++ b/test/stdout/0227 @@ -88,6 +88,33 @@ 250 Accepted 221 myhost.test.ex closing connection 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250-myhost.test.ex Hello root at me [V4NET.0.0.3] +250-SIZE 52428800 +250-8BITMIME +250-PIPELINING +250 HELP +250 OK +550 relay not permitted +221 myhost.test.ex closing connection +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250-myhost.test.ex Hello root at me [V4NET.0.0.3] +250-SIZE 52428800 +250-8BITMIME +250-PIPELINING +250 HELP +250 OK +550 relay not permitted +221 myhost.test.ex closing connection +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250-myhost.test.ex Hello root at me [V4NET.0.0.7] +250-SIZE 52428800 +250-8BITMIME +250-PIPELINING +250 HELP +250 OK +550 relay not permitted +221 myhost.test.ex closing connection +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 250 OK 550-Callout verification failed: 550 550 Recipient not liked @@ -248,10 +275,10 @@ Listening on port 1224 ... Connection request from [127.0.0.1] 220 Server ready EHLO myhost.test.ex -250- wotcher +250- wotcher sverifier 250-SIZE 250 OK -MAIL FROM:<> SIZE=ssss +MAIL FROM:<> 250 OK RCPT TO: 250 OK @@ -261,6 +288,54 @@ End of script Listening on port 1224 ... Connection request from [127.0.0.1] 220 Server ready +EHLO myhost.test.ex +250- wotcher rverifier +250-SIZE +250 OK +MAIL FROM:<> SIZE=ssss +250 OK +RCPT TO: +250 OK +QUIT +250 OK +End of script +Listening on port 1224 ... +Connection request from [127.0.0.1] +220 Server ready +EHLO myhost.test.ex +250- wotcher rverifier +250-SIZE +250 OK +MAIL FROM:<> +250 OK +RCPT TO: +250 OK +QUIT +250 OK +End of script +Listening on port 1224 ... +Connection request from [127.0.0.1] +220 Server ready +EHLO myhost.test.ex +250- wotcher rverifier +250-SIZE +250 OK +MAIL FROM: +250 OK +RCPT TO: +550 RANDOM NOT OK +RSET +250 OK +MAIL FROM: SIZE=ssss +250 OK +RCPT TO: +250 OK +QUIT +250 OK +End of script +Listening on port 1224 ... +Connection request from [127.0.0.1] +220 Server ready LHLO myhost.test.ex 250 OK MAIL FROM:<> -- cgit v1.2.3 From fca5cb18a75fef98293e4afdc1d5fcad45230818 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 5 Aug 2017 14:06:36 +0100 Subject: Debugging: millisecond timestamps. Bug 2102 --- src/src/debug.c | 14 +- test/scripts/0000-Basic/0551 | 3 +- test/stderr/0551 | 305 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 317 insertions(+), 5 deletions(-) create mode 100644 test/stderr/0551 (limited to 'test/stderr') diff --git a/src/src/debug.c b/src/src/debug.c index 8c414d0f9..f6c8b2f62 100644 --- a/src/src/debug.c +++ b/src/src/debug.c @@ -182,10 +182,16 @@ if (debug_ptr == debug_buffer) { DEBUG(D_timestamp) { - time_t now = time(NULL); - struct tm *t = timestamps_utc? gmtime(&now) : localtime(&now); - debug_ptr += sprintf(CS debug_ptr, "%02d:%02d:%02d ", t->tm_hour, t->tm_min, - t->tm_sec); + struct timeval now; + time_t tmp; + struct tm * t; + + gettimeofday(&now, NULL); + tmp = now.tv_sec; + t = timestamps_utc ? gmtime(&now) : localtime(&now); + debug_ptr += sprintf(CS debug_ptr, + LOGGING(millisec) ? "%02d:%02d:%02d.%03d " : "%02d:%02d:%02d ", + t->tm_hour, t->tm_min, t->tm_sec, now.tv_usec/1000); } DEBUG(D_pid) diff --git a/test/scripts/0000-Basic/0551 b/test/scripts/0000-Basic/0551 index f71537ed3..1565275ea 100644 --- a/test/scripts/0000-Basic/0551 +++ b/test/scripts/0000-Basic/0551 @@ -6,9 +6,10 @@ Message 1 exim -DLOG_SELECTOR=+pid+queue_time -odi userx@test.ex userz@test.ex Message 2 **** -exim -DLOG_SELECTOR=+queue_time+queue_time_overall+deliver_time+millisec -odi userx@test.ex +exim -d+all -DLOG_SELECTOR=+queue_time+queue_time_overall+deliver_time+millisec -odi userx@test.ex Message 3 **** exigrep userx eximstats -ne -nr -nt -tnl -q0 -h0 -t0 no_msglog_check +no_stderr_check diff --git a/test/stderr/0551 b/test/stderr/0551 new file mode 100644 index 000000000..134ebac6b --- /dev/null +++ b/test/stderr/0551 @@ -0,0 +1,305 @@ +14:07:56 7857 Exim version x.yz uid=CALLER_UID gid=CALLER_GID pid=pppp D=fffdffff +14:07:56 7857 Total 20 lookups +14:07:56 7857 changed uid/gid: forcing real = effective +14:07:56 7857 uid=uuuu gid=CALLER_GID pid=pppp +14:07:56.452 7857 configuration file is TESTSUITE/test-config +14:07:56.452 7857 log selectors = 00000ffc 0c64c60a +14:07:56.452 7857 cwd=TESTSUITE 8 args: TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -C TESTSUITE/test-config -d+all -DLOG_SELECTOR=+queue_time+queue_time_overall+deliver_time+millisec -odi userx@test.ex +14:07:56.452 7857 admin user +14:07:56.453 7857 changed uid/gid: privilege not needed +14:07:56.453 7857 uid=EXIM_UID gid=EXIM_GID pid=pppp +14:07:56.453 7857 DSN: r1 propagating DSN +14:07:56.453 7857 seeking password data for user "CALLER": cache not available +14:07:56.453 7857 getpwnam() succeeded uid=CALLER_UID gid=CALLER_GID +14:07:56.453 7857 originator: uid=CALLER_UID gid=CALLER_GID login=CALLER name=CALLER_NAME +14:07:56.453 7857 sender address = CALLER@myhost.test.ex +14:07:56.453 7857 set_process_info: pppp accepting a local non-SMTP message from +14:07:56.453 7857 spool directory space = 157852648K inodes = 26802407 check_space = 10240K inodes = 100 msg_size = 0 +14:07:56.453 7857 log directory space = 157852648K inodes = 26802407 check_space = 10240K inodes = 100 +14:07:56.453 7857 Sender: CALLER@myhost.test.ex +14:07:56.453 7857 Recipients: +14:07:56.453 7857 userx@test.ex +14:07:56.453 7857 search_tidyup called +14:07:56.453 7857 >>Headers received: +14:07:56.453 7857 +14:07:56.453 7857 rewrite_one_header: type=F: +14:07:56.453 7857 From: CALLER_NAME +14:07:56.453 7857 search_tidyup called +14:07:56.453 7857 >>Headers after rewriting and local additions: +14:07:56.453 7857 I Message-Id: +14:07:56.453 7857 F From: CALLER_NAME +14:07:56.453 7857 Date: Tue, 2 Mar 1999 09:44:33 +0000 +14:07:56.453 7857 +14:07:56.453 7857 Data file name: TESTSUITE/spool//input//10HmaZ-0005vi-00-D +14:07:56.455 7857 Data file written for message 10HmaZ-0005vi-00 +14:07:56.455 7857 ┌considering: ${tod_full} +14:07:56.455 7857 ├──expanding: ${tod_full} +14:07:56.455 7857 └─────result: Tue, 2 Mar 1999 09:44:33 +0000 +14:07:56.455 7857 ┌considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost +14:07:56.455 7857 }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) +14:07:56.455 7857 }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol14:07:56.455 7857}} (Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──condition: def:sender_rcvhost +14:07:56.455 7857 ├─────result: false +14:07:56.455 7857 ┌───scanning: from $sender_rcvhost +14:07:56.455 7857 }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) +14:07:56.455 7857 }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol14:07:56.455 7857}} (Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──expanding: from $sender_rcvhost +14:07:56.455 7857 +14:07:56.455 7857 ├─────result: from +14:07:56.455 7857 +14:07:56.455 7857 └───skipping: result is not used +14:07:56.455 7857 ┌considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) +14:07:56.455 7857 }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol14:07:56.455 7857}} (Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──condition: def:sender_ident +14:07:56.455 7857 ├─────result: true +14:07:56.455 7857 ┌considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) +14:07:56.455 7857 }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol14:07:56.455 7857}} (Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ╎┌considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) +14:07:56.455 7857 ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol14:07:56.455 7857 ╎}} (Exim $version_number) +14:07:56.455 7857 ╎ ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 ╎ }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 ╎ for $received_for}} +14:07:56.455 7857 ╎├──expanding: $sender_ident +14:07:56.455 7857 ╎└─────result: CALLER +14:07:56.455 7857 ├──expanding: from ${quote_local_part:$sender_ident} +14:07:56.455 7857 └─────result: from CALLER +14:07:56.455 7857 ├──condition: def:sender_helo_name +14:07:56.455 7857 ├─────result: false +14:07:56.455 7857 ┌───scanning: (helo=$sender_helo_name) +14:07:56.455 7857 }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol14:07:56.455 7857}} (Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──expanding: (helo=$sender_helo_name) +14:07:56.455 7857 +14:07:56.455 7857 ├─────result: (helo=) +14:07:56.455 7857 +14:07:56.455 7857 └───skipping: result is not used +14:07:56.455 7857 ├──expanding: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) +14:07:56.455 7857 }} +14:07:56.455 7857 └─────result: from CALLER +14:07:56.455 7857 ├──condition: def:received_protocol +14:07:56.455 7857 ├─────result: true +14:07:56.455 7857 ┌considering: with $received_protocol14:07:56.455 7857}} (Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──expanding: with $received_protocol +14:07:56.455 7857 └─────result: with local +14:07:56.455 7857 ├──condition: def:tls_cipher +14:07:56.455 7857 ├─────result: false +14:07:56.455 7857 ┌───scanning: ($tls_cipher) +14:07:56.455 7857 }}(Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──expanding: ($tls_cipher) +14:07:56.455 7857 +14:07:56.455 7857 ├─────result: () +14:07:56.455 7857 +14:07:56.455 7857 └───skipping: result is not used +14:07:56.455 7857 ├──condition: def:sender_address +14:07:56.455 7857 ├─────result: true +14:07:56.455 7857 ┌considering: (envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──expanding: (envelope-from <$sender_address>) +14:07:56.455 7857 +14:07:56.455 7857 └─────result: (envelope-from ) +14:07:56.455 7857 +14:07:56.455 7857 ├──condition: def:received_for +14:07:56.455 7857 ├─────result: true +14:07:56.455 7857 ┌considering: +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 ├──expanding: +14:07:56.455 7857 for $received_for +14:07:56.455 7857 └─────result: +14:07:56.455 7857 for userx@test.ex +14:07:56.455 7857 ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost +14:07:56.455 7857 }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) +14:07:56.455 7857 }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol14:07:56.455 7857}} (Exim $version_number) +14:07:56.455 7857 ${if def:sender_address {(envelope-from <$sender_address>) +14:07:56.455 7857 }}id $message_exim_id${if def:received_for { +14:07:56.455 7857 for $received_for}} +14:07:56.455 7857 └─────result: Received: from CALLER by myhost.test.ex with local (Exim x.yz) +14:07:56.455 7857 (envelope-from ) +14:07:56.455 7857 id 10HmaZ-0005vi-00 +14:07:56.455 7857 for userx@test.ex +14:07:56.455 7857 >>Generated Received: header line +14:07:56.455 7857 P Received: from CALLER by myhost.test.ex with local (Exim x.yz) +14:07:56.455 7857 (envelope-from ) +14:07:56.455 7857 id 10HmaZ-0005vi-00 +14:07:56.455 7857 for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +14:07:56.455 7857 calling local_scan(); timeout=300 +14:07:56.455 7857 local_scan() returned 0 NULL +14:07:56.455 7857 ┌considering: ${tod_full} +14:07:56.455 7857 ├──expanding: ${tod_full} +14:07:56.455 7857 └─────result: Tue, 2 Mar 1999 09:44:33 +0000 +14:07:56.455 7857 Writing spool header file: TESTSUITE/spool//input//hdr.7857 +14:07:56.455 7857 DSN: Write SPOOL :-dsn_envid NULL +14:07:56.455 7857 DSN: Write SPOOL :-dsn_ret 0 +14:07:56.455 7857 DSN: Flags :0 +14:07:56.455 7857 DSN: **** SPOOL_OUT - address: |userx@test.ex| errorsto: |NULL| orcpt: |NULL| dsn_flags: 0 +14:07:56.457 7857 Renaming spool header file: TESTSUITE/spool//input//10HmaZ-0005vi-00-H +14:07:56.459 7857 Size of headers = sss +14:07:56.459 7857 LOG: MAIN +14:07:56.459 7857 <= CALLER@myhost.test.ex U=CALLER P=local S=sss +14:07:56.459 7857 search_tidyup called +14:07:56.459 7858 exec TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -DLOG_SELECTOR=+queue_time+queue_time_overall+deliver_time+millisec -C TESTSUITE/test-config -d=0xfffdffff -odi -Mc 10HmaZ-0005vi-00 +14:07:56 7858 Exim version x.yz uid=EXIM_UID gid=EXIM_GID pid=pppp D=fffdffff +14:07:56 7858 Total 20 lookups +14:07:56 7858 changed uid/gid: forcing real = effective +14:07:56 7858 uid=uuuu gid=EXIM_GID pid=pppp +14:07:56.565 7858 configuration file is TESTSUITE/test-config +14:07:56.565 7858 log selectors = 00000ffc 0c64c60a +14:07:56.565 7858 cwd=TESTSUITE/spool 9 args: TESTSUITE/eximdir/exim -DEXIM_PATH=TESTSUITE/eximdir/exim -DLOG_SELECTOR=+queue_time+queue_time_overall+deliver_time+millisec -C TESTSUITE/test-config -d=0xfffdffff -odi -Mc 10HmaZ-0005vi-00 +14:07:56.565 7858 trusted user +14:07:56.565 7858 admin user +14:07:56.565 7858 DSN: r1 propagating DSN +14:07:56.565 7858 seeking password data for user "CALLER": cache not available +14:07:56.565 7858 getpwnam() succeeded uid=CALLER_UID gid=CALLER_GID +14:07:56.565 7858 set_process_info: pppp delivering specified messages +14:07:56.565 7858 set_process_info: pppp delivering 10HmaZ-0005vi-00 +14:07:56.565 7858 Trying spool file TESTSUITE/spool//input//10HmaZ-0005vi-00-D +14:07:56.565 7858 reading spool file 10HmaZ-0005vi-00-H +14:07:56.565 7858 user=CALLER uid=CALLER_UID gid=CALLER_GID sender=CALLER@myhost.test.ex +14:07:56.565 7858 sender_local=1 ident=CALLER +14:07:56.565 7858 Non-recipients: +14:07:56.565 7858 Empty Tree +14:07:56.565 7858 ---- End of tree ---- +14:07:56.565 7858 recipients_count=1 +14:07:56.565 7858 **** SPOOL_IN - No additional fields +14:07:56.565 7858 body_linecount=1 message_linecount=7 +14:07:56.565 7858 DSN: set orcpt: NULL flags: 0 +14:07:56.565 7858 Delivery address list: +14:07:56.565 7858 userx@test.ex +14:07:56.566 7858 locking TESTSUITE/spool/db/retry.lockfile +14:07:56.566 7858 locked TESTSUITE/spool/db/retry.lockfile +14:07:56.566 7858 EXIM_DBOPEN: file dir flags 0x0 +14:07:56.566 7858 returned from EXIM_DBOPEN: (nil) +14:07:56.566 7858 failed to open DB file TESTSUITE/spool/db/retry: No such file or directory +14:07:56.566 7858 no retry data available +14:07:56.566 7858 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +14:07:56.566 7858 Considering: userx@test.ex +14:07:56.566 7858 unique = userx@test.ex +14:07:56.566 7858 no domain retry record +14:07:56.566 7858 no address retry record +14:07:56.566 7858 userx@test.ex: queued for routing +14:07:56.566 7858 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +14:07:56.566 7858 routing userx@test.ex +14:07:56.566 7858 --------> r1 router <-------- +14:07:56.566 7858 local_part=userx domain=test.ex +14:07:56.566 7858 calling r1 router +14:07:56.566 7858 r1 router called for userx@test.ex +14:07:56.566 7858 domain = test.ex +14:07:56.566 7858 set transport t1 +14:07:56.566 7858 queued for t1 transport: local_part = userx +14:07:56.566 7858 domain = test.ex +14:07:56.566 7858 errors_to=NULL +14:07:56.566 7858 domain_data=NULL localpart_data=NULL +14:07:56.566 7858 routed by r1 router +14:07:56.566 7858 envelope to: userx@test.ex +14:07:56.566 7858 transport: t1 +14:07:56.566 7858 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +14:07:56.566 7858 After routing: +14:07:56.566 7858 Local deliveries: +14:07:56.566 7858 userx@test.ex +14:07:56.566 7858 Remote deliveries: +14:07:56.566 7858 Failed addresses: +14:07:56.566 7858 Deferred addresses: +14:07:56.566 7858 search_tidyup called +14:07:56.566 7858 >>>>>>>>>>>>>>>> Local deliveries >>>>>>>>>>>>>>>> +14:07:56.566 7858 --------> userx@test.ex <-------- +14:07:56.566 7858 locking TESTSUITE/spool/db/retry.lockfile +14:07:56.566 7858 locked TESTSUITE/spool/db/retry.lockfile +14:07:56.566 7858 EXIM_DBOPEN: file dir flags 0x0 +14:07:56.566 7858 returned from EXIM_DBOPEN: (nil) +14:07:56.566 7858 failed to open DB file TESTSUITE/spool/db/retry: No such file or directory +14:07:56.566 7858 no retry data available +14:07:56.566 7858 search_tidyup called +14:07:56.566 7859 changed uid/gid: local delivery to userx transport=t1 +14:07:56.566 7859 uid=CALLER_UID gid=CALLER_GID pid=pppp +14:07:56.566 7859 home=NULL current=/ +14:07:56.566 7859 set_process_info: pppp delivering 10HmaZ-0005vi-00 to userx using t1 +14:07:56.566 7859 appendfile transport entered +14:07:56.566 7859 ┌considering: TESTSUITE/test-mail/$local_part +14:07:56.566 7859 ├──expanding: TESTSUITE/test-mail/$local_part +14:07:56.566 7859 └─────result: TESTSUITE/test-mail/userx +14:07:56.566 7859 appendfile: mode=600 notify_comsat=0 quota=0 warning=0 +14:07:56.566 7859 file=TESTSUITE/test-mail/userx format=unix +14:07:56.566 7859 message_prefix=From ${if def:return_path{$return_path}{MAILER-DAEMON}} ${tod_bsdinbox}\n +14:07:56.566 7859 message_suffix=\n +14:07:56.566 7859 maildir_use_size_file=no +14:07:56.566 7859 locking by lockfile fcntl +14:07:56.566 7859 lock name: TESTSUITE/test-mail/userx.lock +14:07:56.566 7859 hitch name: TESTSUITE/test-mail/userx.lock.test.ex.dddddddd.pppppppp +14:07:56.566 7859 lock file created +14:07:56.566 7859 mailbox TESTSUITE/test-mail/userx is locked +14:07:56.566 7859 writing to file TESTSUITE/test-mail/userx +14:07:56.566 7859 ┌considering: From ${if def:return_path{$return_path}{MAILER-DAEMON}} ${tod_bsdinbox} +14:07:56.566 7859 +14:07:56.566 7859 ├──condition: def:return_path +14:07:56.566 7859 ├─────result: true +14:07:56.566 7859 ┌considering: $return_path}{MAILER-DAEMON}} ${tod_bsdinbox} +14:07:56.566 7859 +14:07:56.566 7859 ├──expanding: $return_path +14:07:56.566 7859 └─────result: CALLER@myhost.test.ex +14:07:56.566 7859 ┌───scanning: MAILER-DAEMON}} ${tod_bsdinbox} +14:07:56.566 7859 +14:07:56.566 7859 ├──expanding: MAILER-DAEMON +14:07:56.566 7859 ├─────result: MAILER-DAEMON +14:07:56.566 7859 └───skipping: result is not used +14:07:56.566 7859 ├──expanding: From ${if def:return_path{$return_path}{MAILER-DAEMON}} ${tod_bsdinbox} +14:07:56.566 7859 +14:07:56.566 7859 └─────result: From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +14:07:56.566 7859 +14:07:56.566 7859 writing data block fd=6 size=sss timeout=0 +14:07:56.567 7859 cannot use sendfile for body: spoolfile not wireformat +14:07:56.567 7859 writing data block fd=6 size=sss timeout=0 +14:07:56.567 7859 writing data block fd=6 size=sss timeout=0 +14:07:56.568 7859 appendfile yields 0 with errno=dd more_errno=dd +14:07:56.568 7859 search_tidyup called +14:07:56.868 7858 journalling userx@test.ex +14:07:56.871 7858 t1 transport returned OK for userx@test.ex +14:07:56.871 7858 post-process userx@test.ex (0) +14:07:56.871 7858 userx@test.ex delivered +14:07:56.871 7858 LOG: MAIN +14:07:56.871 7858 => userx R=r1 T=t1 QT=q.qqqs DT=q.qqqs +14:07:56.871 7858 >>>>>>>>>>>>>>>> deliveries are done >>>>>>>>>>>>>>>> +14:07:56.871 7858 changed uid/gid: post-delivery tidying +14:07:56.871 7858 uid=EXIM_UID gid=EXIM_GID pid=pppp +14:07:56.871 7858 set_process_info: pppp tidying up after delivering 10HmaZ-0005vi-00 +14:07:56.871 7858 Processing retry items +14:07:56.871 7858 Succeeded addresses: +14:07:56.871 7858 userx@test.ex: no retry items +14:07:56.871 7858 Failed addresses: +14:07:56.871 7858 Deferred addresses: +14:07:56.871 7858 end of retry processing +14:07:56.871 7858 DSN: processing router : r1 +14:07:56.871 7858 DSN: processing successful delivery address: userx@test.ex +14:07:56.871 7858 DSN: Sender_address: CALLER@myhost.test.ex +14:07:56.871 7858 DSN: orcpt: NULL flags: 0 +14:07:56.871 7858 DSN: envid: NULL ret: 0 +14:07:56.871 7858 DSN: Final recipient: userx@test.ex +14:07:56.871 7858 DSN: Remote SMTP server supports DSN: 0 +14:07:56.871 7858 DSN: not sending DSN success message +14:07:56.871 7858 LOG: MAIN +14:07:56.871 7858 Completed QT=q.qqqs +14:07:56.871 7858 end delivery of 10HmaZ-0005vi-00 +14:07:56.871 7858 search_tidyup called +14:07:56.871 7858 search_tidyup called +14:07:56.871 7858 >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +14:07:56.871 7857 search_tidyup called +14:07:56.871 7857 >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> -- cgit v1.2.3 From 0f1a8658daf8689f0ef0afbb11d0cb589447a57d Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 6 Aug 2017 15:44:13 +0100 Subject: Logging: millisecond time on 'no MAIL' lines. Bug 2102 --- doc/doc-docbook/spec.xfpt | 2 +- doc/doc-txt/NewStuff | 3 ++- src/src/deliver.c | 2 +- src/src/functions.h | 1 + src/src/globals.c | 2 +- src/src/globals.h | 2 +- src/src/smtp_in.c | 6 ++---- test/confs/0547 | 3 ++- test/log/0547 | 9 +++++---- test/log/3454 | 4 ++-- test/runtest | 4 ++-- test/scripts/0000-Basic/0547 | 5 ++++- test/stderr/0547 | 4 ++-- 13 files changed, 26 insertions(+), 21 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0d03c2f9c..35f3eb80e 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -36118,7 +36118,7 @@ selection marked by asterisks: &` incoming_interface `& local interface on <= and => lines &` incoming_port `& remote port on <= lines &`*lost_incoming_connection `& as it says (includes timeouts) -&` millisec `& millisecond timestamps and QT/DT times +&` millisec `& millisecond timestamps and QT,DT,D times &` outgoing_interface `& local interface on => lines &` outgoing_port `& add remote port to => lines &`*queue_run `& start and end queue runs diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index ea757f059..3e1da34ee 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -44,7 +44,8 @@ Version 4.90 10. Variable $smtp_command_history returning a comma-sep list of recent SMTP commands. -11. Millisecond timetamps in logs, on log_selector "millisec". +11. Millisecond timetamps in logs, on log_selector "millisec". Also affects + log elements QT, DT and D, and timstamps in debug output. Version 4.89 diff --git a/src/src/deliver.c b/src/src/deliver.c index e7ca9e054..0f2efbecf 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -1058,7 +1058,7 @@ return buf; } -static uschar * +uschar * string_timesince(struct timeval * then) { struct timeval diff; diff --git a/src/src/functions.h b/src/src/functions.h index 5b2a683b8..c9d00df10 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -460,6 +460,7 @@ extern uschar *string_nextinlist(const uschar **, int *, uschar *, int); extern uschar *string_open_failed(int, const char *, ...) PRINTF_FUNCTION(2,3); extern const uschar *string_printing2(const uschar *, BOOL); extern uschar *string_split_message(uschar *); +extern uschar *string_timesince(struct timeval *); extern uschar *string_unprinting(uschar *); #ifdef SUPPORT_I18N extern uschar *string_address_utf8_to_alabel(const uschar *, uschar **); diff --git a/src/src/globals.c b/src/src/globals.c index 894b59967..9abacff8c 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1308,7 +1308,7 @@ BOOL smtp_check_spool_space = TRUE; int smtp_ch_index = 0; uschar *smtp_cmd_argument = NULL; uschar *smtp_cmd_buffer = NULL; -time_t smtp_connection_start = 0; +struct timeval smtp_connection_start = {0,0}; uschar smtp_connection_had[SMTP_HBUFF_SIZE]; int smtp_connect_backlog = 20; double smtp_delay_mail = 0.0; diff --git a/src/src/globals.h b/src/src/globals.h index 2d26bd0d7..bd8d14288 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -820,7 +820,7 @@ extern BOOL smtp_check_spool_space; /* TRUE to check SMTP SIZE value */ extern int smtp_ch_index; /* Index in smtp_connection_had */ extern uschar *smtp_cmd_argument; /* For all SMTP commands */ extern uschar *smtp_cmd_buffer; /* SMTP command buffer */ -extern time_t smtp_connection_start; /* Start time of SMTP connection */ +extern struct timeval smtp_connection_start; /* Start time of SMTP connection */ extern uschar smtp_connection_had[]; /* Recent SMTP commands */ extern int smtp_connect_backlog; /* Max backlog permitted */ extern double smtp_delay_mail; /* Current MAIL delay */ diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 3d5ad863f..48437c380 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1797,9 +1797,7 @@ for (i = 0; i < smtp_ch_index; i++) if (s) s[ptr] = 0; else s = US""; log_write(0, LOG_MAIN, "no MAIL in SMTP connection from %s D=%s%s", - host_and_ident(FALSE), - readconf_printtime( (int) ((long)time(NULL) - (long)smtp_connection_start)), - s); + host_and_ident(FALSE), string_timesince(&smtp_connection_start), s); } @@ -2353,7 +2351,7 @@ uschar *user_msg, *log_msg; uschar *code, *esc; uschar *p, *s, *ss; -smtp_connection_start = time(NULL); +gettimeofday(&smtp_connection_start, NULL); for (smtp_ch_index = 0; smtp_ch_index < SMTP_HBUFF_SIZE; smtp_ch_index++) smtp_connection_had[smtp_ch_index] = SCH_NONE; smtp_ch_index = 0; diff --git a/test/confs/0547 b/test/confs/0547 index 5d172447e..f3442b25b 100644 --- a/test/confs/0547 +++ b/test/confs/0547 @@ -1,6 +1,7 @@ # Exim test configuration 0547 MAXNM = 100 +LOG_SELECTOR = .include DIR/aux-var/std_conf_prefix @@ -10,7 +11,7 @@ primary_hostname = myhost.test.ex acl_smtp_rcpt = accept -log_selector = +smtp_no_mail +log_selector = +smtp_no_mail LOG_SELECTOR smtp_accept_max_nonmail = MAXNM diff --git a/test/log/0547 b/test/log/0547 index 34defc347..79b4ace5b 100644 --- a/test/log/0547 +++ b/test/log/0547 @@ -1,9 +1,10 @@ 1999-03-02 09:44:33 U=CALLER rejected EXPN x@y -1999-03-02 09:44:33 no MAIL in SMTP connection from CALLER D=0s C=EXPN,QUIT +1999-03-02 09:44:33 no MAIL in SMTP connection from CALLER D=qqs C=EXPN,QUIT ******** SERVER ******** +2017-07-30 18:51:05.712 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +2017-07-30 18:51:05.712 no MAIL in SMTP connection from [127.0.0.1] D=q.qqqs 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=0s -1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=0s C=QUIT +1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=qqs C=QUIT 1999-03-02 09:44:33 H=(x.y.z) [127.0.0.1] rejected VRFY a@b.c -1999-03-02 09:44:33 no MAIL in SMTP connection from (x.y.z) [127.0.0.1] D=0s C=EHLO,VRFY,QUIT +1999-03-02 09:44:33 no MAIL in SMTP connection from (x.y.z) [127.0.0.1] D=qqs C=EHLO,VRFY,QUIT diff --git a/test/log/3454 b/test/log/3454 index d047667e7..7578fc090 100644 --- a/test/log/3454 +++ b/test/log/3454 @@ -3,5 +3,5 @@ 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. 1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. -1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=0s X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C=EHLO,STARTTLS,AUTH -1999-03-02 09:44:33 no MAIL in SMTP connection from (foobar) [127.0.0.1] D=0s A=plain:userx X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C=EHLO,STARTTLS,EHLO,AUTH,QUIT +1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=qqs X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C=EHLO,STARTTLS,AUTH +1999-03-02 09:44:33 no MAIL in SMTP connection from (foobar) [127.0.0.1] D=qqs A=plain:userx X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no C=EHLO,STARTTLS,EHLO,AUTH,QUIT diff --git a/test/runtest b/test/runtest index 90c1758ca..712ab79bc 100755 --- a/test/runtest +++ b/test/runtest @@ -491,8 +491,8 @@ RESET_AFTER_EXTRA_LINE_READ: s/^\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\.\d{3}(\s[+-]\d\d\d\d)?\s/2017-07-30 18:51:05.712 /gx; s/^Logwrite\s"\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d/Logwrite "1999-03-02 09:44:33/gx; - s/([QD]T=)\d+s/$1qqs/g; - s/([QD]T=)\d\.\d{3}s/$1q.qqqs/g; + s/((D|[QD]T)=)\d+s/$1qqs/g; + s/((D|[QD]T)=)\d\.\d{3}s/$1q.qqqs/g; # Date/time in message separators s/(?:[A-Z][a-z]{2}\s){2}\d\d\s\d\d:\d\d:\d\d\s\d\d\d\d diff --git a/test/scripts/0000-Basic/0547 b/test/scripts/0000-Basic/0547 index 2595eff48..a645802a1 100644 --- a/test/scripts/0000-Basic/0547 +++ b/test/scripts/0000-Basic/0547 @@ -1,11 +1,14 @@ # log_selector = +smtp_no_mail need_ipv4 # -exim -DSERVER=server -bd -oX PORT_D +exim -DSERVER=server -DLOG_SELECTOR=+millisec -bd -oX PORT_D **** client 127.0.0.1 PORT_D ??? 220 **** +killdaemon +exim -DSERVER=server -bd -oX PORT_D +**** client 127.0.0.1 PORT_D ??? 220 quit diff --git a/test/stderr/0547 b/test/stderr/0547 index 980da7a0b..539328631 100644 --- a/test/stderr/0547 +++ b/test/stderr/0547 @@ -8,7 +8,7 @@ >>> host in helo_accept_junk_hosts? no (option unset) >>> rhu.barb in helo_lookup_domains? no (end of list) >>> host in smtp_accept_max_nonmail_hosts? yes (matched "*") -LOG: no MAIL in SMTP connection from (rhu.barb) [10.9.8.7] D=0s C=...HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,QUIT +LOG: no MAIL in SMTP connection from (rhu.barb) [10.9.8.7] D=qqs C=...HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,QUIT >>> host in hosts_connection_nolog? no (option unset) >>> host in host_lookup? no (option unset) >>> host in host_reject_connection? no (option unset) @@ -20,6 +20,6 @@ LOG: no MAIL in SMTP connection from (rhu.barb) [10.9.8.7] D=0s C=...HELP,RSET,N >>> rhu.barb in helo_lookup_domains? no (end of list) >>> host in smtp_accept_max_nonmail_hosts? yes (matched "*") LOG: SMTP call from (rhu.barb) [10.9.8.7] dropped: too many nonmail commands (last was "HELP") -LOG: no MAIL in SMTP connection from (rhu.barb) [10.9.8.7] D=0s C=HELO,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP +LOG: no MAIL in SMTP connection from (rhu.barb) [10.9.8.7] D=qqs C=HELO,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP ******** SERVER ******** -- cgit v1.2.3 From 135e949699b889c8c9088bb05f810d44adc74246 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 28 Jun 2017 15:25:12 +0100 Subject: DKIM: Enforce any "h" field present in the DNS publickey record. This can be set to require specific hash types, eg sha256, in signatues. There is an IETF draft in discussion which deprecates sha1 so this feature may start to be used. --- doc/doc-txt/ChangeLog | 3 +++ src/src/pdkim/pdkim.c | 33 +++++++++++++++++++++++++++------ src/src/pdkim/pdkim.h | 15 ++++++++------- test/dnszones-src/db.test.ex | 6 ++++++ test/log/4500 | 3 +++ test/log/4506 | 3 +++ test/scripts/4500-DKIM/4500 | 34 ++++++++++++++++++++++++++++++++++ test/scripts/4500-DKIM/4506 | 35 +++++++++++++++++++++++++++++++++++ test/stderr/4520 | 1 + 9 files changed, 120 insertions(+), 13 deletions(-) (limited to 'test/stderr') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 0b4076c20..ecb6b33a9 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -138,6 +138,9 @@ JH/21 Bug 2151: Avoid using SIZE on the MAIL for a callout verify, on any but JH/22 Retire historical build files to an "unsupported" subdir. These are defined as "ones for which we have no current evidence of testing". +JH/23 DKIM: enforce the DNS pubkey record "h" permitted-hashes optional field, + if present. Previously it was ignored. + Exim version 4.89 ----------------- diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c index d41b60f13..d289ec7a3 100644 --- a/src/src/pdkim/pdkim.c +++ b/src/src/pdkim/pdkim.c @@ -132,6 +132,7 @@ switch(ext_status) { case PDKIM_VERIFY_FAIL_BODY: return "PDKIM_VERIFY_FAIL_BODY"; case PDKIM_VERIFY_FAIL_MESSAGE: return "PDKIM_VERIFY_FAIL_MESSAGE"; + case PDKIM_VERIFY_FAIL_SIG_ALGO_MISMATCH: return "PDKIM_VERIFY_FAIL_SIG_ALGO_MISMATCH"; case PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE: return "PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE"; case PDKIM_VERIFY_INVALID_BUFFER_SIZE: return "PDKIM_VERIFY_INVALID_BUFFER_SIZE"; case PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD: return "PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD"; @@ -644,12 +645,8 @@ for (p = raw_record; ; p++) case 'v': pub->version = string_copy(cur_val); break; case 'h': + pub->hashes = string_copy(cur_val); break; case 'k': -/* This field appears to never be used. Also, unclear why -a 'k' (key-type_ would go in this field name. There is a field -"keytype", also never used. - pub->hashes = string_copy(cur_val); -*/ break; case 'g': pub->granularity = string_copy(cur_val); break; @@ -682,7 +679,11 @@ a 'k' (key-type_ would go in this field name. There is a field /* Set fallback defaults */ if (!pub->version ) pub->version = string_copy(PDKIM_PUB_RECORD_VERSION); -else if (Ustrcmp(pub->version, PDKIM_PUB_RECORD_VERSION) != 0) return NULL; +else if (Ustrcmp(pub->version, PDKIM_PUB_RECORD_VERSION) != 0) + { + DEBUG(D_acl) debug_printf(" Bad v= field\n"); + return NULL; + } if (!pub->granularity) pub->granularity = string_copy(US"*"); /* @@ -694,6 +695,7 @@ if (!pub->srvtype ) pub->srvtype = string_copy(US"*"); if (pub->key.data) return pub; +DEBUG(D_acl) debug_printf(" Missing p= field\n"); return NULL; } @@ -1631,6 +1633,25 @@ while (sig) if (!(sig->pubkey = pdkim_key_from_dns(ctx, sig, &vctx, err))) goto NEXT_VERIFY; + /* If the pubkey limits to a list of specific hashes, ignore sigs that + do not have the hash part of the sig algorithm matching */ + + if (sig->pubkey->hashes) + { + const uschar * list = sig->pubkey->hashes, * ele; + int sep = ':'; + while ((ele = string_nextinlist(&list, &sep, NULL, 0))) + if (Ustrcmp(ele, pdkim_algos[sig->algo] + 4) == 0) break; + if (!ele) + { + DEBUG(D_acl) debug_printf("pubkey h=%s vs sig a=%s\n", + sig->pubkey->hashes, pdkim_algos[sig->algo]); + sig->verify_status = PDKIM_VERIFY_FAIL; + sig->verify_ext_status = PDKIM_VERIFY_FAIL_SIG_ALGO_MISMATCH; + goto NEXT_VERIFY; + } + } + /* Check the signature */ if ((*err = exim_rsa_verify(&vctx, is_sha1, &hhash, &sig->sighash))) { diff --git a/src/src/pdkim/pdkim.h b/src/src/pdkim/pdkim.h index 78e3c3c8b..9899356d5 100644 --- a/src/src/pdkim/pdkim.h +++ b/src/src/pdkim/pdkim.h @@ -51,12 +51,13 @@ #define PDKIM_VERIFY_FAIL_BODY 1 #define PDKIM_VERIFY_FAIL_MESSAGE 2 -#define PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE 3 -#define PDKIM_VERIFY_INVALID_BUFFER_SIZE 4 -#define PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD 5 -#define PDKIM_VERIFY_INVALID_PUBKEY_IMPORT 6 -#define PDKIM_VERIFY_INVALID_SIGNATURE_ERROR 7 -#define PDKIM_VERIFY_INVALID_DKIM_VERSION 8 +#define PDKIM_VERIFY_FAIL_SIG_ALGO_MISMATCH 3 +#define PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE 4 +#define PDKIM_VERIFY_INVALID_BUFFER_SIZE 5 +#define PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD 6 +#define PDKIM_VERIFY_INVALID_PUBKEY_IMPORT 7 +#define PDKIM_VERIFY_INVALID_SIGNATURE_ERROR 8 +#define PDKIM_VERIFY_INVALID_DKIM_VERSION 9 /* -------------------------------------------------------------------------- */ /* Some parameter values */ @@ -100,8 +101,8 @@ typedef struct pdkim_pubkey { uschar *version; /* v= */ uschar *granularity; /* g= */ -#ifdef notdef uschar *hashes; /* h= */ +#ifdef notdef uschar *keytype; /* k= */ #endif uschar *srvtype; /* s= */ diff --git a/test/dnszones-src/db.test.ex b/test/dnszones-src/db.test.ex index f7c9e313b..73db57f9c 100644 --- a/test/dnszones-src/db.test.ex +++ b/test/dnszones-src/db.test.ex @@ -491,13 +491,19 @@ DELAY=1500 delay1500 A HOSTIPV4 ; openssl rsa -in aux-fixed/dkim/dkim.private -out /dev/stdout -pubout -outform PEM ; ; Deliberate bad version, having extra backslashes +; sha256-hash-only version.... appears to be too long, gets truncated ; ; Another, 512-bit (with a Notes field) +; 512 requiring sha1 hash +; 512 requiring sha256 hash ; sel._domainkey TXT "v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB" sel_bad._domainkey TXT "v=DKIM1\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB" +sel_sha256._domainkey TXT "v=DKIM1; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB" ses._domainkey TXT "v=DKIM1; n=halfkilo; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL6eAQxd9didJ0/+05iDwJOqT6ly826Vi8aGPecsBiYK5/tAT97fxXk+dPWMZp9kQxtknEzYjYjAydzf+HQ2yJMCAwEAAQ==" +ses_sha1._domainkey TXT "v=DKIM1; h=sha1; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL6eAQxd9didJ0/+05iDwJOqT6ly826Vi8aGPecsBiYK5/tAT97fxXk+dPWMZp9kQxtknEzYjYjAydzf+HQ2yJMCAwEAAQ==" +ses_sha256._domainkey TXT "v=DKIM1; h=sha256; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL6eAQxd9didJ0/+05iDwJOqT6ly826Vi8aGPecsBiYK5/tAT97fxXk+dPWMZp9kQxtknEzYjYjAydzf+HQ2yJMCAwEAAQ==" ; End diff --git a/test/log/4500 b/test/log/4500 index 0e0f8400d..ec8ef088e 100644 --- a/test/log/4500 +++ b/test/log/4500 @@ -10,3 +10,6 @@ 1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: test.ex bits: 1024 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net +1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=ses_sha1 c=simple/simple a=rsa-sha1 b=512 [verification succeeded] +1999-03-02 09:44:33 10HmbA-0005vi-00 signer: test.ex bits: 512 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net diff --git a/test/log/4506 b/test/log/4506 index fb0f22567..027169df0 100644 --- a/test/log/4506 +++ b/test/log/4506 @@ -13,3 +13,6 @@ 1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: validation error: RSA_LONG_LINE 1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: Error during validation, disabling signature verification: RSA_LONG_LINE 1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net +1999-03-02 09:44:33 10HmbB-0005vi-00 DKIM: d=test.ex s=ses_sha256 c=simple/simple a=rsa-sha1 b=512 [verification failed - unspecified reason] +1999-03-02 09:44:33 10HmbB-0005vi-00 signer: test.ex bits: 512 +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net diff --git a/test/scripts/4500-DKIM/4500 b/test/scripts/4500-DKIM/4500 index 6728b141d..6b3ff5fcf 100644 --- a/test/scripts/4500-DKIM/4500 +++ b/test/scripts/4500-DKIM/4500 @@ -93,6 +93,40 @@ Date: Thu, 19 Nov 2015 17:00:07 -0700 Message-ID: Subject: simple test +This is a simple test. +. +??? 250 +QUIT +??? 221 +**** +# +# +# This should pass. The pubkey dns decord has a additional sha1-only h= field +# +# - sha1, 512b +# Mail original in aux-fixed/4500.msg1.txt +# Sig generated by: perl aux-fixed/dkim/sign.pl --keyfile=aux-fixed/dkim/dkim512.private \ +# --method=simple/simple --selector=ses_sha1 < aux-fixed/4500.msg1.txt +client 127.0.0.1 PORT_D +??? 220 +HELO xxx +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=test.ex; h=from:to + :date:message-id:subject; s=ses_sha1; bh=OB9dZVu7+5/ufs3TH9leIcE + pXSo=; b=hG14R3Eb/f13Pw6J0LmovHAL01KHVmVrTZ7KJrqieYTQemUaseoU2pB + 7/g8NUwG/AsYoaw3gaAK8PqxSk2lcIQ== +From: mrgus@text.ex +To: bakawolf@yahoo.com +Date: Thu, 19 Nov 2015 17:00:07 -0700 +Message-ID: +Subject: simple test + This is a simple test. . ??? 250 diff --git a/test/scripts/4500-DKIM/4506 b/test/scripts/4500-DKIM/4506 index 6eb81cc16..e8d7c41f0 100644 --- a/test/scripts/4500-DKIM/4506 +++ b/test/scripts/4500-DKIM/4506 @@ -134,6 +134,41 @@ QUIT **** # # +# This should fail as the sig on the mail uses sha1 but the dns record requires sha256 +# +# - sha256, 512b +# Mail original in aux-fixed/4500.msg1.txt +# Sig generated by: perl aux-fixed/dkim/sign.pl --keyfile=aux-fixed/dkim/dkim512.private \ +# --method=simple/simple --selector=ses_sha1 < aux-fixed/4500.msg1.txt +# and then modifying the s= manually +client 127.0.0.1 PORT_D +??? 220 +HELO xxx +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=test.ex; h=from:to + :date:message-id:subject; s=ses_sha256; bh=OB9dZVu7+5/ufs3TH9leIcE + pXSo=; b=hG14R3Eb/f13Pw6J0LmovHAL01KHVmVrTZ7KJrqieYTQemUaseoU2pB + 7/g8NUwG/AsYoaw3gaAK8PqxSk2lcIQ== +From: mrgus@text.ex +To: bakawolf@yahoo.com +Date: Thu, 19 Nov 2015 17:00:07 -0700 +Message-ID: +Subject: simple test + +This is a simple test. +. +??? 250 +QUIT +??? 221 +**** +# +# killdaemon no_stdout_check no_msglog_check diff --git a/test/stderr/4520 b/test/stderr/4520 index c1bafcdcc..fc64a9e93 100644 --- a/test/stderr/4520 +++ b/test/stderr/4520 @@ -28,6 +28,7 @@ PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Raw record: v=DKIM1\;{SP}p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB v=DKIM1\ p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB + Bad v= field Error while parsing public key record WARNING: bad dkim key in dns PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -- cgit v1.2.3 From 2ac258501be0bcb0628548d5990de76ce7361ac8 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 20 Aug 2017 13:42:16 +0100 Subject: Logging: add elapsed-time element to unexpected-diconnection lines --- src/src/smtp_in.c | 19 +++++++++++-------- test/log/0609 | 2 +- test/stderr/0004 | 2 +- test/stderr/0609 | 2 +- test/stderr/5840 | 2 +- 5 files changed, 15 insertions(+), 12 deletions(-) (limited to 'test/stderr') diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 9721fb7d6..d6250d12d 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -5460,14 +5460,17 @@ while (done <= 0) */ if (sender_address != NULL || recipients_count > 0) - log_write(L_lost_incoming_connection, - LOG_MAIN, - "unexpected %s while reading SMTP command from %s%s", - sender_host_unknown? "EOF" : "disconnection", - host_and_ident(FALSE), smtp_read_error); - - else log_write(L_smtp_connection, LOG_MAIN, "%s lost%s", - smtp_get_connection_info(), smtp_read_error); + log_write(L_lost_incoming_connection, LOG_MAIN, + "unexpected %s while reading SMTP command from %s%s D=%s", + sender_host_unknown ? "EOF" : "disconnection", + host_and_ident(FALSE), smtp_read_error, + string_timesince(&smtp_connection_start) + ); + + else + log_write(L_smtp_connection, LOG_MAIN, "%s lost%s D=%s", + smtp_get_connection_info(), smtp_read_error, + string_timesince(&smtp_connection_start)); done = 1; break; diff --git a/test/log/0609 b/test/log/0609 index a19051aa1..b395954a4 100644 --- a/test/log/0609 +++ b/test/log/0609 @@ -4,4 +4,4 @@ 1999-03-02 09:44:33 SMTP connection from [127.0.0.1] (TCP/IP connection count = 1) 1999-03-02 09:44:33 SMTP connection from [127.0.0.1] closed by QUIT 1999-03-02 09:44:33 SMTP connection from [127.0.0.1] (TCP/IP connection count = 1) -1999-03-02 09:44:33 unexpected disconnection while reading SMTP command from [127.0.0.1] +1999-03-02 09:44:33 unexpected disconnection while reading SMTP command from [127.0.0.1] D=qqs diff --git a/test/stderr/0004 b/test/stderr/0004 index 310a4ef29..b9e93a910 100644 --- a/test/stderr/0004 +++ b/test/stderr/0004 @@ -479,4 +479,4 @@ LOG: H=[1.1.1.1] F= rejected RCPT >>> deny: condition test succeeded in ACL "check_recipient" >>> end of ACL "check_recipient": DENY LOG: H=[1.1.1.1] F= rejected RCPT -LOG: unexpected disconnection while reading SMTP command from [1.1.1.1] +LOG: unexpected disconnection while reading SMTP command from [1.1.1.1] D=qqs diff --git a/test/stderr/0609 b/test/stderr/0609 index be6514446..ea998d6d7 100644 --- a/test/stderr/0609 +++ b/test/stderr/0609 @@ -45,7 +45,7 @@ ppppp delay cancelled by peer close ppppp accept: condition test succeeded in ACL "delay4_accept" ppppp end of ACL "delay4_accept": ACCEPT ppppp LOG: lost_incoming_connection MAIN -ppppp unexpected disconnection while reading SMTP command from [127.0.0.1] +ppppp unexpected disconnection while reading SMTP command from [127.0.0.1] D=qqs ppppp child ppppp ended: status=0x100 ppppp normal exit, 1 ppppp 0 SMTP accept processes now running diff --git a/test/stderr/5840 b/test/stderr/5840 index bc8aeca30..51962ce66 100644 --- a/test/stderr/5840 +++ b/test/stderr/5840 @@ -65,7 +65,7 @@ >>> ----------- end verify ------------ >>> accept: condition test succeeded in inline ACL >>> end of inline ACL: ACCEPT -LOG: unexpected disconnection while reading SMTP command from [127.0.0.1] +LOG: unexpected disconnection while reading SMTP command from [127.0.0.1] D=qqs ### TLSA (2 0 1) ### A server with a nonverifying cert and no TLSA ### A server with a verifying cert and no TLSA -- cgit v1.2.3 From 9e70917d0aa5e51f584b2af69ce80df458ac5c79 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 12 Sep 2017 17:49:58 +0100 Subject: DKIM: support multiple signing, by selector --- doc/doc-docbook/spec.xfpt | 12 +- doc/doc-txt/NewStuff | 3 +- src/src/dkim.c | 301 ++++++++++++++++++------------------ src/src/dkim.h | 2 +- src/src/dkim_transport.c | 59 ++++--- src/src/expand.c | 7 +- src/src/pdkim/pdkim.c | 365 ++++++++++++++++++++++++-------------------- src/src/pdkim/pdkim.h | 21 +-- src/src/pdkim/signing.c | 10 +- test/confs/4520 | 7 +- test/confs/4524 | 1 + test/log/4520 | 2 +- test/log/4524 | 12 ++ test/scripts/4500-DKIM/4520 | 2 +- test/scripts/4500-DKIM/4524 | 14 ++ test/stderr/4520 | 12 +- 16 files changed, 467 insertions(+), 363 deletions(-) create mode 120000 test/confs/4524 create mode 100644 test/log/4524 create mode 100644 test/scripts/4500-DKIM/4524 (limited to 'test/stderr') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 61a6f0e83..44a274b98 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -38526,13 +38526,15 @@ while expanding the remaining signing options. .wen If it is empty after expansion, DKIM signing is not done. -.option dkim_selector smtp string&!! unset +.option dkim_selector smtp string list&!! unset This sets the key selector string. -You can use the &%$dkim_domain%& expansion variable to look up a matching selector. -The result is put in the expansion +.new +After expansion, which can use &$dkim_domain$&, this can be a list. +Each element in turn is put in the expansion variable &%$dkim_selector%& which may be used in the &%dkim_private_key%& option along with &%$dkim_domain%&. -If the option is empty after expansion, DKIM signing is not done. +If the option is empty after expansion, DKIM signing is not done for this domain. +.wen .option dkim_private_key smtp string&!! unset This sets the private key to use. @@ -38585,7 +38587,7 @@ Verification of DKIM signatures in SMTP incoming email is implemented via the syntactically(!) correct signature in the incoming message. A missing ACL definition defaults to accept. If any ACL call does not accept, the message is not accepted. -If a cutthrough delivery was in progress for the message it is +If a cutthrough delivery was in progress for the message, that is summarily dropped (having wasted the transmission effort). To evaluate the signature in the ACL a large number of expansion variables diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index c10649edd..1948641c9 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -52,7 +52,8 @@ Version 4.90 is opened with a TFO cookie. Support varies between platforms (Linux does both. FreeBSD server only, others unknown). -13. DKIM support for multiple hashes. +13. DKIM support for multiple signing, by domain and/or key-selector. + DKIM support for multiple hashes. Version 4.89 diff --git a/src/src/dkim.c b/src/src/dkim.c index 2b7f55ae8..ea2007225 100644 --- a/src/src/dkim.c +++ b/src/src/dkim.c @@ -453,26 +453,19 @@ switch (what) If a prefix is given, prepend it to the file for the calculations. */ -uschar * +blob * dkim_exim_sign(int fd, off_t off, uschar * prefix, struct ob_dkim * dkim, const uschar ** errstr) { const uschar * dkim_domain; int sep = 0; -uschar *seen_items = NULL; -int seen_items_size = 0; -int seen_items_offset = 0; -uschar *dkim_canon_expanded; -uschar *dkim_sign_headers_expanded; -uschar *dkim_private_key_expanded; -uschar *dkim_hash_expanded; -pdkim_ctx *ctx = NULL; -uschar *rc = NULL; -uschar *sigbuf = NULL; +uschar * seen_doms = NULL; +int seen_doms_size = 0; +int seen_doms_offset = 0; +pdkim_ctx ctx; +pdkim_signature * sig; +blob * sigbuf = NULL; int sigsize = 0; -int sigptr = 0; -pdkim_signature *signature; -int pdkim_canon; int pdkim_rc; int sread; uschar buf[4096]; @@ -481,6 +474,8 @@ int old_pool = store_pool; store_pool = POOL_MAIN; +pdkim_init_context(&ctx, dkim->dot_stuffed, &dkim_exim_query_dns_txt); + if (!(dkim_domain = expand_cstring(dkim->dkim_domain))) { /* expansion error, do not send message. */ @@ -493,31 +488,26 @@ if (!(dkim_domain = expand_cstring(dkim->dkim_domain))) while ((dkim_signing_domain = string_nextinlist(&dkim_domain, &sep, NULL, 0))) { + const uschar * dkim_sel; + int sel_sep = 0; + if (dkim_signing_domain[0] == '\0') continue; /* Only sign once for each domain, no matter how often it appears in the expanded list. */ - if (seen_items) - { - const uschar *seen_items_list = seen_items; - if (match_isinlist(dkim_signing_domain, - &seen_items_list, 0, NULL, NULL, MCL_STRING, TRUE, - NULL) == OK) - continue; - - seen_items = - string_append(seen_items, &seen_items_size, &seen_items_offset, 1, ":"); - } + if (match_isinlist(dkim_signing_domain, CUSS &seen_doms, + 0, NULL, NULL, MCL_STRING, TRUE, NULL) == OK) + continue; - seen_items = - string_append(seen_items, &seen_items_size, &seen_items_offset, 1, - dkim_signing_domain); - seen_items[seen_items_offset] = '\0'; + seen_doms = string_append_listele(seen_doms, &seen_doms_size, + &seen_doms_offset, ':', dkim_signing_domain); - /* Set up $dkim_selector expansion variable. */ + /* Set $dkim_selector expansion variable to each selector in list, + for this domain. */ + if (!(dkim_sel = expand_string(dkim->dkim_selector))) if (!(dkim_signing_selector = expand_string(dkim->dkim_selector))) { log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " @@ -525,163 +515,184 @@ while ((dkim_signing_domain = string_nextinlist(&dkim_domain, &sep, NULL, 0))) goto bad; } - /* Get canonicalization to use */ - - dkim_canon_expanded = dkim->dkim_canon - ? expand_string(dkim->dkim_canon) : US"relaxed"; - if (!dkim_canon_expanded) + while ((dkim_signing_selector = string_nextinlist(&dkim_sel, &sel_sep, + NULL, 0))) { - /* expansion error, do not send message. */ - log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " - "dkim_canon: %s", expand_string_message); - goto bad; - } + uschar * dkim_canon_expanded; + int pdkim_canon; + uschar * dkim_sign_headers_expanded = NULL; + uschar * dkim_private_key_expanded; + uschar * dkim_hash_expanded; - if (Ustrcmp(dkim_canon_expanded, "relaxed") == 0) - pdkim_canon = PDKIM_CANON_RELAXED; - else if (Ustrcmp(dkim_canon_expanded, "simple") == 0) - pdkim_canon = PDKIM_CANON_SIMPLE; - else - { - log_write(0, LOG_MAIN, - "DKIM: unknown canonicalization method '%s', defaulting to 'relaxed'.\n", - dkim_canon_expanded); - pdkim_canon = PDKIM_CANON_RELAXED; - } + /* Get canonicalization to use */ - dkim_sign_headers_expanded = NULL; - if (dkim->dkim_sign_headers) - if (!(dkim_sign_headers_expanded = expand_string(dkim->dkim_sign_headers))) + dkim_canon_expanded = dkim->dkim_canon + ? expand_string(dkim->dkim_canon) : US"relaxed"; + if (!dkim_canon_expanded) { + /* expansion error, do not send message. */ log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " - "dkim_sign_headers: %s", expand_string_message); + "dkim_canon: %s", expand_string_message); goto bad; } - /* else pass NULL, which means default header list */ - - /* Get private key to use. */ - if (!(dkim_private_key_expanded = expand_string(dkim->dkim_private_key))) - { - log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " - "dkim_private_key: %s", expand_string_message); - goto bad; - } - - if ( Ustrlen(dkim_private_key_expanded) == 0 - || Ustrcmp(dkim_private_key_expanded, "0") == 0 - || Ustrcmp(dkim_private_key_expanded, "false") == 0 - ) - continue; /* don't sign, but no error */ - - if (dkim_private_key_expanded[0] == '/') - { - int privkey_fd, off = 0, len; + if (Ustrcmp(dkim_canon_expanded, "relaxed") == 0) + pdkim_canon = PDKIM_CANON_RELAXED; + else if (Ustrcmp(dkim_canon_expanded, "simple") == 0) + pdkim_canon = PDKIM_CANON_SIMPLE; + else + { + log_write(0, LOG_MAIN, + "DKIM: unknown canonicalization method '%s', defaulting to 'relaxed'.\n", + dkim_canon_expanded); + pdkim_canon = PDKIM_CANON_RELAXED; + } - /* Looks like a filename, load the private key. */ + if (dkim->dkim_sign_headers) + if (!(dkim_sign_headers_expanded = expand_string(dkim->dkim_sign_headers))) + { + log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " + "dkim_sign_headers: %s", expand_string_message); + goto bad; + } + /* else pass NULL, which means default header list */ - memset(big_buffer, 0, big_buffer_size); + /* Get private key to use. */ - if ((privkey_fd = open(CS dkim_private_key_expanded, O_RDONLY)) < 0) + if (!(dkim_private_key_expanded = expand_string(dkim->dkim_private_key))) { - log_write(0, LOG_MAIN | LOG_PANIC, "unable to open " - "private key file for reading: %s", - dkim_private_key_expanded); + log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " + "dkim_private_key: %s", expand_string_message); goto bad; } - do + if ( Ustrlen(dkim_private_key_expanded) == 0 + || Ustrcmp(dkim_private_key_expanded, "0") == 0 + || Ustrcmp(dkim_private_key_expanded, "false") == 0 + ) + continue; /* don't sign, but no error */ + + if (dkim_private_key_expanded[0] == '/') { - if ((len = read(privkey_fd, big_buffer + off, big_buffer_size - 2 - off)) < 0) + int privkey_fd, off = 0, len; + + /* Looks like a filename, load the private key. */ + + memset(big_buffer, 0, big_buffer_size); + + if ((privkey_fd = open(CS dkim_private_key_expanded, O_RDONLY)) < 0) { - (void) close(privkey_fd); - log_write(0, LOG_MAIN|LOG_PANIC, "unable to read private key file: %s", + log_write(0, LOG_MAIN | LOG_PANIC, "unable to open " + "private key file for reading: %s", dkim_private_key_expanded); goto bad; } - off += len; + + do + { + if ((len = read(privkey_fd, big_buffer + off, big_buffer_size - 2 - off)) < 0) + { + (void) close(privkey_fd); + log_write(0, LOG_MAIN|LOG_PANIC, "unable to read private key file: %s", + dkim_private_key_expanded); + goto bad; + } + off += len; + } + while (len > 0); + + (void) close(privkey_fd); + big_buffer[off] = '\0'; + dkim_private_key_expanded = big_buffer; } - while (len > 0); - (void) close(privkey_fd); - big_buffer[off] = '\0'; - dkim_private_key_expanded = big_buffer; - } + if (!(dkim_hash_expanded = expand_string(dkim->dkim_hash))) + { + log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " + "dkim_hash: %s", expand_string_message); + goto bad; + } - if (!(dkim_hash_expanded = expand_string(dkim->dkim_hash))) - { - log_write(0, LOG_MAIN | LOG_PANIC, "failed to expand " - "dkim_hash: %s", expand_string_message); - goto bad; - } + /*XXX so we currently nail signing to RSA + this hash. + Need to extract algo from privkey and check for disallowed combos. */ -/*XXX so we currently nail signing to RSA + given hash. -Need to extract algo from privkey and check for disallowed combos. */ - - if (!(ctx = pdkim_init_sign(dkim_signing_domain, - dkim_signing_selector, - dkim_private_key_expanded, - dkim_hash_expanded, - dkim->dot_stuffed, - &dkim_exim_query_dns_txt, - errstr - ))) - goto bad; - dkim_private_key_expanded[0] = '\0'; - pdkim_set_optional(ctx, - CS dkim_sign_headers_expanded, - NULL, - pdkim_canon, - pdkim_canon, -1, 0, 0); - - if (prefix) - pdkim_feed(ctx, prefix, Ustrlen(prefix)); - - if (lseek(fd, off, SEEK_SET) < 0) - sread = -1; - else - while ((sread = read(fd, &buf, sizeof(buf))) > 0) - if ((pdkim_rc = pdkim_feed(ctx, buf, sread)) != PDKIM_OK) - goto pk_bad; - - /* Handle failed read above. */ - if (sread == -1) - { - debug_printf("DKIM: Error reading -K file.\n"); - save_errno = errno; - goto bad; + if (!(sig = pdkim_init_sign(&ctx, dkim_signing_domain, + dkim_signing_selector, + dkim_private_key_expanded, + dkim_hash_expanded, + errstr + ))) + goto bad; + dkim_private_key_expanded[0] = '\0'; + + pdkim_set_optional(sig, + CS dkim_sign_headers_expanded, + NULL, + pdkim_canon, + pdkim_canon, -1, 0, 0); + + if (!ctx.sig) /* link sig to context chain */ + ctx.sig = sig; + else + { + pdkim_signature * n = ctx.sig; + while (n->next) n = n->next; + n->next = sig; + } } + } - if ((pdkim_rc = pdkim_feed_finish(ctx, &signature, errstr)) != PDKIM_OK) - goto pk_bad; +if (prefix) + pdkim_feed(&ctx, prefix, Ustrlen(prefix)); - sigbuf = string_append(sigbuf, &sigsize, &sigptr, 2, - US signature->signature_header, US"\r\n"); +if (lseek(fd, off, SEEK_SET) < 0) + sread = -1; +else + while ((sread = read(fd, &buf, sizeof(buf))) > 0) + if ((pdkim_rc = pdkim_feed(&ctx, buf, sread)) != PDKIM_OK) + goto pk_bad; - pdkim_free_ctx(ctx); - ctx = NULL; +/* Handle failed read above. */ +if (sread == -1) + { + debug_printf("DKIM: Error reading -K file.\n"); + save_errno = errno; + goto bad; } -if (sigbuf) +/* Build string of headers, one per signature */ + +if ((pdkim_rc = pdkim_feed_finish(&ctx, &sig, errstr)) != PDKIM_OK) + goto pk_bad; + +sigbuf = store_get(sizeof(blob)); +sigbuf->data = NULL; +sigbuf->len = 0; + +while (sig) { - sigbuf[sigptr] = '\0'; - rc = sigbuf; + int len = sigbuf->len; + sigbuf->data = string_append(sigbuf->data, &sigsize, &len, 2, + US sig->signature_header, US"\r\n"); + sigbuf->len = len; + sig = sig->next; } + +if (sigbuf->data) + sigbuf->data[sigbuf->len] = '\0'; else - rc = US""; + sigbuf->data = US""; CLEANUP: - if (ctx) - pdkim_free_ctx(ctx); store_pool = old_pool; errno = save_errno; - return rc; + return sigbuf; pk_bad: log_write(0, LOG_MAIN|LOG_PANIC, "DKIM: signing failed: %.100s", pdkim_errstr(pdkim_rc)); bad: - rc = NULL; + sigbuf = NULL; goto CLEANUP; } diff --git a/src/src/dkim.h b/src/src/dkim.h index 83c68a76c..a3419db42 100644 --- a/src/src/dkim.h +++ b/src/src/dkim.h @@ -6,7 +6,7 @@ /* See the file NOTICE for conditions of use and distribution. */ void dkim_exim_init(void); -uschar *dkim_exim_sign(int, off_t, uschar *, struct ob_dkim *, const uschar **); +blob * dkim_exim_sign(int, off_t, uschar *, struct ob_dkim *, const uschar **); void dkim_exim_verify_init(BOOL); void dkim_exim_verify_feed(uschar *, int); void dkim_exim_verify_finish(void); diff --git a/src/src/dkim_transport.c b/src/src/dkim_transport.c index 1ef4cfa6c..85a73dcae 100644 --- a/src/src/dkim_transport.c +++ b/src/src/dkim_transport.c @@ -117,8 +117,9 @@ dkt_direct(transport_ctx * tctx, struct ob_dkim * dkim, int save_fd = tctx->u.fd; int save_options = tctx->options; BOOL save_wireformat = spool_file_wireformat; -uschar * hdrs, * dkim_signature; -int siglen = 0, hsize; +uschar * hdrs; +blob * dkim_signature; +int hsize; const uschar * errstr; BOOL rc; @@ -143,14 +144,13 @@ if (!rc) return FALSE; dkim->dot_stuffed = !!(save_options & topt_end_dot); -if ((dkim_signature = dkim_exim_sign(deliver_datafile, SPOOL_DATA_START_OFFSET, +if (!(dkim_signature = dkim_exim_sign(deliver_datafile, SPOOL_DATA_START_OFFSET, hdrs, dkim, &errstr))) - siglen = Ustrlen(dkim_signature); -else if (!(rc = dkt_sign_fail(dkim, &errno))) - { - *err = errstr; - return FALSE; - } + if (!(rc = dkt_sign_fail(dkim, &errno))) + { + *err = errstr; + return FALSE; + } /* Write the signature and headers into the deliver-out-buffer. This should mean they go out in the same packet as the MAIL, RCPT and (first) BDAT commands @@ -162,8 +162,12 @@ temporarily set the marker for possible already-CRLF input. */ tctx->options &= ~topt_escape_headers; spool_file_wireformat = TRUE; transport_write_reset(0); -if ( siglen > 0 && !write_chunk(tctx, dkim_signature, siglen) - || !write_chunk(tctx, hdrs, hsize)) +if ( ( dkim_signature + && dkim_signature->len > 0 + && !write_chunk(tctx, dkim_signature->data, dkim_signature->len) + ) + || !write_chunk(tctx, hdrs, hsize) + ) return FALSE; spool_file_wireformat = save_wireformat; @@ -199,8 +203,9 @@ dkt_via_kfile(transport_ctx * tctx, struct ob_dkim * dkim, const uschar ** err) int dkim_fd; int save_errno = 0; BOOL rc; -uschar * dkim_spool_name, * dkim_signature; -int siglen = 0, options; +uschar * dkim_spool_name; +blob * dkim_signature; +int options, dlen; off_t k_file_size; const uschar * errstr; @@ -243,13 +248,17 @@ if (!rc) /* Feed the file to the goats^W DKIM lib */ dkim->dot_stuffed = !!(options & topt_end_dot); -if ((dkim_signature = dkim_exim_sign(dkim_fd, 0, NULL, dkim, &errstr))) - siglen = Ustrlen(dkim_signature); -else if (!(rc = dkt_sign_fail(dkim, &save_errno))) +if (!(dkim_signature = dkim_exim_sign(dkim_fd, 0, NULL, dkim, &errstr))) { - *err = errstr; - goto CLEANUP; + dlen = 0; + if (!(rc = dkt_sign_fail(dkim, &save_errno))) + { + *err = errstr; + goto CLEANUP; + } } +else + dlen = dkim_signature->len; #ifndef OS_SENDFILE if (options & topt_use_bdat) @@ -266,24 +275,26 @@ if (options & topt_use_bdat) MAIL & RCPT commands flushed, then reap the responses so we can error out on RCPT rejects before sending megabytes. */ - if (siglen + k_file_size > DELIVER_OUT_BUFFER_SIZE && siglen > 0) + if ( dlen + k_file_size > DELIVER_OUT_BUFFER_SIZE + && dlen > 0) { - if ( tctx->chunk_cb(tctx, siglen, 0) != OK - || !transport_write_block(tctx, dkim_signature, siglen, FALSE) + if ( tctx->chunk_cb(tctx, dlen, 0) != OK + || !transport_write_block(tctx, + dkim_signature->data, dlen, FALSE) || tctx->chunk_cb(tctx, 0, tc_reap_prev) != OK ) goto err; - siglen = 0; + dlen = 0; } /* Send the BDAT command for the entire message, as a single LAST-marked chunk. */ - if (tctx->chunk_cb(tctx, siglen + k_file_size, tc_chunk_last) != OK) + if (tctx->chunk_cb(tctx, dlen + k_file_size, tc_chunk_last) != OK) goto err; } -if(siglen > 0 && !transport_write_block(tctx, dkim_signature, siglen, TRUE)) +if(dlen > 0 && !transport_write_block(tctx, dkim_signature->data, dlen, TRUE)) goto err; if (!dkt_send_file(tctx->u.fd, dkim_fd, 0, k_file_size)) diff --git a/src/src/expand.c b/src/src/expand.c index c51c1ff1b..04bb92916 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -2377,8 +2377,10 @@ switch(cond_type) case 3: return NULL; } - *resetok = FALSE; /* eval_acl() might allocate; do not reclaim */ - if (yield != NULL) switch(eval_acl(sub, nelem(sub), &user_msg)) + if (yield != NULL) + { + *resetok = FALSE; /* eval_acl() might allocate; do not reclaim */ + switch(eval_acl(sub, nelem(sub), &user_msg)) { case OK: cond = TRUE; @@ -2399,6 +2401,7 @@ switch(cond_type) expand_string_message = string_sprintf("error from acl \"%s\"", sub[0]); return NULL; } + } return s; } diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c index bef6b6a69..f107a5948 100644 --- a/src/src/pdkim/pdkim.c +++ b/src/src/pdkim/pdkim.c @@ -110,9 +110,11 @@ pdkim_combined_canon_entry pdkim_combined_canons[] = { }; +static blob lineending = {.data = US"\r\n", .len = 2}; + /* -------------------------------------------------------------------------- */ uschar * -dkim_sig_to_a_tag(pdkim_signature * sig) +dkim_sig_to_a_tag(const pdkim_signature * sig) { if ( sig->keytype < 0 || sig->keytype > nelem(pdkim_keytypes) || sig->hashtype < 0 || sig->hashtype > nelem(pdkim_hashes)) @@ -426,7 +428,7 @@ return b64encode(b->data, b->len); #define PDKIM_HDR_VALUE 2 static pdkim_signature * -pdkim_parse_sig_header(pdkim_ctx *ctx, uschar * raw_hdr) +pdkim_parse_sig_header(pdkim_ctx * ctx, uschar * raw_hdr) { pdkim_signature * sig; uschar *p, *q; @@ -675,87 +677,87 @@ return NULL; /* -------------------------------------------------------------------------- */ -static int -pdkim_update_bodyhash(pdkim_ctx * ctx, const char * data, int len) +/* Update the bodyhash for one sig, with some additional data. +If we have to relax the data for this sig, return our copy of it. */ + +/*XXX Currently we calculate a hash for each sig. But it is possible +that multi-signing will be wanted using different signing algos +(rsa, ec) using the same hash and canonicalization. Consider in future +hanging the hash+cacnon from the ctx and only referencing from the sig, +so that it can be calculated only once - being over the body this +caould be meagbytes, hence expensive. */ + +static blob * +pdkim_update_sig_bodyhash(pdkim_signature * sig, blob * orig_data, blob * relaxed_data) { -pdkim_signature * sig; -uschar * relaxed_data = NULL; /* Cache relaxed version of data */ -int relaxed_len = 0; +blob * canon_data = orig_data; +/* Defaults to simple canon (no further treatment necessary) */ -/* Traverse all signatures, updating their hashes. */ -for (sig = ctx->sig; sig; sig = sig->next) +if (sig->canon_body == PDKIM_CANON_RELAXED) { - /* Defaults to simple canon (no further treatment necessary) */ - const uschar *canon_data = CUS data; - int canon_len = len; - - if (sig->canon_body == PDKIM_CANON_RELAXED) + /* Relax the line if not done already */ + if (!relaxed_data) { - /* Relax the line if not done already */ - if (!relaxed_data) - { - BOOL seen_wsp = FALSE; - const char *p; - int q = 0; + BOOL seen_wsp = FALSE; + const char *p; + int q = 0; - /* We want to be able to free this else we allocate - for the entire message which could be many MB. Since - we don't know what allocations the SHA routines might - do, not safe to use store_get()/store_reset(). */ + /* We want to be able to free this else we allocate + for the entire message which could be many MB. Since + we don't know what allocations the SHA routines might + do, not safe to use store_get()/store_reset(). */ - relaxed_data = store_malloc(len+1); + relaxed_data = store_malloc(sizeof(blob) + orig_data->len+1); + relaxed_data->data = US (relaxed_data+1); - for (p = data; *p; p++) - { - char c = *p; - if (c == '\r') - { - if (q > 0 && relaxed_data[q-1] == ' ') - q--; - } - else if (c == '\t' || c == ' ') - { - c = ' '; /* Turns WSP into SP */ - if (seen_wsp) - continue; - seen_wsp = TRUE; - } - else - seen_wsp = FALSE; - relaxed_data[q++] = c; + for (p = orig_data->data; *p; p++) + { + char c = *p; + if (c == '\r') + { + if (q > 0 && relaxed_data->data[q-1] == ' ') + q--; + } + else if (c == '\t' || c == ' ') + { + c = ' '; /* Turns WSP into SP */ + if (seen_wsp) + continue; + seen_wsp = TRUE; } - relaxed_data[q] = '\0'; - relaxed_len = q; + else + seen_wsp = FALSE; + relaxed_data->data[q++] = c; } - canon_data = relaxed_data; - canon_len = relaxed_len; + relaxed_data->data[q] = '\0'; + relaxed_data->len = q; } + canon_data = relaxed_data; + } - /* Make sure we don't exceed the to-be-signed body length */ - if ( sig->bodylength >= 0 - && sig->signed_body_bytes + (unsigned long)canon_len > sig->bodylength - ) - canon_len = sig->bodylength - sig->signed_body_bytes; +/* Make sure we don't exceed the to-be-signed body length */ +if ( sig->bodylength >= 0 + && sig->signed_body_bytes + (unsigned long)canon_data->len > sig->bodylength + ) + canon_data->len = sig->bodylength - sig->signed_body_bytes; - if (canon_len > 0) - { - exim_sha_update(&sig->body_hash_ctx, CUS canon_data, canon_len); - sig->signed_body_bytes += canon_len; - DEBUG(D_acl) pdkim_quoteprint(canon_data, canon_len); - } +if (canon_data->len > 0) + { + exim_sha_update(&sig->body_hash_ctx, CUS canon_data->data, canon_data->len); + sig->signed_body_bytes += canon_data->len; + DEBUG(D_acl) pdkim_quoteprint(canon_data->data, canon_data->len); } -if (relaxed_data) store_free(relaxed_data); -return PDKIM_OK; +return relaxed_data; } /* -------------------------------------------------------------------------- */ static void -pdkim_finish_bodyhash(pdkim_ctx *ctx) +pdkim_finish_bodyhash(pdkim_ctx * ctx) { -pdkim_signature *sig; +pdkim_signature * sig; /* Traverse all signatures */ for (sig = ctx->sig; sig; sig = sig->next) @@ -767,8 +769,9 @@ for (sig = ctx->sig; sig; sig = sig->next) DEBUG(D_acl) { debug_printf("PDKIM [%s] Body bytes hashed: %lu\n" - "PDKIM [%s] Body hash computed: ", - sig->domain, sig->signed_body_bytes, sig->domain); + "PDKIM [%s] Body %s computed: ", + sig->domain, sig->signed_body_bytes, + sig->domain, pdkim_hashes[sig->hashtype].dkim_hashname); pdkim_hexprint(CUS bh.data, bh.len); } @@ -807,10 +810,10 @@ for (sig = ctx->sig; sig; sig = sig->next) -static int +static void pdkim_body_complete(pdkim_ctx * ctx) { -pdkim_signature * sig = ctx->sig; /*XXX assumes only one sig */ +pdkim_signature * sig; /* In simple body mode, if any empty lines were buffered, replace with one. rfc 4871 3.4.3 */ @@ -818,15 +821,15 @@ replace with one. rfc 4871 3.4.3 */ it indicates that all linebreaks should be buffered, including the one terminating a text line */ -if ( sig && sig->canon_body == PDKIM_CANON_SIMPLE - && sig->signed_body_bytes == 0 - && ctx->num_buffered_crlf > 0 - ) - pdkim_update_bodyhash(ctx, "\r\n", 2); +for (sig = ctx->sig; sig; sig = sig->next) + if ( sig->canon_body == PDKIM_CANON_SIMPLE + && sig->signed_body_bytes == 0 + && sig->num_buffered_blanklines > 0 + ) + (void) pdkim_update_sig_bodyhash(sig, &lineending, NULL); ctx->flags |= PDKIM_SEEN_EOD; ctx->linebuf_offset = 0; -return PDKIM_OK; } @@ -834,70 +837,78 @@ return PDKIM_OK; /* -------------------------------------------------------------------------- */ /* Call from pdkim_feed below for processing complete body lines */ -static int -pdkim_bodyline_complete(pdkim_ctx *ctx) +static void +pdkim_bodyline_complete(pdkim_ctx * ctx) { -char *p = ctx->linebuf; -int n = ctx->linebuf_offset; -pdkim_signature *sig = ctx->sig; /*XXX assumes only one sig */ +blob line = {.data = ctx->linebuf, .len = ctx->linebuf_offset}; +pdkim_signature * sig; +blob * rnl = NULL; +blob * rline = NULL; /* Ignore extra data if we've seen the end-of-data marker */ -if (ctx->flags & PDKIM_SEEN_EOD) goto BAIL; +if (ctx->flags & PDKIM_SEEN_EOD) goto all_skip; /* We've always got one extra byte to stuff a zero ... */ -ctx->linebuf[ctx->linebuf_offset] = '\0'; +ctx->linebuf[line.len] = '\0'; /* Terminate on EOD marker */ if (ctx->flags & PDKIM_DOT_TERM) { - if (memcmp(p, ".\r\n", 3) == 0) - return pdkim_body_complete(ctx); + if (memcmp(line.data, ".\r\n", 3) == 0) + { pdkim_body_complete(ctx); return; } /* Unstuff dots */ - if (memcmp(p, "..", 2) == 0) - { - p++; - n--; - } + if (memcmp(line.data, "..", 2) == 0) + { line.data++; line.len--; } } /* Empty lines need to be buffered until we find a non-empty line */ -if (memcmp(p, "\r\n", 2) == 0) +if (memcmp(line.data, "\r\n", 2) == 0) { - ctx->num_buffered_crlf++; - goto BAIL; + for (sig = ctx->sig; sig; sig = sig->next) sig->num_buffered_blanklines++; + goto all_skip; } -if (sig && sig->canon_body == PDKIM_CANON_RELAXED) +/* Process line for each sig separately */ +for (sig = ctx->sig; sig; sig = sig->next) { - /* Lines with just spaces need to be buffered too */ - char *check = p; - while (memcmp(check, "\r\n", 2) != 0) + if (sig->canon_body == PDKIM_CANON_RELAXED) { - char c = *check; + /* Lines with just spaces need to be buffered too */ + char * cp = line.data; + char c; - if (c != '\t' && c != ' ') - goto PROCESS; - check++; + while ((c = *cp)) + { + if (c == '\r' && cp[1] == '\n') break; + if (c != ' ' && c != '\t') goto sig_process; + cp++; + } + + sig->num_buffered_blanklines++; + goto sig_skip; } - ctx->num_buffered_crlf++; - goto BAIL; -} +sig_process: + /* At this point, we have a non-empty line, so release the buffered ones. */ -PROCESS: -/* At this point, we have a non-empty line, so release the buffered ones. */ -while (ctx->num_buffered_crlf) - { - pdkim_update_bodyhash(ctx, "\r\n", 2); - ctx->num_buffered_crlf--; + while (sig->num_buffered_blanklines) + { + rnl = pdkim_update_sig_bodyhash(sig, &lineending, rnl); + sig->num_buffered_blanklines--; + } + + rline = pdkim_update_sig_bodyhash(sig, &line, rline); +sig_skip: ; } -pdkim_update_bodyhash(ctx, p, n); +if (rnl) store_free(rnl); +if (rline) store_free(rline); + +all_skip: -BAIL: ctx->linebuf_offset = 0; -return PDKIM_OK; +return; } @@ -1002,8 +1013,7 @@ else for (p = 0; pflags &= ~PDKIM_SEEN_CR; - if ((rc = pdkim_bodyline_complete(ctx)) != PDKIM_OK) - return rc; + pdkim_bodyline_complete(ctx); } if (ctx->linebuf_offset == PDKIM_MAX_BODY_LINE_LEN-1) @@ -1183,7 +1193,7 @@ return str; /* -------------------------------------------------------------------------- */ static uschar * -pdkim_create_header(pdkim_signature *sig, BOOL final) +pdkim_create_header(pdkim_signature * sig, BOOL final) { uschar * base64_bh; uschar * base64_b; @@ -1324,7 +1334,9 @@ DEBUG(D_acl) { debug_printf( "PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n" - " Raw record: "); + " %s\n" + " Raw record: ", + dns_txt_name); pdkim_quoteprint(CUS dns_txt_reply, Ustrlen(dns_txt_reply)); } @@ -1369,16 +1381,22 @@ DLLEXPORT int pdkim_feed_finish(pdkim_ctx * ctx, pdkim_signature ** return_signatures, const uschar ** err) { -pdkim_signature *sig = ctx->sig; +pdkim_signature * sig; /* Check if we must still flush a (partial) header. If that is the case, the message has no body, and we must compute a body hash out of '' */ if (ctx->cur_header && ctx->cur_header_len) { - int rc = pdkim_header_complete(ctx); - if (rc != PDKIM_OK) return rc; - pdkim_update_bodyhash(ctx, "\r\n", 2); + blob * rnl = NULL; + int rc; + + if ((rc = pdkim_header_complete(ctx)) != PDKIM_OK) + return rc; + + for (sig = ctx->sig; sig; sig = sig->next) + rnl = pdkim_update_sig_bodyhash(sig, &lineending, rnl); + if (rnl) store_free(rnl); } else DEBUG(D_acl) debug_printf( @@ -1387,7 +1405,7 @@ else /* Build (and/or evaluate) body hash */ pdkim_finish_bodyhash(ctx); -while (sig) +for (sig = ctx->sig; sig; sig = sig->next) { hctx hhash_ctx; uschar * sig_hdr = US""; @@ -1405,9 +1423,16 @@ while (sig) break; } + if (ctx->flags & PDKIM_MODE_SIGN) + DEBUG(D_acl) debug_printf( + "PDKIM >> Headers to be signed: >>>>>>>>>>>>\n" + " %s\n", + sig->sign_headers); + DEBUG(D_acl) debug_printf( "PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>>\n"); + /* SIGNING ---------------------------------------------------------------- */ /* When signing, walk through our header list and add them to the hash. As we go, construct a list of the header's names to use for the h= parameter. @@ -1416,26 +1441,26 @@ while (sig) if (ctx->flags & PDKIM_MODE_SIGN) { - uschar * headernames = NULL; /* Collected signed header names */ int hs = 0, hl = 0; pdkim_stringlist *p; const uschar * l; uschar * s; int sep = 0; + sig->headernames = NULL; /* Collected signed header names */ + for (p = sig->headers; p; p = p->next) - if (header_name_match(p->value, sig->sign_headers) == PDKIM_OK) + { + uschar * rh = p->value; + + if (header_name_match(rh, sig->sign_headers) == PDKIM_OK) { - uschar * rh; /* Collect header names (Note: colon presence is guaranteed here) */ - uschar * q = Ustrchr(p->value, ':'); + sig->headernames = string_append_listele_n(sig->headernames, &hs, &hl, + ':', rh, Ustrchr(rh, ':') - rh); - headernames = string_catn(headernames, &hs, &hl, - p->value, (q - US p->value) + (p->next ? 1 : 0)); - - rh = sig->canon_headers == PDKIM_CANON_RELAXED - ? pdkim_relax_header(p->value, TRUE) /* cook header for relaxed canon */ - : string_copy(CUS p->value); /* just copy it for simple canon */ + if (sig->canon_headers == PDKIM_CANON_RELAXED) + rh = pdkim_relax_header(rh, TRUE); /* cook header for relaxed canon */ /* Feed header to the hash algorithm */ exim_sha_update(&hhash_ctx, CUS rh, Ustrlen(rh)); @@ -1445,20 +1470,14 @@ while (sig) DEBUG(D_acl) pdkim_quoteprint(rh, Ustrlen(rh)); } + } + /* Any headers we wanted to sign but were not present must also be listed */ l = sig->sign_headers; while((s = string_nextinlist(&l, &sep, NULL, 0))) if (*s != '_') - { /*SSS string_append_listele() */ - if (hl > 0 && headernames[hl-1] != ':') - headernames = string_catn(headernames, &hs, &hl, US":", 1); - - headernames = string_cat(headernames, &hs, &hl, s); - } - headernames[hl] = '\0'; - - /* Copy headernames to signature struct */ - sig->headernames = headernames; + sig->headernames = string_append_listele(sig->headernames, &hs, &hl, ':', s); + sig->headernames[hl] = '\0'; /* Create signature header with b= omitted */ sig_hdr = pdkim_create_header(sig, FALSE); @@ -1517,6 +1536,15 @@ while (sig) DEBUG(D_acl) debug_printf( "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + DEBUG(D_acl) + { + debug_printf( + "PDKIM >> Signed DKIM-Signature header, pre-canonicalized >>>>>>>>>>>>>\n"); + pdkim_quoteprint(CUS sig_hdr, Ustrlen(sig_hdr)); + debug_printf( + "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + } + /* Relax header if necessary */ if (sig->canon_headers == PDKIM_CANON_RELAXED) sig_hdr = pdkim_relax_header(sig_hdr, FALSE); @@ -1536,12 +1564,13 @@ while (sig) DEBUG(D_acl) { - debug_printf("PDKIM [%s] Header hash computed: ", sig->domain); + debug_printf("PDKIM [%s] Header %s computed: ", + sig->domain, pdkim_hashes[sig->hashtype].dkim_hashname); pdkim_hexprint(hhash.data, hhash.len); } - /* Remember headers block for signing (when the library cannot do incremental) */ -/*XXX is this assuing algo == RSA? */ + /* Remember headers block for signing (when the signing library cannot do + incremental) */ if (ctx->flags & PDKIM_MODE_SIGN) (void) exim_dkim_data_append(&hdata, &hdata_alloc, US sig_hdr); @@ -1621,6 +1650,12 @@ while (sig) goto NEXT_VERIFY; } + DEBUG(D_acl) + { + debug_printf( "PDKIM [%s] b from mail: ", sig->domain); + pdkim_hexprint(sig->sighash.data, sig->sighash.len); + } + if (!(sig->pubkey = pdkim_key_from_dns(ctx, sig, &vctx, err))) goto NEXT_VERIFY; @@ -1675,8 +1710,6 @@ NEXT_VERIFY: debug_printf("\n"); } } - - sig = sig->next; } /* If requested, set return pointer to signature(s) */ @@ -1709,31 +1742,23 @@ return ctx; /*XXX ? needs extension to cover non-RSA algo? */ -DLLEXPORT pdkim_ctx * -pdkim_init_sign(uschar * domain, uschar * selector, uschar * privkey, - uschar * hashname, BOOL dot_stuffed, int(*dns_txt_callback)(char *, char *), - const uschar ** errstr) +DLLEXPORT pdkim_signature * +pdkim_init_sign(pdkim_ctx * ctx, + uschar * domain, uschar * selector, uschar * privkey, + uschar * hashname, const uschar ** errstr) { int hashtype; -pdkim_ctx * ctx; pdkim_signature * sig; if (!domain || !selector || !privkey) return NULL; -ctx = store_get(sizeof(pdkim_ctx) + PDKIM_MAX_BODY_LINE_LEN + sizeof(pdkim_signature)); -memset(ctx, 0, sizeof(pdkim_ctx)); - -ctx->flags = dot_stuffed ? PDKIM_MODE_SIGN | PDKIM_DOT_TERM : PDKIM_MODE_SIGN; -ctx->linebuf = CS (ctx+1); +/* Allocate & init one signature struct */ -DEBUG(D_acl) ctx->dns_txt_callback = dns_txt_callback; - -sig = (pdkim_signature *)(ctx->linebuf + PDKIM_MAX_BODY_LINE_LEN); +sig = store_get(sizeof(pdkim_signature)); memset(sig, 0, sizeof(pdkim_signature)); sig->bodylength = -1; -ctx->sig = sig; sig->domain = string_copy(US domain); sig->selector = string_copy(US selector); @@ -1767,24 +1792,22 @@ DEBUG(D_acl) debug_printf("WARNING: bad dkim key in dns\n"); debug_printf("PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } -return ctx; +return sig; } /* -------------------------------------------------------------------------- */ -DLLEXPORT int -pdkim_set_optional(pdkim_ctx *ctx, - char *sign_headers, - char *identity, +DLLEXPORT void +pdkim_set_optional(pdkim_signature * sig, + char * sign_headers, + char * identity, int canon_headers, int canon_body, long bodylength, unsigned long created, unsigned long expires) { -pdkim_signature * sig = ctx->sig; - if (identity) sig->identity = string_copy(US identity); @@ -1797,7 +1820,19 @@ sig->bodylength = bodylength; sig->created = created; sig->expires = expires; -return PDKIM_OK; +return; +} + + + +void +pdkim_init_context(pdkim_ctx * ctx, BOOL dot_stuffed, + int(*dns_txt_callback)(char *, char *)) +{ +memset(ctx, 0, sizeof(pdkim_ctx)); +ctx->flags = dot_stuffed ? PDKIM_MODE_SIGN | PDKIM_DOT_TERM : PDKIM_MODE_SIGN; +ctx->linebuf = store_get(PDKIM_MAX_BODY_LINE_LEN); +DEBUG(D_acl) ctx->dns_txt_callback = dns_txt_callback; } diff --git a/src/src/pdkim/pdkim.h b/src/src/pdkim/pdkim.h index 3c420ae63..a350e6b7e 100644 --- a/src/src/pdkim/pdkim.h +++ b/src/src/pdkim/pdkim.h @@ -113,6 +113,7 @@ typedef struct pdkim_pubkey { /* -------------------------------------------------------------------------- */ /* Signature as it appears in a DKIM-Signature header */ typedef struct pdkim_signature { + struct pdkim_signature * next; /* Bits stored in a DKIM signature header --------------------------- */ @@ -166,7 +167,7 @@ typedef struct pdkim_signature { /* (bh=) Raw body hash data, along with its length in bytes */ blob bodyhash; - /* Folded DKIM-Signature: header. Singing only, NULL for verifying. + /* Folded DKIM-Signature: header. Signing only, NULL for verifying. Ready for insertion into the message. Note: Folded using CRLFTB, but final line terminator is NOT included. Note2: This buffer is free()d when you call pdkim_free_ctx(). */ @@ -223,17 +224,15 @@ typedef struct pdkim_signature { Caution: is NULL if signing or if no record was retrieved. */ pdkim_pubkey *pubkey; - /* Pointer to the next pdkim_signature signature. NULL if signing or if - this is the last signature. */ - void *next; - /* Properties below this point are used internally only ------------- */ /* Per-signature helper variables ----------------------------------- */ hctx body_hash_ctx; unsigned long signed_body_bytes; /* How many body bytes we hashed */ + int num_buffered_blanklines; pdkim_stringlist *headers; /* Raw headers included in the sig */ + /* Signing specific ------------------------------------------------- */ uschar * privkey; /* Private key */ uschar * sign_headers; /* To-be-signed header names */ @@ -265,7 +264,6 @@ typedef struct pdkim_ctx { int cur_header_len; char *linebuf; int linebuf_offset; - int num_buffered_crlf; int num_headers; pdkim_stringlist *headers; /* Raw headers for verification */ } pdkim_ctx; @@ -282,15 +280,18 @@ extern "C" { void pdkim_init (void); +void pdkim_init_context (pdkim_ctx *, BOOL, int(*)(char *, char *)); + DLLEXPORT -pdkim_ctx *pdkim_init_sign (uschar *, uschar *, uschar *, uschar *, - BOOL, int(*)(char *, char *), const uschar **); +pdkim_signature *pdkim_init_sign (pdkim_ctx *, + uschar *, uschar *, uschar *, uschar *, + const uschar **); DLLEXPORT pdkim_ctx *pdkim_init_verify (int(*)(char *, char *), BOOL); DLLEXPORT -int pdkim_set_optional (pdkim_ctx *, char *, char *,int, int, +void pdkim_set_optional (pdkim_signature *, char *, char *,int, int, long, unsigned long, unsigned long); @@ -306,7 +307,7 @@ void pdkim_free_ctx (pdkim_ctx *); const uschar * pdkim_errstr(int); -uschar * dkim_sig_to_a_tag(pdkim_signature * sig); +uschar * dkim_sig_to_a_tag(const pdkim_signature * sig); #ifdef __cplusplus } diff --git a/src/src/pdkim/signing.c b/src/src/pdkim/signing.c index ec68414c8..77728bab1 100644 --- a/src/src/pdkim/signing.c +++ b/src/src/pdkim/signing.c @@ -587,6 +587,7 @@ return NULL; void exim_dkim_init(void) { +ERR_load_crypto_strings(); } @@ -618,7 +619,7 @@ return NULL; OR sign hash. -Return: NULL for success, or an error string */ +Return: NULL for success with the signaature in the sig blob, or an error string */ const uschar * exim_dkim_sign(es_ctx * sign_ctx, hashmethod hash, blob * data, blob * sig) @@ -644,10 +645,13 @@ if ( (ctx = EVP_PKEY_CTX_new(sign_ctx->key, NULL)) { /* Allocate mem for signature */ sig->data = store_get(siglen); - sig->len = siglen; if (EVP_PKEY_sign(ctx, sig->data, &siglen, data->data, data->len) > 0) - { EVP_PKEY_CTX_free(ctx); return NULL; } + { + EVP_PKEY_CTX_free(ctx); + sig->len = siglen; + return NULL; + } } if (ctx) EVP_PKEY_CTX_free(ctx); diff --git a/test/confs/4520 b/test/confs/4520 index 449702855..5f4649846 100644 --- a/test/confs/4520 +++ b/test/confs/4520 @@ -12,6 +12,7 @@ primary_hostname = myhost.test.ex acl_smtp_rcpt = accept acl_smtp_dkim = accept logwrite = signer: $dkim_cur_signer bits: $dkim_key_length h=$dkim_headernames +DDIR=DIR/aux-fixed/dkim # ----- Routers @@ -42,7 +43,11 @@ send_to_server: .else dkim_selector = sel .endif - dkim_private_key = DIR/aux-fixed/dkim/dkim.private + + dkim_private_key = ${if match {$dkim_selector}{^ses} {DDIR/dkim512.private} \ + {${if match {$dkim_selector}{^sel} {DDIR/dkim.private} \ + {}}}} + .ifndef HEADERS_MAXSIZE dkim_sign_headers = OPT .endif diff --git a/test/confs/4524 b/test/confs/4524 new file mode 120000 index 000000000..072f5faf2 --- /dev/null +++ b/test/confs/4524 @@ -0,0 +1 @@ +4520 \ No newline at end of file diff --git a/test/log/4520 b/test/log/4520 index e9736fd6f..73854cfc1 100644 --- a/test/log/4520 +++ b/test/log/4520 @@ -29,7 +29,7 @@ 1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: R=server_dump 1999-03-02 09:44:33 10HmbC-0005vi-00 Completed 1999-03-02 09:44:33 10HmbE-0005vi-00 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha256 b=1024 [invalid - syntax error in public key record] -1999-03-02 09:44:33 10HmbE-0005vi-00 signer: test.ex bits: 1024 h=Date:Sender:Message-Id:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive +1999-03-02 09:44:33 10HmbE-0005vi-00 signer: test.ex bits: 1024 h=From 1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbD-0005vi-00@myhost.test.ex 1999-03-02 09:44:33 10HmbE-0005vi-00 => :blackhole: R=server_dump 1999-03-02 09:44:33 10HmbE-0005vi-00 Completed diff --git a/test/log/4524 b/test/log/4524 new file mode 100644 index 000000000..a6d687c83 --- /dev/null +++ b/test/log/4524 @@ -0,0 +1,12 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmaX-0005vi-00 => c@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=ses c=relaxed/relaxed a=rsa-sha256 b=512 [verification succeeded] +1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] +1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 512 h=From:To:Subject +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server_dump +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed diff --git a/test/scripts/4500-DKIM/4520 b/test/scripts/4500-DKIM/4520 index 6efe3545a..3e5879972 100644 --- a/test/scripts/4500-DKIM/4520 +++ b/test/scripts/4500-DKIM/4520 @@ -26,7 +26,7 @@ content **** # # check that on signing we warn in debug mode about verify problems -exim -d-all+acl -DHEADERS_MAXSIZE=y -DSELECTOR=sel_bad -odf d@test.ex +exim -d-all+acl -DOPT=From -DSELECTOR=sel_bad -odf d@test.ex From: nobody@example.com content diff --git a/test/scripts/4500-DKIM/4524 b/test/scripts/4500-DKIM/4524 new file mode 100644 index 000000000..9737ad583 --- /dev/null +++ b/test/scripts/4500-DKIM/4524 @@ -0,0 +1,14 @@ +# DKIM signing, multiple +# +exim -bd -DSERVER=server -oX PORT_D +**** +# +exim -DSELECTOR=ses:sel -DOPT=From:To:Subject -odf c@test.ex +From: nobody@example.com + +content +**** +# +millisleep 500 +killdaemon +no_msglog_check diff --git a/test/stderr/4520 b/test/stderr/4520 index fc64a9e93..d8d2d7a03 100644 --- a/test/stderr/4520 +++ b/test/stderr/4520 @@ -25,6 +25,7 @@ cmd buf flush ddd bytes SMTP<< 354 Enter message, ending with "." on a line by itself PDKIM (checking verify key)>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + sel_bad._domainkey.test.ex. Raw record: v=DKIM1\;{SP}p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB v=DKIM1\ p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB @@ -34,13 +35,16 @@ WARNING: bad dkim key in dns PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< content{CR}{LF} PDKIM [test.ex] Body bytes hashed: 9 -PDKIM [test.ex] Body hash computed: fc06f48221d98ad6106c3845b33a2a41152482ab9e697f736ad26db4853fa657 +PDKIM [test.ex] Body sha256 computed: fc06f48221d98ad6106c3845b33a2a41152482ab9e697f736ad26db4853fa657 +PDKIM >> Headers to be signed: >>>>>>>>>>>> + From PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>> -sender:CALLER_NAME{SP}{CR}{LF} -message-id:{CR}{LF} from:nobody@example.com{CR}{LF} +PDKIM >> Signed DKIM-Signature header, pre-canonicalized >>>>>>>>>>>>> +DKIM-Signature:{SP}v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=test.ex;{CR}{LF}{TB}s=sel_bad;{SP}h=From;{SP}bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=;{SP}b=; PDKIM >> Signed DKIM-Signature header, canonicalized >>>>>>>>>>>>>>>>> -dkim-signature:v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=test.ex;{SP}s=sel_bad;{SP}h=Date:Sender:Message-Id:From:Reply-To:Subject:To:Cc:MIME-Version:{SP}Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:{SP}Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:{SP}In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:{SP}List-Post:List-Owner:List-Archive;{SP}bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=;{SP}b=; +dkim-signature:v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=test.ex;{SP}s=sel_bad;{SP}h=From;{SP}bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=;{SP}b=; +PDKIM [test.ex] Header sha256 computed: 241e16230df5723d899cfae9474c6b376a2ab1f81d1094e358f50ffd0e0067b3 SMTP<< 250 OK id=10HmbE-0005vi-00 SMTP>> QUIT cmd buf flush ddd bytes -- cgit v1.2.3