From b5896ba9f6047e7031e2bdee0622d543e11a6734 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 6 May 2024 03:46:30 +0200 Subject: Adding upstream version 3.4.23. Signed-off-by: Daniel Baumann --- src/posttls-finger/posttls-finger.c | 2164 +++++++++++++++++++++++++++++++++++ 1 file changed, 2164 insertions(+) create mode 100644 src/posttls-finger/posttls-finger.c (limited to 'src/posttls-finger/posttls-finger.c') diff --git a/src/posttls-finger/posttls-finger.c b/src/posttls-finger/posttls-finger.c new file mode 100644 index 0000000..a3a9946 --- /dev/null +++ b/src/posttls-finger/posttls-finger.c @@ -0,0 +1,2164 @@ +/*++ +/* NAME +/* posttls-finger 1 +/* SUMMARY +/* Probe the TLS properties of an ESMTP or LMTP server. +/* SYNOPSIS +/* \fBposttls-finger\fR [\fIoptions\fR] [\fBinet:\fR]\fIdomain\fR[:\fIport\fR] [\fImatch ...\fR] +/* .br +/* \fBposttls-finger\fR -S [\fIoptions\fR] \fBunix:\fIpathname\fR [\fImatch ...\fR] +/* DESCRIPTION +/* \fBposttls-finger\fR(1) connects to the specified destination +/* and reports TLS-related information about the server. With SMTP, the +/* destination is a domainname; with LMTP it is either a domainname +/* prefixed with \fBinet:\fR or a pathname prefixed with \fBunix:\fR. If +/* Postfix is built without TLS support, the resulting posttls-finger +/* program has very limited functionality, and only the \fB-a\fR, \fB-c\fR, +/* \fB-h\fR, \fB-o\fR, \fB-S\fR, \fB-t\fR, \fB-T\fR and \fB-v\fR options +/* are available. +/* +/* Note: this is an unsupported test program. No attempt is made +/* to maintain compatibility between successive versions. +/* +/* For SMTP servers that don't support ESMTP, only the greeting banner +/* and the negative EHLO response are reported. Otherwise, the reported +/* EHLO response details further server capabilities. +/* +/* If TLS support is enabled when \fBposttls-finger\fR(1) is compiled, and +/* the server supports \fBSTARTTLS\fR, a TLS handshake is attempted. +/* +/* If DNSSEC support is available, the connection TLS security level +/* (\fB-l\fR option) defaults to \fBdane\fR; see TLS_README for +/* details. Otherwise, it defaults to \fBsecure\fR. This setting +/* determines the certificate matching policy. +/* +/* If TLS negotiation succeeds, the TLS protocol and cipher details are +/* reported. The server certificate is then verified in accordance with +/* the policy at the chosen (or default) security level. With public +/* CA-based trust, when the \fB-L\fR option includes \fBcertmatch\fR, +/* (true by default) name matching is performed even if the certificate +/* chain is not trusted. This logs the names found in the remote SMTP +/* server certificate and which if any would match, were the certificate +/* chain trusted. +/* +/* Note: \fBposttls-finger\fR(1) does not perform any table lookups, so +/* the TLS policy table and obsolete per-site tables are not consulted. +/* It does not communicate with the \fBtlsmgr\fR(8) daemon (or any other +/* Postfix daemons); its TLS session cache is held in private memory, and +/* disappears when the process exits. +/* +/* With the \fB-r \fIdelay\fR option, if the server assigns a TLS +/* session id, the TLS session is cached. The connection is then closed +/* and re-opened after the specified delay, and \fBposttls-finger\fR(1) +/* then reports whether the cached TLS session was re-used. +/* +/* When the destination is a load balancer, it may be distributing +/* load between multiple server caches. Typically, each server returns +/* its unique name in its EHLO response. If, upon reconnecting with +/* \fB-r\fR, a new server name is detected, another session is cached +/* for the new server, and the reconnect is repeated up to a maximum +/* number of times (default 5) that can be specified via the \fB-m\fR +/* option. +/* +/* The choice of SMTP or LMTP (\fB-S\fR option) determines the syntax of +/* the destination argument. With SMTP, one can specify a service on a +/* non-default port as \fIhost\fR:\fIservice\fR, and disable MX (mail +/* exchanger) DNS lookups with [\fIhost\fR] or [\fIhost\fR]:\fIport\fR. +/* The [] form is required when you specify an IP address instead of a +/* hostname. An IPv6 address takes the form [\fBipv6:\fIaddress\fR]. +/* The default port for SMTP is taken from the \fBsmtp/tcp\fR entry in +/* /etc/services, defaulting to 25 if the entry is not found. +/* +/* With LMTP, specify \fBunix:\fIpathname\fR to connect to a local server +/* listening on a unix-domain socket bound to the specified pathname; +/* otherwise, specify an optional \fBinet:\fR prefix followed by a +/* \fIdomain\fR and an optional port, with the same syntax as for +/* SMTP. The default TCP port for LMTP is 24. +/* +/* Arguments: +/* .IP "\fB-a\fR \fIfamily\fR (default: \fBany\fR)" +/* Address family preference: \fBipv4\fR, \fBipv6\fR or \fBany\fR. When +/* using \fBany\fR, posttls-finger will randomly select one of the two as +/* the more preferred, and exhaust all MX preferences for the first +/* address family before trying any addresses for the other. +/* .IP "\fB-A\fR \fItrust-anchor.pem\fR (default: none)" +/* A list of PEM trust-anchor files that overrides CAfile and CApath +/* trust chain verification. Specify the option multiple times to +/* specify multiple files. See the main.cf documentation for +/* smtp_tls_trust_anchor_file for details. +/* .IP "\fB-c\fR" +/* Disable SMTP chat logging; only TLS-related information is logged. +/* .IP "\fB-C\fR" +/* Print the remote SMTP server certificate trust chain in PEM format. +/* The issuer DN, subject DN, certificate and public key fingerprints +/* (see \fB-d \fImdalg\fR option below) are printed above each PEM +/* certificate block. If you specify \fB-F \fICAfile\fR or +/* \fB-P \fICApath\fR, the OpenSSL library may augment the chain with +/* missing issuer certificates. To see the actual chain sent by the +/* remote SMTP server leave \fICAfile\fR and \fICApath\fR unset. +/* .IP "\fB-d \fImdalg\fR (default: \fBsha1\fR)" +/* The message digest algorithm to use for reporting remote SMTP server +/* fingerprints and matching against user provided certificate +/* fingerprints (with DANE TLSA records the algorithm is specified +/* in the DNS). +/* .IP "\fB-f\fR" +/* Lookup the associated DANE TLSA RRset even when a hostname is not an +/* alias and its address records lie in an unsigned zone. See +/* smtp_tls_force_insecure_host_tlsa_lookup for details. +/* .IP "\fB-F \fICAfile.pem\fR (default: none)" +/* The PEM formatted CAfile for remote SMTP server certificate +/* verification. By default no CAfile is used and no public CAs +/* are trusted. +/* .IP "\fB-g \fIgrade\fR (default: medium)" +/* The minimum TLS cipher grade used by posttls-finger. See +/* smtp_tls_mandatory_ciphers for details. +/* .IP "\fB-h \fIhost_lookup\fR (default: \fBdns\fR)" +/* The hostname lookup methods used for the connection. See the +/* documentation of smtp_host_lookup for syntax and semantics. +/* .IP "\fB-H \fIchainfiles\fR (default: \fInone\fR)\fR" +/* List of files with a sequence PEM-encoded TLS client certificate +/* chains. The list can be built-up incrementally, by specifying +/* the option multiple times, or all at once via a comma or +/* whitespace separated list of filenames. Each chain starts with +/* a private key, which is followed immediately by the +/* corresponding certificate, and optionally by additional issuer +/* certificates. Each new key begins a new chain for the +/* corresponding algorithm. This option is mutually exclusive with +/* the below \fB-k\fR and \fB-K\fR options. +/* .IP "\fB-k \fIcertfile\fR (default: \fIkeyfile\fR)\fR" +/* File with PEM-encoded TLS client certificate chain. This +/* defaults to \fIkeyfile\fR if one is specified. +/* .IP "\fB-K \fIkeyfile\fR (default: \fIcertfile\fR)" +/* File with PEM-encoded TLS client private key. +/* This defaults to \fIcertfile\fR if one is specified. +/* .IP "\fB-l \fIlevel\fR (default: \fBdane\fR or \fBsecure\fR)" +/* The security level for the connection, default \fBdane\fR or +/* \fBsecure\fR depending on whether DNSSEC is available. For syntax +/* and semantics, see the documentation of smtp_tls_security_level. +/* When \fBdane\fR or \fBdane-only\fR is supported and selected, if no +/* TLSA records are found, or all the records found are unusable, the +/* \fIsecure\fR level will be used instead. The \fBfingerprint\fR +/* security level allows you to test certificate or public-key +/* fingerprint matches before you deploy them in the policy table. +/* .IP +/* Note, since \fBposttls-finger\fR does not actually deliver any email, +/* the \fBnone\fR, \fBmay\fR and \fBencrypt\fR security levels are not +/* very useful. Since \fBmay\fR and \fBencrypt\fR don't require peer +/* certificates, they will often negotiate anonymous TLS ciphersuites, +/* so you won't learn much about the remote SMTP server's certificates +/* at these levels if it also supports anonymous TLS (though you may +/* learn that the server supports anonymous TLS). +/* .IP "\fB-L \fIlogopts\fR (default: \fBroutine,certmatch\fR)" +/* Fine-grained TLS logging options. To tune the TLS features logged +/* during the TLS handshake, specify one or more of: +/* .RS +/* .IP "\fB0, none\fR" +/* These yield no TLS logging; you'll generally want more, but this +/* is handy if you just want the trust chain: +/* .RS +/* .ad +/* .nf +/* $ posttls-finger -cC -L none destination +/* .fi +/* .RE +/* .IP "\fB1, routine, summary\fR" +/* These synonymous values yield a normal one-line summary of the TLS +/* connection. +/* .IP "\fB2, debug\fR" +/* These synonymous values combine routine, ssl-debug, cache and verbose. +/* .IP "\fB3, ssl-expert\fR" +/* These synonymous values combine debug with ssl-handshake-packet-dump. +/* For experts only. +/* .IP "\fB4, ssl-developer\fR" +/* These synonymous values combine ssl-expert with ssl-session-packet-dump. +/* For experts only, and in most cases, use wireshark instead. +/* .IP "\fBssl-debug\fR" +/* Turn on OpenSSL logging of the progress of the SSL handshake. +/* .IP "\fBssl-handshake-packet-dump\fR" +/* Log hexadecimal packet dumps of the SSL handshake; for experts only. +/* .IP "\fBssl-session-packet-dump\fR" +/* Log hexadecimal packet dumps of the entire SSL session; only useful +/* to those who can debug SSL protocol problems from hex dumps. +/* .IP "\fBuntrusted\fR" +/* Logs trust chain verification problems. This is turned on +/* automatically at security levels that use peer names signed +/* by Certification Authorities to validate certificates. So while +/* this setting is recognized, you should never need to set it +/* explicitly. +/* .IP "\fBpeercert\fR" +/* This logs a one line summary of the remote SMTP server certificate +/* subject, issuer, and fingerprints. +/* .IP "\fBcertmatch\fR" +/* This logs remote SMTP server certificate matching, showing the CN +/* and each subjectAltName and which name matched. With DANE, logs +/* matching of TLSA record trust-anchor and end-entity certificates. +/* .IP "\fBcache\fR" +/* This logs session cache operations, showing whether session caching +/* is effective with the remote SMTP server. Automatically used when +/* reconnecting with the \fB-r\fR option; rarely needs to be set +/* explicitly. +/* .IP "\fBverbose\fR" +/* Enables verbose logging in the Postfix TLS driver; includes all of +/* peercert..cache and more. +/* .RE +/* .IP +/* The default is \fBroutine,certmatch\fR. After a reconnect, +/* \fBpeercert\fR, \fBcertmatch\fR and \fBverbose\fR are automatically +/* disabled while \fBcache\fR and \fBsummary\fR are enabled. +/* .IP "\fB-m \fIcount\fR (default: \fB5\fR)" +/* When the \fB-r \fIdelay\fR option is specified, the \fB-m\fR option +/* determines the maximum number of reconnect attempts to use with +/* a server behind a load balancer, to see whether connection caching +/* is likely to be effective for this destination. Some MTAs +/* don't expose the underlying server identity in their EHLO +/* response; with these servers there will never be more than +/* 1 reconnection attempt. +/* .IP "\fB-M \fIinsecure_mx_policy\fR (default: \fBdane\fR)" +/* The TLS policy for MX hosts with "secure" TLSA records when the +/* nexthop destination security level is \fBdane\fR, but the MX +/* record was found via an "insecure" MX lookup. See the main.cf +/* documentation for smtp_tls_insecure_mx_policy for details. +/* .IP "\fB-o \fIname=value\fR" +/* Specify zero or more times to override the value of the main.cf +/* parameter \fIname\fR with \fIvalue\fR. Possible use-cases include +/* overriding the values of TLS library parameters, or "myhostname" to +/* configure the SMTP EHLO name sent to the remote server. +/* .IP "\fB-p \fIprotocols\fR (default: !SSLv2)" +/* List of TLS protocols that posttls-finger will exclude or include. See +/* smtp_tls_mandatory_protocols for details. +/* .IP "\fB-P \fICApath/\fR (default: none)" +/* The OpenSSL CApath/ directory (indexed via c_rehash(1)) for remote +/* SMTP server certificate verification. By default no CApath is used +/* and no public CAs are trusted. +/* .IP "\fB-r \fIdelay\fR" +/* With a cacheable TLS session, disconnect and reconnect after \fIdelay\fR +/* seconds. Report whether the session is re-used. Retry if a new server +/* is encountered, up to 5 times or as specified with the \fB-m\fR option. +/* By default reconnection is disabled, specify a positive delay to +/* enable this behavior. +/* .IP "\fB-s \fIservername\fR" +/* The server name to send with the TLS Server Name Indication (SNI) +/* extension. When the server has DANE TLSA records, this parameter +/* is ignored and the TLSA base domain is used instead. Otherwise, SNI is +/* not used by default, but can be enabled by specifying the desired value +/* with this option. +/* .IP "\fB-S\fR" +/* Disable SMTP; that is, connect to an LMTP server. The default port for +/* LMTP over TCP is 24. Alternative ports can specified by appending +/* "\fI:servicename\fR" or ":\fIportnumber\fR" to the destination +/* argument. +/* .IP "\fB-t \fItimeout\fR (default: \fB30\fR)" +/* The TCP connection timeout to use. This is also the timeout for +/* reading the remote server's 220 banner. +/* .IP "\fB-T \fItimeout\fR (default: \fB30\fR)" +/* The SMTP/LMTP command timeout for EHLO/LHLO, STARTTLS and QUIT. +/* .IP "\fB-v\fR" +/* Enable verbose Postfix logging. Specify more than once to increase +/* the level of verbose logging. +/* .IP "\fB-w\fR" +/* Enable outgoing TLS wrapper mode, or SMTPS support. This is typically +/* provided on port 465 by servers that are compatible with the ad-hoc +/* SMTP in SSL protocol, rather than the standard STARTTLS protocol. +/* The destination \fIdomain\fR:\fIport\fR should of course provide such +/* a service. +/* .IP "\fB-X\fR" +/* Enable \fBtlsproxy\fR(8) mode. This is an unsupported mode, +/* for program development only. +/* .IP "[\fBinet:\fR]\fIdomain\fR[:\fIport\fR]" +/* Connect via TCP to domain \fIdomain\fR, port \fIport\fR. The default +/* port is \fBsmtp\fR (or 24 with LMTP). With SMTP an MX lookup is +/* performed to resolve the domain to a host, unless the domain is +/* enclosed in \fB[]\fR. If you want to connect to a specific MX host, +/* for instance \fImx1.example.com\fR, specify [\fImx1.example.com\fR] +/* as the destination and \fIexample.com\fR as a \fBmatch\fR argument. +/* When using DNS, the destination domain is assumed fully qualified +/* and no default domain or search suffixes are applied; you must use +/* fully-qualified names or also enable \fBnative\fR host lookups +/* (these don't support \fBdane\fR or \fBdane-only\fR as no DNSSEC +/* validation information is available via \fBnative\fR lookups). +/* .IP "\fBunix:\fIpathname\fR" +/* Connect to the UNIX-domain socket at \fIpathname\fR. LMTP only. +/* .IP "\fBmatch ...\fR" +/* With no match arguments specified, certificate peername matching uses +/* the compiled-in default strategies for each security level. If you +/* specify one or more arguments, these will be used as the list of +/* certificate or public-key digests to match for the \fBfingerprint\fR +/* level, or as the list of DNS names to match in the certificate at the +/* \fBverify\fR and \fBsecure\fR levels. If the security level is +/* \fBdane\fR, or \fBdane-only\fR the match names are ignored, and +/* \fBhostname, nexthop\fR strategies are used. +/* .ad +/* .fi +/* ENVIRONMENT +/* .ad +/* .fi +/* .IP \fBMAIL_CONFIG\fR +/* Read configuration parameters from a non-default location. +/* .IP \fBMAIL_VERBOSE\fR +/* Same as \fB-v\fR option. +/* SEE ALSO +/* smtp-source(1), SMTP/LMTP message source +/* smtp-sink(1), SMTP/LMTP message dump +/* +/* README FILES +/* .ad +/* .fi +/* Use "\fBpostconf readme_directory\fR" or "\fBpostconf +/* html_directory\fR" to locate this information. +/* .na +/* .nf +/* TLS_README, Postfix STARTTLS howto +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* IBM T.J. Watson Research +/* P.O. Box 704 +/* Yorktown Heights, NY 10598, USA +/* +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA +/* +/* Viktor Dukhovni +/*--*/ + + /* + * System library. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#ifdef STRCASECMP_IN_STRINGS_H +#include +#endif + + /* + * Utility library. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define STR(x) vstring_str(x) + + /* + * Global library. + */ +#include +#include +#include +#include +#include +#include + +/* DNS library. */ + +#include + + /* + * master library + */ +#include + + /* + * TLS Library + */ +#define TLS_INTERNAL +#include + +#ifdef USE_TLS +#include +#include +#endif + + /* + * Application specific + */ +#include "tlsmgrmem.h" + +static int conn_tmout = 30; +static int smtp_tmout = 30; + +#define HOST_FLAG_DNS (1<<0) +#define HOST_FLAG_NATIVE (1<<1) + +#define MISC_FLAG_PREF_IPV6 (1<<0) +#define MISC_FLAG_PREF_IPV4 (1<<1) + +static const NAME_MASK lookup_masks[] = { + "dns", HOST_FLAG_DNS, + "native", HOST_FLAG_NATIVE, + 0, +}; + +static const NAME_CODE addr_pref_map[] = { + INET_PROTO_NAME_IPV6, MISC_FLAG_PREF_IPV6, + INET_PROTO_NAME_IPV4, MISC_FLAG_PREF_IPV4, + INET_PROTO_NAME_ANY, 0, + 0, -1, +}; + +typedef struct OPTIONS { + char *logopts; + char *level; + ARGV *tas; + char *host_lookup; + char *addr_pref; +} OPTIONS; + + /* + * Per-session data structure with state. + * + * This software can maintain multiple parallel connections to the same SMTP + * server. However, it makes no more than one connection request at a time + * to avoid overwhelming the server with SYN packets and having to back off. + * Back-off would screw up the benchmark. Pending connection requests are + * kept in a linear list. + */ +typedef struct STATE { + int smtp; /* SMTP or LMTP? */ + int host_lookup; /* dns|native|dns,native */ + int addr_pref; /* v4, v6, both */ + int log_mask; /* via tls_log_mask() */ + int reconnect; /* -r option */ + int max_reconnect; /* -m option */ + int force_tlsa; /* -f option */ + unsigned port; /* TCP port */ + char *dest; /* Full destination spec */ + char *paddr; /* XXX printable addr for proxy */ + char *addrport; /* [addr]:port */ + char *namaddrport; /* name[addr]:port */ + char *nexthop; /* Nexthop domain for verification */ + char *hostname; /* Hostname for verification */ + DNS_RR *addr; /* IPv[46] Address to (re)connect to */ + DNS_RR *mx; /* MX RRset qname, rname, valid */ + int pass; /* Pass number, 2 for reconnect */ + int nochat; /* disable chat logging */ + char *helo; /* Server name from EHLO reply */ + DSN_BUF *why; /* SMTP-style error message */ + VSTRING *buffer; /* Response buffer */ + VSTREAM *stream; /* Open connection */ + int level; /* TLS security level */ + int wrapper_mode; /* SMTPS support */ +#ifdef USE_TLS + char *mdalg; /* fingerprint digest algorithm */ + char *CAfile; /* Trusted public CAs */ + char *CApath; /* Trusted public CAs */ + char *chains; /* TLS client certificate chain files */ + char *certfile; /* TLS client certificate file */ + char *keyfile; /* TLS client key file */ + char *sni; /* Server SNI name */ + ARGV *match; /* match arguments */ + int print_trust; /* -C option */ + BIO *tls_bio; /* BIO wrapper for stdout */ + TLS_APPL_STATE *tls_ctx; /* Application TLS context */ + TLS_SESS_STATE *tls_context; /* Session TLS context */ + TLS_DANE *dane; /* DANE TLSA validation structure */ + TLS_DANE *ddane; /* DANE TLSA from DNS */ + char *grade; /* Minimum cipher grade */ + char *protocols; /* Protocol inclusion/exclusion */ + int mxinsec_level; /* DANE for insecure MX RRs? */ + int tlsproxy_mode; +#endif + OPTIONS options; /* JCL */ +} STATE; + +static DNS_RR *host_addr(STATE *, const char *); + +#define HNAME(addr) (addr->qname) + + /* + * Structure with broken-up SMTP server response. + */ +typedef struct { /* server response */ + int code; /* status */ + char *str; /* text */ + VSTRING *buf; /* origin of text */ +} RESPONSE; + + +/* command - send an SMTP command */ + +static void PRINTFLIKE(3, 4) command(STATE *state, int verbose, char *fmt,...) +{ + VSTREAM *stream = state->stream; + VSTRING *buf; + va_list ap; + char *line; + + buf = vstring_alloc(100); + va_start(ap, fmt); + vstring_vsprintf(buf, fmt, ap); + va_end(ap); + line = vstring_str(buf); + + while (line && *line) { + char *nextline = strchr(line, '\n'); + + if (nextline) + *nextline++ = '\0'; + if (verbose && !state->nochat) + msg_info("> %s", line); + smtp_printf(stream, "%s", line); + line = nextline; + } + + vstring_free(buf); +} + +/* response - read and process SMTP server response */ + +static RESPONSE *response(STATE *state, int verbose) +{ + VSTREAM *stream = state->stream; + VSTRING *buf = state->buffer; + static RESPONSE rdata; + int more; + char *cp; + + /* + * Initialize the response data buffer. smtp_get() defends against a + * denial of service attack by limiting the amount of single-line text, + * and the loop below limits the amount of multi-line text that we are + * willing to store. + */ + if (rdata.buf == 0) + rdata.buf = vstring_alloc(100); + + /* + * Censor out non-printable characters in server responses. Concatenate + * multi-line server responses. Separate the status code from the text. + * Leave further parsing up to the application. + */ +#define BUF ((char *) vstring_str(buf)) + VSTRING_RESET(rdata.buf); + for (;;) { + smtp_get(buf, stream, var_line_limit, SMTP_GET_FLAG_SKIP); + for (cp = BUF; *cp != 0; cp++) + if (!ISPRINT(*cp) && !ISSPACE(*cp)) + *cp = '?'; + cp = BUF; + if (verbose && !state->nochat) + msg_info("< %s", cp); + while (ISDIGIT(*cp)) + cp++; + rdata.code = (cp - BUF == 3 ? atoi(BUF) : 0); + if ((more = (*cp == '-')) != 0) + cp++; + while (ISSPACE(*cp)) + cp++; + if (VSTRING_LEN(rdata.buf) < var_line_limit) + vstring_strcat(rdata.buf, cp); + if (more == 0) + break; + if (VSTRING_LEN(rdata.buf) < var_line_limit) + VSTRING_ADDCH(rdata.buf, '\n'); + } + VSTRING_TERMINATE(rdata.buf); + rdata.str = vstring_str(rdata.buf); + return (&rdata); +} + +/* exception_text - translate exceptions from the smtp_stream module */ + +static char *exception_text(int except) +{ + switch (except) { + case SMTP_ERR_EOF: + return ("lost connection"); + case SMTP_ERR_TIME: + return ("timeout"); + default: + msg_panic("exception_text: unknown exception %d", except); + } +} + +/* greeting - read server's 220 greeting */ + +static int greeting(STATE *state) +{ + VSTREAM *stream = state->stream; + int except; + RESPONSE *resp; + + /* + * Prepare for disaster. + */ + smtp_stream_setup(stream, conn_tmout, 1); + if ((except = vstream_setjmp(stream)) != 0) { + msg_info("%s while reading server greeting", exception_text(except)); + return (1); + } + + /* + * Read and parse the server's SMTP greeting banner. + */ + if (((resp = response(state, 1))->code / 100) != 2) { + msg_info("SMTP service not available: %d %s", resp->code, resp->str); + return (1); + } + return (0); +} + +/* ehlo - send EHLO/LHLO */ + +static RESPONSE *ehlo(STATE *state) +{ + int except; + int verbose; + volatile char *ehlo = state->smtp ? "EHLO" : "LHLO"; + VSTREAM *stream = state->stream; + RESPONSE *resp; + +#ifdef USE_TLS + verbose = (state->pass == 1 && state->nochat == 0); +#else + verbose = 1; +#endif + + /* + * Send the standard greeting with our hostname + */ + if ((except = vstream_setjmp(stream)) != 0) { + msg_info("%s while sending %s", exception_text(except), ehlo); + return (0); + } + command(state, verbose, "%s %s", ehlo, var_myhostname); + + resp = response(state, verbose); + if (resp->code / 100 != 2) { + msg_info("%s rejected: %d %s", ehlo, resp->code, resp->str); + return (0); + } + return resp; +} + +#ifdef USE_TLS + +static void print_stack(STATE *state, x509_stack_t *sk, int trustout) +{ + int i; + + for (i = 0; i < sk_X509_num(sk); i++) { + X509 *cert = sk_X509_value(sk, i); + char buf[CCERT_BUFSIZ]; + X509_NAME *xn; + char *digest; + + if ((xn = X509_get_subject_name(cert)) != 0) { + X509_NAME_oneline(xn, buf, sizeof buf); + BIO_printf(state->tls_bio, "%2d subject: %s\n", i, buf); + } + if ((xn = X509_get_issuer_name(cert)) != 0) { + X509_NAME_oneline(xn, buf, sizeof buf); + BIO_printf(state->tls_bio, " issuer: %s\n", buf); + } + digest = tls_cert_fprint(cert, state->mdalg); + BIO_printf(state->tls_bio, " cert digest=%s\n", digest); + myfree(digest); + + digest = tls_pkey_fprint(cert, state->mdalg); + BIO_printf(state->tls_bio, " pkey digest=%s\n", digest); + myfree(digest); + + if (trustout) + PEM_write_bio_X509_AUX(state->tls_bio, cert); + else + PEM_write_bio_X509(state->tls_bio, cert); + } +} + +static void print_trust_info(STATE *state) +{ + x509_stack_t *sk = SSL_get_peer_cert_chain(state->tls_context->con); + + if (sk != 0) { + BIO_printf(state->tls_bio, "\n---\nCertificate chain\n"); + print_stack(state, sk, 0); + } +#ifdef dane_verify_debug + /* print internally constructed untrusted chain */ + if ((sk = state->tls_context->untrusted) != 0) { + BIO_printf(state->tls_bio, "\n---\nUntrusted chain\n"); + print_stack(state, sk, 0); + } + /* print associated root CA */ + if ((sk = state->tls_context->trusted) != 0) { + BIO_printf(state->tls_bio, "\n---\nTrusted chain\n"); + print_stack(state, sk, 1); + } +#endif +} + +/* starttls - SMTP STARTTLS handshake */ + +static int starttls(STATE *state) +{ + VSTRING *cipher_exclusions; + int except; + RESPONSE *resp; + VSTREAM *stream = state->stream; + TLS_CLIENT_START_PROPS start_props; + TLS_CLIENT_INIT_PROPS init_props; + VSTREAM *tlsproxy; + VSTRING *port_buf; + int cwd_fd; + + if (state->wrapper_mode == 0) { + /* SMTP stream with deadline timeouts */ + smtp_stream_setup(stream, smtp_tmout, 1); + if ((except = vstream_setjmp(stream)) != 0) { + msg_fatal("%s while sending STARTTLS", exception_text(except)); + return (1); + } + command(state, state->pass == 1, "STARTTLS"); + + resp = response(state, state->pass == 1); + if (resp->code / 100 != 2) { + msg_info("STARTTLS rejected: %d %s", resp->code, resp->str); + return (1); + } + + /* + * Discard any plain-text data that may be piggybacked after the + * server's 220 STARTTLS reply. Should we abort the session instead? + */ + vstream_fpurge(stream, VSTREAM_PURGE_READ); + } +#define ADD_EXCLUDE(vstr, str) \ + do { \ + if (*(str)) \ + vstring_sprintf_append((vstr), "%s%s", \ + VSTRING_LEN(vstr) ? " " : "", (str)); \ + } while (0) + + cipher_exclusions = vstring_alloc(10); + ADD_EXCLUDE(cipher_exclusions, DEF_SMTP_TLS_EXCL_CIPH); + if (TLS_REQUIRED(state->level)) + ADD_EXCLUDE(cipher_exclusions, DEF_SMTP_TLS_MAND_EXCL); + + /* + * If we're authenticating suppress anonymous ciphersuites, otherwise at + * least encrypt, not much point in doing neither. + */ + if (TLS_MUST_MATCH(state->level)) + ADD_EXCLUDE(cipher_exclusions, "aNULL"); + else + ADD_EXCLUDE(cipher_exclusions, "eNULL"); + + if (state->tlsproxy_mode) { + TLS_CLIENT_PARAMS tls_params; + + /* + * Send all our wishes in one big request. + */ + TLS_PROXY_CLIENT_INIT_PROPS(&init_props, + log_param = "-L option", + log_level = state->options.logopts, + verifydepth = DEF_SMTP_TLS_SCERT_VD, + cache_type = TLS_MGR_SCACHE_SMTP, + chain_files = state->chains, + cert_file = state->certfile, + key_file = state->keyfile, + dcert_file = "", + dkey_file = "", + eccert_file = "", + eckey_file = "", + CAfile = state->CAfile, + CApath = state->CApath, + mdalg = state->mdalg); + TLS_PROXY_CLIENT_START_PROPS(&start_props, + timeout = smtp_tmout, + tls_level = state->level, + nexthop = state->nexthop, + host = state->hostname, + namaddr = state->namaddrport, + sni = state->sni, + serverid = state->addrport, + helo = state->helo ? state->helo : "", + protocols = state->protocols, + cipher_grade = state->grade, + cipher_exclusions + = vstring_str(cipher_exclusions), + matchargv = state->match, + mdalg = state->mdalg, + dane = state->ddane ? + state->ddane : state->dane); + +#define PROXY_OPEN_FLAGS \ + (TLS_PROXY_FLAG_ROLE_CLIENT | TLS_PROXY_FLAG_SEND_CONTEXT) +#define var_tlsproxy_service + + if ((cwd_fd = open(".", O_RDONLY)) < 0) + msg_fatal("open(\".\", O_RDONLY): %m"); + if (chdir(var_queue_dir) < 0) + msg_fatal("chdir(%s): %m", var_queue_dir); + port_buf = vstring_alloc(100); + vstring_sprintf(port_buf, "%d", ntohs(state->port)); + tlsproxy = + tls_proxy_open(DEF_TLSPROXY_SERVICE /* TODO */ , PROXY_OPEN_FLAGS, + state->stream, state->paddr, STR(port_buf), + smtp_tmout, smtp_tmout, state->addrport, + tls_proxy_client_param_from_config(&tls_params), + &init_props, &start_props); + vstring_free(port_buf); + if (fchdir(cwd_fd) < 0) + msg_fatal("fchdir: %m"); + (void) close(cwd_fd); + + /* + * To insert tlsproxy(8) between this process and the remote SMTP + * server, we swap the file descriptors between the tlsproxy and + * session->stream VSTREAMS, so that we don't lose all the + * user-configurable session->stream attributes (such as longjump + * buffers or timeouts). + * + * TODO: the tlsproxy RPCs should return more error detail than a "NO" + * result. + */ + if (tlsproxy == 0) { + state->tls_context = 0; + } else { + vstream_control(tlsproxy, + CA_VSTREAM_CTL_DOUBLE, + CA_VSTREAM_CTL_END); + vstream_control(state->stream, + CA_VSTREAM_CTL_SWAP_FD(tlsproxy), + CA_VSTREAM_CTL_END); + (void) vstream_fclose(tlsproxy); /* direct-to-server stream! */ + + /* + * There must not be any pending data in the stream buffers + * before we read the TLS context attributes. + */ + vstream_fpurge(state->stream, VSTREAM_PURGE_BOTH); + + /* + * After plumbing the plaintext stream, receive the TLS context + * object. For this we use the same VSTREAM buffer that we also + * use to receive subsequent SMTP commands, therefore we must be + * prepared for the possibility that the remote SMTP server + * starts talking immediately. The tlsproxy implementation sends + * the TLS context before remote content. The attribute protocol + * is robust enough that an adversary cannot insert their own TLS + * context attributes. + */ + state->tls_context = tls_proxy_context_receive(state->stream); + if (state->log_mask & + (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE | TLS_LOG_PEERCERT)) + msg_info("%s: subject_CN=%s, issuer_CN=%s, " + "fingerprint=%s, pkey_fingerprint=%s", + state->namaddrport, state->tls_context->peer_CN, + state->tls_context->issuer_CN, + state->tls_context->peer_cert_fprint, + state->tls_context->peer_pkey_fprint); + tls_log_summary(TLS_ROLE_CLIENT, TLS_USAGE_NEW, + state->tls_context); + } + } else { /* tls_proxy_mode */ + state->tls_context = + TLS_CLIENT_START(&start_props, + ctx = state->tls_ctx, + stream = stream, + fd = -1, + timeout = smtp_tmout, + tls_level = state->level, + nexthop = state->nexthop, + host = state->hostname, + namaddr = state->namaddrport, + sni = state->sni, + serverid = state->addrport, + helo = state->helo ? state->helo : "", + protocols = state->protocols, + cipher_grade = state->grade, + cipher_exclusions + = vstring_str(cipher_exclusions), + matchargv = state->match, + mdalg = state->mdalg, + dane = state->ddane ? state->ddane : state->dane); + } /* tlsproxy_mode */ + vstring_free(cipher_exclusions); + if (state->helo) { + myfree(state->helo); + state->helo = 0; + } + if (state->tls_context == 0) { + /* We must avoid further I/O, the peer is in an undefined state. */ + (void) vstream_fpurge(stream, VSTREAM_PURGE_BOTH); + (void) vstream_fclose(stream); + state->stream = 0; + return (1); + } + if (state->wrapper_mode && greeting(state) != 0) + return (1); + + if (state->pass == 1) { + ehlo(state); + if (!TLS_CERT_IS_PRESENT(state->tls_context)) + msg_info("Server is anonymous"); + else if (state->tlsproxy_mode == 0) { + if (state->print_trust) + print_trust_info(state); + state->log_mask &= ~(TLS_LOG_CERTMATCH | TLS_LOG_PEERCERT | + TLS_LOG_VERBOSE | TLS_LOG_UNTRUSTED); + state->log_mask |= TLS_LOG_CACHE | TLS_LOG_SUMMARY; + tls_update_app_logmask(state->tls_ctx, state->log_mask); + } + } + return (0); +} + +#endif + +/* doproto - do SMTP handshake */ + +static int doproto(STATE *state) +{ + VSTREAM *stream = state->stream; + RESPONSE *resp; + int except; + int n; + char *lines; + char *words = 0; + char *word; + + if (!state->wrapper_mode) { + if (greeting(state) != 0) + return (1); + if ((resp = ehlo(state)) == 0) + return (1); + + lines = resp->str; + for (n = 0; (words = mystrtok(&lines, "\n")) != 0; ++n) { + if ((word = mystrtok(&words, " \t=")) != 0) { + if (n == 0) + state->helo = mystrdup(word); + if (strcasecmp(word, "STARTTLS") == 0) + break; + } + } + } +#ifdef USE_TLS + if ((state->wrapper_mode || words) && state->tls_ctx) + if (starttls(state)) + return (1); +#endif + + /* + * Prepare for disaster. + */ + smtp_stream_setup(stream, smtp_tmout, 1); + if ((except = vstream_setjmp(stream)) != 0) { + msg_warn("%s while sending QUIT command", exception_text(except)); + return (0); + } + command(state, 1, "QUIT"); + (void) response(state, 1); + return (0); +} + +/* connect_sock - connect a socket over some transport */ + +static VSTREAM *connect_sock(int sock, struct sockaddr *sa, int salen, + const char *name, const char *addr, STATE *state) +{ + DSN_BUF *why = state->why; + int conn_stat; + int saved_errno; + VSTREAM *stream; + + if (conn_tmout > 0) { + non_blocking(sock, NON_BLOCKING); + conn_stat = timed_connect(sock, sa, salen, conn_tmout); + saved_errno = errno; + non_blocking(sock, BLOCKING); + errno = saved_errno; + } else { + conn_stat = sane_connect(sock, sa, salen); + } + if (conn_stat < 0) { + if (state->port) + dsb_simple(why, "4.4.1", "connect to %s[%s]:%d: %m", + name, addr, ntohs(state->port)); + else + dsb_simple(why, "4.4.1", "connect to %s[%s]: %m", name, addr); + close(sock); + return (0); + } + stream = vstream_fdopen(sock, O_RDWR); + state->namaddrport = + vstring_export(state->port == 0 ? + vstring_sprintf(vstring_alloc(10), "%s[%s]", name, addr) : + vstring_sprintf(vstring_alloc(10), "%s[%s]:%u", + name, addr, ntohs(state->port))); + state->addrport = + vstring_export(state->port == 0 ? + vstring_sprintf(vstring_alloc(10), "%s", addr) : + vstring_sprintf(vstring_alloc(10), "[%s]:%u", + addr, ntohs(state->port))); + + state->paddr = mystrdup(addr); /* XXX for tlsproxy */ + + /* + * Avoid poor performance when TCP MSS > VSTREAM_BUFSIZE. + */ + if (sa->sa_family == AF_INET +#ifdef AF_INET6 + || sa->sa_family == AF_INET6 +#endif + ) + vstream_tweak_tcp(stream); + + return (stream); +} + +/* connect_unix - connect to a unix-domain socket */ + +static VSTREAM *connect_unix(STATE *state, const char *path) +{ + static const char *myname = "connect_unix"; + DSN_BUF *why = state->why; + struct sockaddr_un sock_un; + int len = strlen(path); + int sock; + + if (!state->nexthop) + state->nexthop = mystrdup(var_myhostname); + state->hostname = mystrdup(var_myhostname); + + dsb_reset(why); /* Paranoia */ + + /* + * Sanity checks. + */ + if (len >= (int) sizeof(sock_un.sun_path)) { + dsb_simple(why, "4.3.5", "unix-domain name too long: %s", path); + return (0); + } + + /* + * Initialize. + */ + memset((void *) &sock_un, 0, sizeof(sock_un)); + sock_un.sun_family = AF_UNIX; +#ifdef HAS_SUN_LEN + sock_un.sun_len = len + 1; +#endif + memcpy(sock_un.sun_path, path, len + 1); + + /* + * Create a client socket. + */ + if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) + msg_fatal("%s: socket: %m", myname); + + /* + * Connect to the server. + */ + if (msg_verbose) + msg_info("%s: trying: %s...", myname, path); + + return (connect_sock(sock, (struct sockaddr *) &sock_un, sizeof(sock_un), + var_myhostname, path, state)); +} + +/* connect_addr - connect to explicit address */ + +static VSTREAM *connect_addr(STATE *state, DNS_RR *addr) +{ + static const char *myname = "connect_addr"; + DSN_BUF *why = state->why; + struct sockaddr_storage ss; /* remote */ + struct sockaddr *sa = (struct sockaddr *) &ss; + SOCKADDR_SIZE salen = sizeof(ss); + MAI_HOSTADDR_STR hostaddr; + int sock; + + dsb_reset(why); /* Paranoia */ + + /* + * Sanity checks. + */ + if (dns_rr_to_sa(addr, state->port, sa, &salen) != 0) { + msg_warn("%s: skip address type %s: %m", + myname, dns_strtype(addr->type)); + dsb_simple(why, "4.4.0", "network address conversion failed: %m"); + return (0); + } + + /* + * Initialize. + */ + if ((sock = socket(sa->sa_family, SOCK_STREAM, 0)) < 0) + msg_fatal("%s: socket: %m", myname); + + if (inet_windowsize > 0) + set_inet_windowsize(sock, inet_windowsize); + + /* + * Connect to the server. + */ + SOCKADDR_TO_HOSTADDR(sa, salen, &hostaddr, (MAI_SERVPORT_STR *) 0, 0); + if (msg_verbose) + msg_info("%s: trying: %s[%s] port %d...", + myname, HNAME(addr), hostaddr.buf, ntohs(state->port)); + + return (connect_sock(sock, sa, salen, HNAME(addr), hostaddr.buf, state)); +} + +#define HAS_DSN(why) (STR((why)->status)[0] != 0) +#define HAS_SOFT_DSN(why) (STR((why)->status)[0] == '4') +#define HAS_HARD_DSN(why) (STR((why)->status)[0] == '5') +#define HAS_LOOP_DSN(why) \ + (HAS_DSN(why) && strcmp(STR((why)->status) + 1, ".4.6") == 0) + +#define SET_SOFT_DSN(why) (STR((why)->status)[0] = '4') +#define SET_HARD_DSN(why) (STR((why)->status)[0] = '5') + +/* addr_one - address lookup for one host name */ + +static DNS_RR *addr_one(STATE *state, DNS_RR *addr_list, const char *host, + int res_opt, unsigned pref) +{ + static const char *myname = "addr_one"; + DSN_BUF *why = state->why; + DNS_RR *addr = 0; + DNS_RR *rr; + int aierr; + struct addrinfo *res0; + struct addrinfo *res; + INET_PROTO_INFO *proto_info = inet_proto_info(); + int found; + + if (msg_verbose) + msg_info("%s: host %s", myname, host); + + /* + * Interpret a numerical name as an address. + */ + if (hostaddr_to_sockaddr(host, (char *) 0, 0, &res0) == 0 + && strchr((char *) proto_info->sa_family_list, res0->ai_family) != 0) { + if ((addr = dns_sa_to_rr(host, pref, res0->ai_addr)) == 0) + msg_fatal("host %s: conversion error for address family %d: %m", + host, ((struct sockaddr *) (res0->ai_addr))->sa_family); + addr_list = dns_rr_append(addr_list, addr); + freeaddrinfo(res0); + return (addr_list); + } + + /* + * Use DNS lookup, but keep the option open to use native name service. + * + * XXX A soft error dominates past and future hard errors. Therefore we + * should not clobber a soft error text and status code. + */ + if (state->host_lookup & HOST_FLAG_DNS) { + switch (dns_lookup_v(host, res_opt, &addr, (VSTRING *) 0, + why->reason, DNS_REQ_FLAG_NONE, + proto_info->dns_atype_list)) { + case DNS_OK: + for (rr = addr; rr; rr = rr->next) + rr->pref = pref; + addr_list = dns_rr_append(addr_list, addr); + return (addr_list); + default: + dsb_status(why, "4.4.3"); + return (addr_list); + case DNS_FAIL: + dsb_status(why, HAS_SOFT_DSN(why) ? "4.4.3" : "5.4.3"); + return (addr_list); + case DNS_INVAL: + dsb_status(why, HAS_SOFT_DSN(why) ? "4.4.4" : "5.4.4"); + return (addr_list); + case DNS_NOTFOUND: + dsb_status(why, HAS_SOFT_DSN(why) ? "4.4.4" : "5.4.4"); + /* maybe native naming service will succeed */ + break; + } + } + + /* + * Use the native name service which also looks in /etc/hosts. + * + * XXX A soft error dominates past and future hard errors. Therefore we + * should not clobber a soft error text and status code. + */ +#define RETRY_AI_ERROR(e) \ + ((e) == EAI_AGAIN || (e) == EAI_MEMORY || (e) == EAI_SYSTEM) +#ifdef EAI_NODATA +#define DSN_NOHOST(e) \ + ((e) == EAI_AGAIN || (e) == EAI_NODATA || (e) == EAI_NONAME) +#else +#define DSN_NOHOST(e) \ + ((e) == EAI_AGAIN || (e) == EAI_NONAME) +#endif + + if (state->host_lookup & HOST_FLAG_NATIVE) { + if ((aierr = hostname_to_sockaddr(host, (char *) 0, 0, &res0)) != 0) { + dsb_simple(why, (HAS_SOFT_DSN(why) || RETRY_AI_ERROR(aierr)) ? + (DSN_NOHOST(aierr) ? "4.4.4" : "4.3.0") : + (DSN_NOHOST(aierr) ? "5.4.4" : "5.3.0"), + "unable to look up host %s: %s", + host, MAI_STRERROR(aierr)); + } else { + for (found = 0, res = res0; res != 0; res = res->ai_next) { + if (strchr((char *) proto_info->sa_family_list, res->ai_family) == 0) { + msg_info("skipping address family %d for host %s", + res->ai_family, host); + continue; + } + found++; + if ((addr = dns_sa_to_rr(host, pref, res->ai_addr)) == 0) + msg_fatal("host %s: conversion error for address family %d: %m", + host, ((struct sockaddr *) (res0->ai_addr))->sa_family); + addr_list = dns_rr_append(addr_list, addr); + } + freeaddrinfo(res0); + if (found == 0) { + dsb_simple(why, HAS_SOFT_DSN(why) ? "4.4.4" : "5.4.4", + "%s: host not found", host); + } + return (addr_list); + } + } + + /* + * No further alternatives for host lookup. + */ + return (addr_list); +} + +/* mx_addr_list - address lookup for a list of mail exchangers */ + +static DNS_RR *mx_addr_list(STATE *state, DNS_RR *mx_names) +{ + static const char *myname = "mx_addr_list"; + DNS_RR *addr_list = 0; + DNS_RR *rr; + int res_opt = 0; + + if (mx_names->dnssec_valid) + res_opt = RES_USE_DNSSEC; +#ifdef USE_TLS + else if (state->mxinsec_level > TLS_LEV_MAY) + res_opt = RES_USE_DNSSEC; +#endif + + for (rr = mx_names; rr; rr = rr->next) { + if (rr->type != T_MX) + msg_panic("%s: bad resource type: %d", myname, rr->type); + addr_list = addr_one(state, addr_list, (char *) rr->data, res_opt, + rr->pref); + } + return (addr_list); +} + +/* smtp_domain_addr - mail exchanger address lookup */ + +static DNS_RR *domain_addr(STATE *state, char *domain) +{ + DNS_RR *mx_names; + DNS_RR *addr_list = 0; + int r = 0; /* Resolver flags */ + const char *aname; + + dsb_reset(state->why); + +#if (RES_USE_DNSSEC != 0) && (RES_USE_EDNS0 != 0) + r |= RES_USE_DNSSEC; +#endif + + /* + * IDNA support. + */ +#ifndef NO_EAI + if (!allascii(domain) && (aname = midna_domain_to_ascii(domain)) != 0) { + msg_info("%s asciified to %s", domain, aname); + } else +#endif + aname = domain; + + switch (dns_lookup(aname, T_MX, r, &mx_names, (VSTRING *) 0, + state->why->reason)) { + default: + dsb_status(state->why, "4.4.3"); + break; + case DNS_INVAL: + dsb_status(state->why, "5.4.4"); + break; + case DNS_NULLMX: + dsb_status(state->why, "5.1.0"); + break; + case DNS_FAIL: + dsb_status(state->why, "5.4.3"); + break; + case DNS_OK: + mx_names = dns_rr_sort(mx_names, dns_rr_compare_pref_any); + addr_list = mx_addr_list(state, mx_names); + state->mx = dns_rr_copy(mx_names); + dns_rr_free(mx_names); + if (addr_list == 0) { + msg_warn("no MX host for %s has a valid address record", domain); + break; + } +#define COMPARE_ADDR(flags) \ + ((flags & MISC_FLAG_PREF_IPV6) ? dns_rr_compare_pref_ipv6 : \ + (flags & MISC_FLAG_PREF_IPV4) ? dns_rr_compare_pref_ipv4 : \ + dns_rr_compare_pref_any) + if (addr_list && addr_list->next) { + addr_list = dns_rr_shuffle(addr_list); + addr_list = dns_rr_sort(addr_list, COMPARE_ADDR(state->addr_pref)); + } + break; + case DNS_NOTFOUND: + addr_list = host_addr(state, domain); + break; + } + + return (addr_list); +} + +/* host_addr - direct host lookup */ + +static DNS_RR *host_addr(STATE *state, const char *host) +{ + DSN_BUF *why = state->why; + DNS_RR *addr_list; + int res_opt = 0; + const char *ahost; + + dsb_reset(why); /* Paranoia */ + +#if (RES_USE_DNSSEC != 0) && (RES_USE_EDNS0 != 0) + res_opt |= RES_USE_DNSSEC; +#endif + + /* + * IDNA support. + */ +#ifndef NO_EAI + if (!allascii(host) && (ahost = midna_domain_to_ascii(host)) != 0) { + msg_info("%s asciified to %s", host, ahost); + } else +#endif + ahost = host; + +#define PREF0 0 + addr_list = addr_one(state, (DNS_RR *) 0, ahost, res_opt, PREF0); + if (addr_list && addr_list->next) { + addr_list = dns_rr_shuffle(addr_list); + if (inet_proto_info()->ai_family_list[1] != 0) + addr_list = dns_rr_sort(addr_list, COMPARE_ADDR(state->addr_pref)); + } + return (addr_list); +} + +/* dane_host_level - canidate host "dane" or degraded security level */ + +static int dane_host_level(STATE *state, DNS_RR *addr) +{ + int level = state->level; + +#ifdef USE_TLS + if (TLS_DANE_BASED(level)) { + if (state->mx == 0 || state->mx->dnssec_valid || + state->mxinsec_level > TLS_LEV_MAY) { + if (state->log_mask & (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE)) + tls_dane_verbose(1); + else + tls_dane_verbose(0); + + /* See addr loop in connect_remote() */ + if (state->ddane) + tls_dane_free(state->ddane); + + /* + * When TLSA lookups fail, next host. If unusable or not found, + * fallback to "secure" + */ + state->ddane = tls_dane_resolve(state->port, "tcp", addr, + state->force_tlsa); + if (!state->ddane) { + dsb_simple(state->why, "4.7.5", + "TLSA lookup error for %s:%u", + HNAME(addr), ntohs(state->port)); + level = TLS_LEV_INVALID; + } else if (tls_dane_notfound(state->ddane) + || tls_dane_unusable(state->ddane)) { + if (msg_verbose || level == TLS_LEV_DANE_ONLY) + msg_info("no %sTLSA records found, " + "resorting to \"secure\"", + tls_dane_unusable(state->ddane) ? + "usable " : ""); + level = TLS_LEV_SECURE; + } else if (!TLS_DANE_HASTA(state->ddane) + && !TLS_DANE_HASEE(state->ddane)) { + msg_panic("DANE activated with no TLSA records to match"); + } else if (state->mx && !state->mx->dnssec_valid && + state->mxinsec_level == TLS_LEV_ENCRYPT) { + msg_info("TLSA RRs found, MX RRset insecure: just encrypt"); + tls_dane_free(state->ddane); + state->ddane = 0; + level = TLS_LEV_ENCRYPT; + } else { + if (state->match) + argv_free(state->match); + argv_add(state->match = argv_alloc(2), + state->ddane->base_domain, ARGV_END); + if (state->mx) { + if (!state->mx->dnssec_valid) { + msg_info("MX RRset insecure: log verified as trusted"); + level = TLS_LEV_HALF_DANE; + } + if (strcmp(state->mx->qname, state->mx->rname) == 0) + argv_add(state->match, state->mx->qname, ARGV_END); + else + argv_add(state->match, state->mx->rname, + state->mx->qname, ARGV_END); + } + } + } else if (state->mx && !state->mx->dnssec_valid && + state->mxinsec_level == TLS_LEV_MAY) { + msg_info("MX RRset is insecure: try to encrypt"); + level = TLS_LEV_MAY; + } else { + level = TLS_LEV_SECURE; + } + } +#endif + + return (level); +} + +/* parse_destination - parse host/port destination */ + +static char *parse_destination(char *destination, char *def_service, + char **hostp, unsigned *portp) +{ + char *buf = mystrdup(destination); + char *service; + struct servent *sp; + char *protocol = "tcp"; + unsigned port; + const char *err; + + if (msg_verbose) + msg_info("parse_destination: %s %s", destination, def_service); + + /* + * Parse the host/port information. We're working with a copy of the + * destination argument so the parsing can be destructive. + */ + if ((err = host_port(buf, hostp, (char *) 0, &service, def_service)) != 0) + msg_fatal("%s in server description: %s", err, destination); + + /* + * Convert service to port number, network byte order. + */ + if (alldig(service)) { + if ((port = atoi(service)) >= 65536 || port == 0) + msg_fatal("bad network port in destination: %s", destination); + *portp = htons(port); + } else { + if ((sp = getservbyname(service, protocol)) != 0) + *portp = sp->s_port; + else if (strcmp(service, "smtp") == 0) + *portp = htons(25); + else + msg_fatal("unknown service: %s/%s", service, protocol); + } + return (buf); +} + +/* connect_remote - connect to TCP destination or log an error */ + +static void connect_remote(STATE *state, char *dest) +{ + DNS_RR *addr; + char *buf; + char *domain; + + /* When reconnecting use IP address of previous session */ + if (state->addr == 0) { + buf = parse_destination(dest, state->smtp ? "smtp" : "24", + &domain, &state->port); + if (!state->nexthop) + state->nexthop = mystrdup(domain); + if (state->smtp == 0 || *dest == '[') + state->addr = host_addr(state, domain); + else + state->addr = domain_addr(state, domain); + myfree(buf); + + if (state->addr == 0) { + msg_info("Destination address lookup failed: %s", + vstring_str(state->why->reason)); + return; + } + } + for (addr = state->addr; addr; addr = addr->next) { + int level = dane_host_level(state, addr); + + if (level == TLS_LEV_INVALID + || (state->stream = connect_addr(state, addr)) == 0) { + msg_info("Failed to establish session to %s via %s: %s", + dest, HNAME(addr), vstring_str(state->why->reason)); + continue; + } + /* We have a connection */ + state->level = level; + state->hostname = mystrdup(HNAME(addr)); + + /* We use the same address when reconnecting, so flush the rest. */ + addr = dns_rr_copy(addr); + dns_rr_free(state->addr); + state->addr = addr; + break; + } +} + +/* connect_dest - connect to given inet: or unix: destination */ + +static int connect_dest(STATE *state) +{ + char *dest = state->dest; + + /* + * With LMTP we have direct-to-host delivery only. The destination may + * have multiple IP addresses. + */ + if (state->smtp == 0) { + if (strncmp(dest, "unix:", 5) == 0) { + state->stream = connect_unix(state, dest + 5); + if (!state->stream) + msg_info("Failed to establish session to %s: %s", + dest, vstring_str(state->why->reason)); + return (1); + } + if (strncmp(dest, "inet:", 5) == 0) + dest += 5; + } + connect_remote(state, dest); + + return (state->stream == 0); +} + +static void disconnect_dest(STATE *state) +{ +#ifdef USE_TLS + if (state->tls_context) { + if (state->tlsproxy_mode) { + tls_proxy_context_free(state->tls_context); + } else { + tls_client_stop(state->tls_ctx, state->stream, + smtp_tmout, 0, state->tls_context); + } + } + state->tls_context = 0; + if (state->ddane) + tls_dane_free(state->ddane); + state->ddane = 0; +#endif + + if (state->stream) + vstream_fclose(state->stream); + state->stream = 0; + + if (state->namaddrport) + myfree(state->namaddrport); + state->namaddrport = 0; + + if (state->addrport) + myfree(state->addrport); + state->addrport = 0; + + if (state->paddr) + myfree(state->paddr); + state->paddr = 0; + + /* Reused on reconnect */ + if (state->reconnect <= 0) { + if (state->addr) + dns_rr_free(state->addr); + state->addr = 0; + if (state->mx) + dns_rr_free(state->mx); + state->mx = 0; + + if (state->nexthop) + myfree(state->nexthop); + state->nexthop = 0; + } + if (state->hostname) + myfree(state->hostname); + state->hostname = 0; + + dsb_free(state->why); + vstring_free(state->buffer); +} + +static int finger(STATE *state) +{ + int err; + + /* + * smtp_get() makes sure the SMTP server cannot run us out of memory by + * sending never-ending lines of text. + */ + state->buffer = vstring_alloc(100); + state->why = dsb_create(); + + if (!(err = connect_dest(state))) { + if (state->pass == 1 && !state->nochat) + msg_info("Connected to %s", state->namaddrport); + err = doproto(state); + } + disconnect_dest(state); + + if (err != 0) + return (1); + +#ifdef USE_TLS + if (state->tlsproxy_mode == 0 && state->reconnect > 0) { + int cache_enabled; + int cache_count; + int cache_hits; + + tlsmgrmem_status(&cache_enabled, &cache_count, &cache_hits); + if (cache_enabled && cache_count == 0) { + msg_info("Server declined session caching. Done reconnecting."); + state->reconnect = 0; + } else if (cache_hits > 0 && (state->log_mask & TLS_LOG_CACHE) != 0) { + msg_info("Found a previously used server. Done reconnecting."); + state->reconnect = 0; + } else if (state->max_reconnect-- <= 0) { + msg_info("Maximum reconnect count reached."); + state->reconnect = 0; + } + } +#endif + + return (0); +} + +#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L + +/* ssl_cleanup - free memory allocated in the OpenSSL library */ + +static void ssl_cleanup(void) +{ + ERR_remove_thread_state(0); /* Thread-id is now a pointer */ + ENGINE_cleanup(); + CONF_modules_unload(1); + ERR_free_strings(); + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); +} + +#endif /* USE_TLS && OPENSSL_VERSION_NUMBER + * < 0x10100000L */ + +/* run - do what we were asked to do. */ + +static int run(STATE *state) +{ + + while (1) { + if (finger(state) != 0) + break; + if (state->reconnect <= 0) + break; + msg_info("Reconnecting after %d seconds", state->reconnect); + ++state->pass; + sleep(state->reconnect); + } + + return (0); +} + +/* cleanup - free memory allocated in main */ + +static void cleanup(STATE *state) +{ +#ifdef USE_TLS + if (state->tls_ctx != 0) + tls_free_app_context(state->tls_ctx); + if (state->tls_bio) + (void) BIO_free(state->tls_bio); + state->tls_bio = 0; + + myfree(state->mdalg); + myfree(state->CApath); + myfree(state->CAfile); + myfree(state->certfile); + myfree(state->keyfile); + myfree(state->sni); + if (state->options.level) + myfree(state->options.level); + myfree(state->options.logopts); + if (state->match) + argv_free(state->match); + if (state->options.tas) + argv_free(state->options.tas); + if (state->dane) + tls_dane_free(state->dane); + + /* Flush and free DANE TLSA cache */ + tls_dane_flush(); + /* Flush and free memory tlsmgr cache */ + tlsmgrmem_flush(); + myfree(state->grade); + myfree(state->protocols); +#endif + myfree(state->options.host_lookup); + myfree(state->dest); + + mail_conf_flush(); +} + +/* usage - explain */ + +static void usage(void) +{ +#ifdef USE_TLS + fprintf(stderr, "usage: %s %s \\\n\t%s \\\n\t%s \\\n\t%s \\\n\t%s" + " destination [match ...]\n", var_procname, + "[-acCfSvw] [-t conn_tmout] [-T cmd_tmout] [-L logopts]", + "[-h host_lookup] [-l level] [-d mdalg] [-g grade] [-p protocols]", + "[-A tafile] [-F CAfile.pem] [-P CApath/] [-s servername]", + "[ [-H chainfiles] | [-k certfile [-K keyfile]] ]", + "[-m count] [-r delay] [-o name=value]"); +#else + fprintf(stderr, "usage: %s [-acStTv] [-h host_lookup] [-o name=value] destination\n", + var_procname); +#endif + exit(1); +} + +/* tls_init - initialize application TLS library context */ + +static void tls_init(STATE *state) +{ +#ifdef USE_TLS + TLS_CLIENT_INIT_PROPS props; + + if (state->level <= TLS_LEV_NONE) + return; + + /* Needed for tls_dane_avail() and other DANE-related processing. */ + state->tls_ctx = + TLS_CLIENT_INIT(&props, + log_param = "-L option", + log_level = state->options.logopts, + verifydepth = DEF_SMTP_TLS_SCERT_VD, + cache_type = "memory", + chain_files = state->chains, + cert_file = state->certfile, + key_file = state->keyfile, + dcert_file = "", + dkey_file = "", + eccert_file = "", + eckey_file = "", + CAfile = state->CAfile, + CApath = state->CApath, + mdalg = state->mdalg); +#endif +} + +/* override - update main.cf parameter */ + +static void override(const char *nameval) +{ + char *param_name; + char *param_value; + char *save = mystrdup(nameval); + + if (split_nameval(save, ¶m_name, ¶m_value) != 0) + usage(); + mail_conf_update(param_name, param_value); + myfree(save); +} + +/* parse_options - (argc, argv) -> state */ + +static void parse_options(STATE *state, int argc, char *argv[]) +{ + int c; + + state->smtp = 1; + state->pass = 1; + state->reconnect = -1; + state->max_reconnect = 5; + state->wrapper_mode = 0; +#ifdef USE_TLS + state->protocols = mystrdup("!SSLv2"); + state->grade = mystrdup("medium"); +#endif + memset((void *) &state->options, 0, sizeof(state->options)); + state->options.host_lookup = mystrdup("dns"); + +#define OPTS "a:ch:o:St:T:v" +#ifdef USE_TLS +#define TLSOPTS "A:Cd:fF:g:H:k:K:l:L:m:M:p:P:r:s:wX" + + state->mdalg = mystrdup("sha1"); + state->CApath = mystrdup(""); + state->CAfile = mystrdup(""); + state->chains = mystrdup(""); + state->certfile = mystrdup(""); + state->keyfile = mystrdup(""); + state->sni = mystrdup(""); + state->options.tas = argv_alloc(1); + state->options.logopts = 0; + state->level = TLS_LEV_DANE; + state->mxinsec_level = TLS_LEV_DANE; + state->tlsproxy_mode = 0; +#else +#define TLSOPTS "" + state->level = TLS_LEV_NONE; +#endif + + while ((c = GETOPT(argc, argv, OPTS TLSOPTS)) > 0) { + switch (c) { + default: + usage(); + break; + case 'a': + state->options.addr_pref = mystrdup(optarg); + break; + case 'c': + state->nochat = 1; + break; + case 'h': + myfree(state->options.host_lookup); + state->options.host_lookup = mystrdup(optarg); + break; + case 'o': + override(optarg); + break; + case 'S': + state->smtp = 0; + break; + case 't': + conn_tmout = atoi(optarg); + break; + case 'T': + smtp_tmout = atoi(optarg); + break; + case 'v': + msg_verbose++; + break; +#ifdef USE_TLS + case 'A': + argv_add(state->options.tas, optarg, ARGV_END); + break; + case 'C': + state->print_trust = 1; + break; + case 'd': + myfree(state->mdalg); + state->mdalg = mystrdup(optarg); + break; + case 'f': + state->force_tlsa = 1; + break; + case 'F': + myfree(state->CAfile); + state->CAfile = mystrdup(optarg); + break; + case 'g': + myfree(state->grade); + state->grade = mystrdup(optarg); + break; + case 'H': + { + char *tmp; + + if (*state->chains) + tmp = concatenate(state->chains, ", ", optarg, (char *) 0); + else + tmp = mystrdup(optarg); + myfree(state->chains); + state->chains = tmp; + } + break; + case 'k': + myfree(state->certfile); + state->certfile = mystrdup(optarg); + if (!*state->keyfile) { + myfree(state->keyfile); + state->keyfile = mystrdup(optarg); + } + break; + case 'K': + myfree(state->keyfile); + state->keyfile = mystrdup(optarg); + if (!*state->certfile) { + myfree(state->certfile); + state->certfile = mystrdup(optarg); + } + break; + case 'l': + if (state->options.level) + myfree(state->options.level); + state->options.level = mystrdup(optarg); + break; + case 'L': + if (state->options.logopts) + myfree(state->options.logopts); + state->options.logopts = mystrdup(optarg); + break; + case 'm': + state->max_reconnect = atoi(optarg); + break; + case 'M': + switch (state->mxinsec_level = tls_level_lookup(optarg)) { + case TLS_LEV_MAY: + case TLS_LEV_ENCRYPT: + case TLS_LEV_DANE: + break; + default: + msg_fatal("bad '-M' option value: %s", optarg); + } + break; + case 'p': + myfree(state->protocols); + state->protocols = mystrdup(optarg); + break; + case 'P': + myfree(state->CApath); + state->CApath = mystrdup(optarg); + break; + case 'r': + state->reconnect = atoi(optarg); + break; + case 's': + myfree(state->sni); + state->sni = mystrdup(optarg); + break; + case 'w': + state->wrapper_mode = 1; + break; + case 'X': + state->tlsproxy_mode = 1; + break; +#endif + } + } + + /* + * Address family preference. + */ + state->addr_pref = + name_code(addr_pref_map, NAME_CODE_FLAG_NONE, state->options.addr_pref ? + state->options.addr_pref : "any"); + if (state->addr_pref < 0) + msg_fatal("bad '-a' option value: %s", state->options.addr_pref); + +#ifdef USE_TLS + if (state->tlsproxy_mode && state->reconnect >= 0) + msg_fatal("The -X and -r options are mutually exclusive"); +#endif + + /* + * Select hostname lookup mechanisms. + */ + state->host_lookup = + name_mask("-h option", lookup_masks, state->options.host_lookup ? + state->options.host_lookup : "dns"); + +#ifdef USE_TLS + + if (*state->chains && *state->certfile) + msg_fatal("When the '-H' option is used, neither the '-k'," + " nor the '-K' options may be used"); + + if (state->reconnect < 0) + tlsmgrmem_disable(); + + if (state->options.logopts == 0) + state->options.logopts = mystrdup("routine,certmatch"); + state->log_mask = tls_log_mask("-L option", state->options.logopts); + + if (state->options.level) { + state->level = tls_level_lookup(state->options.level); + + switch (state->level) { + case TLS_LEV_NONE: + if (state->wrapper_mode) + msg_fatal("SSL wrapper mode requires that TLS not be disabled"); + return; + case TLS_LEV_INVALID: + msg_fatal("Invalid TLS level \"%s\"", state->options.level); + } + } + + /* + * We first call tls_init(), which ultimately calls SSL_library_init(), + * since otherwise we can't tell whether we have the message digests + * required for DANE support. + */ + tls_init(state); + if (TLS_DANE_BASED(state->level) && !tls_dane_avail()) { + msg_warn("DANE TLS support is not available, resorting to \"secure\""); + state->level = TLS_LEV_SECURE; + } + state->tls_bio = 0; + if (state->print_trust) + state->tls_bio = BIO_new_fp(stdout, BIO_NOCLOSE); + +#endif +} + +/* parse_match - process match arguments */ + +static void parse_match(STATE *state, int argc, char *argv[]) +{ +#ifdef USE_TLS + + switch (state->level) { + case TLS_LEV_SECURE: + state->match = argv_alloc(2); + while (*argv) + argv_split_append(state->match, *argv++, ""); + if (state->match->argc == 0) + argv_add(state->match, "nexthop", "dot-nexthop", ARGV_END); + break; + case TLS_LEV_VERIFY: + state->match = argv_alloc(1); + while (*argv) + argv_split_append(state->match, *argv++, ""); + if (state->match->argc == 0) + argv_add(state->match, "hostname", ARGV_END); + break; + case TLS_LEV_FPRINT: + state->dane = tls_dane_alloc(); + while (*argv) + tls_dane_add_ee_digests((TLS_DANE *) state->dane, + state->mdalg, *argv++, ""); + break; + case TLS_LEV_DANE: + case TLS_LEV_DANE_ONLY: + state->match = argv_alloc(2); + argv_add(state->match, "nexthop", "hostname", ARGV_END); + break; + } +#endif +} + +/* parse_tas - process '-A' trust anchor file option */ + +static void parse_tas(STATE *state) +{ +#ifdef USE_TLS + char **file; + + if (!state->options.tas->argc) + return; + + switch (state->level) { + default: + return; + case TLS_LEV_SECURE: + case TLS_LEV_VERIFY: + state->dane = tls_dane_alloc(); + for (file = state->options.tas->argv; *file; ++file) { + if (!tls_dane_load_trustfile((TLS_DANE *) state->dane, *file)) + break; + } + if (*file) + msg_fatal("Failed to load trust anchor file: %s", *file); + break; + } +#endif +} + + +int main(int argc, char *argv[]) +{ + static STATE state; + char *loopenv = getenv("VALGRINDLOOP"); + int loop = loopenv ? atoi(loopenv) : 1; + ARGV *import_env; + + /* Don't die when a peer goes away unexpectedly. */ + signal(SIGPIPE, SIG_IGN); + + /* We're a diagnostic utility, so diagnostic messages go to stdout. */ + var_procname = mystrdup(basename(argv[0])); + set_mail_conf_str(VAR_PROCNAME, var_procname); + msg_vstream_init(var_procname, VSTREAM_OUT); + + /* + * Load main.cf, parse command-line options, then process main.cf + * settings plus any command-line "-o" overrides. + */ + mail_conf_suck(); + parse_options(&state, argc, argv); + mail_params_init(); + parse_tas(&state); + + /* Enforce consistent operation of different Postfix parts. */ + import_env = mail_parm_split(VAR_IMPORT_ENVIRON, var_import_environ); + update_env(import_env->argv); + argv_free(import_env); + + argc -= optind; + argv += optind; + + /* The first non-option argument is the destination. */ + if (!argc) + usage(); + + state.dest = mystrdup(argv[0]); + parse_match(&state, --argc, ++argv); + + /* Don't talk to remote systems as root */ + if (!geteuid()) + chroot_uid(0, var_mail_owner); + + while (loop-- > 0) + run(&state); + + /* Be valgrind friendly and clean-up */ + cleanup(&state); + + /* OpenSSL 1.1.0 and later (de)initialization is implicit */ +#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L + ssl_cleanup(); +#endif + + return (0); +} -- cgit v1.2.3