piler/src/session.c

550 lines
17 KiB
C
Raw Normal View History

2011-11-14 15:57:52 +01:00
/*
* session.c, SJ
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
2011-11-14 15:57:52 +01:00
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <signal.h>
#include <syslog.h>
#include <time.h>
2012-10-28 20:36:46 +01:00
#include <openssl/ssl.h>
#include <openssl/err.h>
2011-11-14 15:57:52 +01:00
#include <piler.h>
2012-01-07 00:00:36 +01:00
int handle_smtp_session(int new_sd, struct __data *data, struct __config *cfg){
2011-11-14 15:57:52 +01:00
int i, ret, pos, n, inj=ERR, state, prevlen=0;
char *p, buf[MAXBUFSIZE], puf[MAXBUFSIZE], resp[MAXBUFSIZE], prevbuf[MAXBUFSIZE], last2buf[2*MAXBUFSIZE+1];
char rctptoemail[SMALLBUFSIZE], virusinfo[SMALLBUFSIZE], delay[SMALLBUFSIZE];
2011-11-19 21:25:44 +01:00
char *arule = NULL;
2011-11-14 15:57:52 +01:00
struct session_data sdata;
struct _state sstate;
int db_conn=0;
int rc;
struct __counters counters;
struct timezone tz;
struct timeval tv1, tv2;
2012-10-28 20:36:46 +01:00
#ifdef HAVE_STARTTLS
int starttls = 0;
char ssl_error[SMALLBUFSIZE];
#endif
2011-11-14 15:57:52 +01:00
state = SMTP_STATE_INIT;
init_session_data(&sdata);
2012-10-28 20:36:46 +01:00
sdata.tls = 0;
2011-11-14 15:57:52 +01:00
bzero(&counters, sizeof(counters));
/* open database connection */
db_conn = 0;
#ifdef NEED_MYSQL
rc = 1;
mysql_init(&(sdata.mysql));
mysql_options(&(sdata.mysql), MYSQL_OPT_CONNECT_TIMEOUT, (const char*)&cfg->mysql_connect_timeout);
mysql_options(&(sdata.mysql), MYSQL_OPT_RECONNECT, (const char*)&rc);
2011-12-07 15:24:52 +01:00
if(mysql_real_connect(&(sdata.mysql), cfg->mysqlhost, cfg->mysqluser, cfg->mysqlpwd, cfg->mysqldb, cfg->mysqlport, cfg->mysqlsocket, 0)){
2011-11-14 15:57:52 +01:00
db_conn = 1;
2011-12-07 15:24:52 +01:00
mysql_real_query(&(sdata.mysql), "SET NAMES utf8", strlen("SET NAMES utf8"));
2011-12-09 15:24:15 +01:00
mysql_real_query(&(sdata.mysql), "SET CHARACTER SET utf8", strlen("SET CHARACTER SET utf8"));
2011-12-07 15:24:52 +01:00
}
2011-11-14 15:57:52 +01:00
else
syslog(LOG_PRIORITY, "%s", ERR_MYSQL_CONNECT);
#endif
gettimeofday(&tv1, &tz);
#ifdef HAVE_LMTP
snprintf(buf, MAXBUFSIZE-1, LMTP_RESP_220_BANNER, cfg->hostid);
#else
snprintf(buf, MAXBUFSIZE-1, SMTP_RESP_220_BANNER, cfg->hostid);
#endif
send(new_sd, buf, strlen(buf), 0);
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: sent: %s", sdata.ttmpfile, buf);
2012-10-28 20:36:46 +01:00
while((n = recvtimeoutssl(new_sd, puf, MAXBUFSIZE, TIMEOUT, sdata.tls, data->ssl)) > 0){
2011-11-14 15:57:52 +01:00
pos = 0;
/* accept mail data */
if(state == SMTP_STATE_DATA){
/* join the last 2 buffer */
memset(last2buf, 0, 2*MAXBUFSIZE+1);
memcpy(last2buf, prevbuf, MAXBUFSIZE);
memcpy(last2buf+prevlen, puf, MAXBUFSIZE);
pos = searchStringInBuffer(last2buf, 2*MAXBUFSIZE+1, SMTP_CMD_PERIOD, 5);
if(pos > 0){
/* fix position */
pos = pos - prevlen;
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: period found", sdata.ttmpfile);
/* write data only to (and including) the trailing period (.) */
ret = write(sdata.fd, puf, pos);
sdata.tot_len += ret;
/* fix posistion! */
pos += strlen(SMTP_CMD_PERIOD);
2011-11-22 12:31:54 +01:00
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: got: (.)", sdata.ttmpfile);
2011-11-14 15:57:52 +01:00
state = SMTP_STATE_PERIOD;
/* make sure we had a successful read */
rc = fsync(sdata.fd);
close(sdata.fd);
gettimeofday(&tv2, &tz);
sdata.__acquire = tvdiff(tv2, tv1);
if(rc){
syslog(LOG_PRIORITY, "failed writing data: %s", sdata.ttmpfile);
#ifdef HAVE_LMTP
for(i=0; i<sdata.num_of_rcpt_to; i++){
#endif
2012-10-28 20:36:46 +01:00
//send(new_sd, SMTP_RESP_421_ERR_WRITE_FAILED, strlen(SMTP_RESP_421_ERR_WRITE_FAILED), 0);
write1(new_sd, SMTP_RESP_421_ERR_WRITE_FAILED, sdata.tls, data->ssl);
2011-11-14 15:57:52 +01:00
#ifdef HAVE_LMTP
}
#endif
memset(puf, 0, MAXBUFSIZE);
goto AFTER_PERIOD;
}
gettimeofday(&tv1, &tz);
2012-06-01 14:25:49 +02:00
sstate = parse_message(&sdata, 1, cfg);
post_parse(&sdata, &sstate, cfg);
2011-11-14 15:57:52 +01:00
gettimeofday(&tv2, &tz);
sdata.__parsed = tvdiff(tv2, tv1);
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: parsed message", sdata.ttmpfile);
sdata.need_scan = 1;
2011-12-29 12:11:28 +01:00
make_digests(&sdata, cfg);
2011-11-14 15:57:52 +01:00
#ifdef HAVE_ANTIVIRUS
if(cfg->use_antivirus == 1){
gettimeofday(&tv1, &tz);
sdata.rav = do_av_check(&sdata, rctptoemail, &virusinfo[0], data, cfg);
2011-11-14 15:57:52 +01:00
gettimeofday(&tv2, &tz);
sdata.__av = tvdiff(tv2, tv1);
}
#endif
#ifdef HAVE_LMTP
for(i=0; i<sdata.num_of_rcpt_to; i++){
#else
i = 0;
#endif
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: round %d in injection", sdata.ttmpfile, i);
extractEmail(sdata.rcptto[i], rctptoemail);
/* copy default config to enable policy support */
//memcpy(&my_cfg, cfg, sizeof(struct __config));
inj = ERR;
if(db_conn == 1){
2011-12-13 17:05:22 +01:00
if(sdata.restored_copy == 1){
syslog(LOG_PRIORITY, "%s: discarding restored copy", sdata.ttmpfile);
inj = OK;
}
else if(AVIR_VIRUS == sdata.rav){
2011-11-14 15:57:52 +01:00
syslog(LOG_PRIORITY, "%s: found virus: %s", sdata.ttmpfile, virusinfo);
counters.c_virus++;
inj = OK;
} else if(strlen(sdata.bodydigest) < 10) {
syslog(LOG_PRIORITY, "%s: invalid digest", sdata.ttmpfile);
inj = ERR;
} else {
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: processing message", sdata.ttmpfile);
2011-11-19 21:25:44 +01:00
/* check message against archiving rules */
2012-02-19 22:59:47 +01:00
arule = check_againt_ruleset(data->archiving_rules, &sstate, sdata.tot_len, sdata.spam_message);
2011-11-19 21:25:44 +01:00
if(arule){
2011-11-23 12:24:21 +01:00
syslog(LOG_PRIORITY, "%s: discarding message by archiving policy: *%s*", sdata.ttmpfile, arule);
2011-11-19 21:25:44 +01:00
inj = OK;
2011-12-27 20:51:56 +01:00
counters.c_ignore++;
2011-11-19 21:25:44 +01:00
}
else {
inj = process_message(&sdata, &sstate, data, cfg);
2012-02-10 13:57:04 +01:00
counters.c_size += sdata.tot_len;
2011-11-19 21:25:44 +01:00
}
2011-11-14 15:57:52 +01:00
}
}
/* set the accept buffer */
snprintf(sdata.acceptbuf, SMALLBUFSIZE-1, "250 Ok %s <%s>\r\n", sdata.ttmpfile, rctptoemail);
if(inj == ERR) snprintf(sdata.acceptbuf, SMALLBUFSIZE-1, "451 %s <%s>\r\n", sdata.ttmpfile, rctptoemail);
2012-10-28 20:36:46 +01:00
//send(new_sd, sdata.acceptbuf, strlen(sdata.acceptbuf), 0);
write1(new_sd, sdata.acceptbuf, sdata.tls, data->ssl);
2011-11-14 15:57:52 +01:00
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: sent: %s", sdata.ttmpfile, sdata.acceptbuf);
counters.c_rcvd++;
if(inj == ERR_EXISTS){
syslog(LOG_PRIORITY, "%s: discarding duplicate message", sdata.ttmpfile);
counters.c_duplicate++;
}
2012-06-06 20:38:16 +02:00
snprintf(delay, SMALLBUFSIZE-1, "delay=%.2f, delays=%.2f/%.2f/%.2f/%.2f/%.2f/%.2f",
2011-11-14 15:57:52 +01:00
(sdata.__acquire+sdata.__parsed+sdata.__av+sdata.__compress+sdata.__encrypt+sdata.__store)/1000000.0,
sdata.__acquire/1000000.0, sdata.__parsed/1000000.0, sdata.__av/1000000.0, sdata.__compress/1000000.0, sdata.__encrypt/1000000.0, sdata.__store/1000000.0);
syslog(LOG_PRIORITY, "%s: from=%s, size=%d, reference=%s, message-id=%s, %s", sdata.ttmpfile, sdata.fromemail, sdata.tot_len, sstate.reference, sstate.message_id, delay);
2011-11-14 15:57:52 +01:00
#ifdef HAVE_LMTP
} /* for */
#endif
unlink(sdata.ttmpfile);
2011-11-19 21:25:44 +01:00
unlink(sdata.tmpframe);
2011-11-14 15:57:52 +01:00
/* if we have nothing after the trailing (.), we can read
the next command from the network */
if(puf[n-3] == '.' && puf[n-2] == '\r' && puf[n-1] == '\n') continue;
/* if we left something in the puffer, we are ready to proceed
to handle the additional commands, such as QUIT */
/* if we miss the trailing \r\n, ie. we need another read */
if(puf[n-2] != '\r' && puf[n-1] != '\n'){
memmove(puf, puf+pos, n-pos);
memset(puf+n-pos, 0, MAXBUFSIZE-n+pos);
i = recvtimeout(new_sd, buf, MAXBUFSIZE, TIMEOUT);
strncat(puf, buf, MAXBUFSIZE-1-n+pos);
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: partial read: %s", sdata.ttmpfile, puf);
pos = 0;
}
} /* PERIOD found */
else {
ret = write(sdata.fd, puf, n);
sdata.tot_len += ret;
memcpy(prevbuf, puf, n);
prevlen = n;
continue;
}
} /* SMTP DATA */
AFTER_PERIOD:
/* handle smtp commands */
memset(resp, 0, MAXBUFSIZE);
p = &puf[pos];
while((p = split_str(p, "\r\n", buf, MAXBUFSIZE-1))){
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: got: %s", sdata.ttmpfile, buf);
if(strncasecmp(buf, SMTP_CMD_EHLO, strlen(SMTP_CMD_EHLO)) == 0 || strncasecmp(buf, LMTP_CMD_LHLO, strlen(LMTP_CMD_LHLO)) == 0){
if(state == SMTP_STATE_INIT) state = SMTP_STATE_HELO;
2012-10-28 20:36:46 +01:00
if(sdata.tls == 0) snprintf(buf, MAXBUFSIZE-1, SMTP_RESP_250_EXTENSIONS, cfg->hostid, data->starttls);
else snprintf(buf, MAXBUFSIZE-1, SMTP_RESP_250_EXTENSIONS, cfg->hostid, "");
2011-11-14 15:57:52 +01:00
strncat(resp, buf, MAXBUFSIZE-1);
continue;
/* FIXME: implement the ENHANCEDSTATUSCODE extensions */
}
if(strncasecmp(buf, SMTP_CMD_HELO, strlen(SMTP_CMD_HELO)) == 0){
if(state == SMTP_STATE_INIT) state = SMTP_STATE_HELO;
strncat(resp, SMTP_RESP_250_OK, MAXBUFSIZE-1);
continue;
}
2012-10-28 20:36:46 +01:00
#ifdef HAVE_STARTTLS
if(cfg->tls_enable > 0 && strncasecmp(buf, SMTP_CMD_STARTTLS, strlen(SMTP_CMD_STARTTLS)) == 0 && strlen(data->starttls) > 4 && sdata.tls == 0){
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: starttls request from client", sdata.ttmpfile);
if(data->ctx){
data->ssl = SSL_new(data->ctx);
if(data->ssl){
if(SSL_set_fd(data->ssl, new_sd) == 1){
strncat(resp, SMTP_RESP_220_READY_TO_START_TLS, MAXBUFSIZE-1);
starttls = 1;
state = SMTP_STATE_INIT;
continue;
} syslog(LOG_PRIORITY, "%s: SSL_set_fd() failed", sdata.ttmpfile);
} syslog(LOG_PRIORITY, "%s: SSL_new() failed", sdata.ttmpfile);
} syslog(LOG_PRIORITY, "%s: SSL ctx is null!", sdata.ttmpfile);
strncat(resp, SMTP_RESP_454_ERR_TLS_TEMP_ERROR, MAXBUFSIZE-1);
continue;
}
#endif
2011-11-14 15:57:52 +01:00
if(strncasecmp(buf, SMTP_CMD_MAIL_FROM, strlen(SMTP_CMD_MAIL_FROM)) == 0){
if(state != SMTP_STATE_HELO){
strncat(resp, SMTP_RESP_503_ERR, MAXBUFSIZE-1);
}
else {
state = SMTP_STATE_MAIL_FROM;
snprintf(sdata.mailfrom, SMALLBUFSIZE-1, "%s\r\n", buf);
memset(sdata.fromemail, 0, SMALLBUFSIZE);
extractEmail(sdata.mailfrom, sdata.fromemail);
2011-11-14 15:57:52 +01:00
strncat(resp, SMTP_RESP_250_OK, strlen(SMTP_RESP_250_OK));
}
continue;
}
if(strncasecmp(buf, SMTP_CMD_RCPT_TO, strlen(SMTP_CMD_RCPT_TO)) == 0){
if(state == SMTP_STATE_MAIL_FROM || state == SMTP_STATE_RCPT_TO){
if(strlen(buf) > SMALLBUFSIZE/2){
strncat(resp, SMTP_RESP_550_ERR_TOO_LONG_RCPT_TO, MAXBUFSIZE-1);
continue;
}
if(sdata.num_of_rcpt_to < MAX_RCPT_TO-1){
snprintf(sdata.rcptto[sdata.num_of_rcpt_to], SMALLBUFSIZE-1, "%s\r\n", buf);
}
state = SMTP_STATE_RCPT_TO;
/* check against blackhole addresses */
extractEmail(buf, rctptoemail);
if(sdata.num_of_rcpt_to < MAX_RCPT_TO-1) sdata.num_of_rcpt_to++;
strncat(resp, SMTP_RESP_250_OK, MAXBUFSIZE-1);
}
else {
strncat(resp, SMTP_RESP_503_ERR, MAXBUFSIZE-1);
}
continue;
}
if(strncasecmp(buf, SMTP_CMD_DATA, strlen(SMTP_CMD_DATA)) == 0){
memset(last2buf, 0, 2*MAXBUFSIZE+1);
memset(prevbuf, 0, MAXBUFSIZE);
inj = ERR;
prevlen = 0;
if(state != SMTP_STATE_RCPT_TO){
strncat(resp, SMTP_RESP_503_ERR, MAXBUFSIZE-1);
}
else {
sdata.fd = open(sdata.filename, O_CREAT|O_RDWR, S_IRUSR|S_IWUSR|S_IRGRP);
2011-11-14 15:57:52 +01:00
if(sdata.fd == -1){
syslog(LOG_PRIORITY, "%s: %s", ERR_OPEN_TMP_FILE, sdata.ttmpfile);
strncat(resp, SMTP_RESP_451_ERR, MAXBUFSIZE-1);
}
else {
state = SMTP_STATE_DATA;
strncat(resp, SMTP_RESP_354_DATA_OK, MAXBUFSIZE-1);
}
}
continue;
}
if(strncasecmp(buf, SMTP_CMD_QUIT, strlen(SMTP_CMD_QUIT)) == 0){
state = SMTP_STATE_FINISHED;
snprintf(buf, MAXBUFSIZE-1, SMTP_RESP_221_GOODBYE, cfg->hostid);
2012-06-20 10:28:20 +02:00
strncat(resp, buf, MAXBUFSIZE-1);
2011-11-14 15:57:52 +01:00
unlink(sdata.ttmpfile);
2011-11-19 21:25:44 +01:00
unlink(sdata.tmpframe);
2011-11-14 15:57:52 +01:00
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: removed", sdata.ttmpfile);
2012-06-20 10:28:20 +02:00
continue;
2011-11-14 15:57:52 +01:00
}
if(strncasecmp(buf, SMTP_CMD_NOOP, strlen(SMTP_CMD_NOOP)) == 0){
strncat(resp, SMTP_RESP_250_OK, MAXBUFSIZE-1);
continue;
}
if(strncasecmp(buf, SMTP_CMD_RESET, strlen(SMTP_CMD_RESET)) == 0){
strncat(resp, SMTP_RESP_250_OK, MAXBUFSIZE-1);
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: removed", sdata.ttmpfile);
unlink(sdata.ttmpfile);
2011-11-19 21:25:44 +01:00
unlink(sdata.tmpframe);
2011-11-14 15:57:52 +01:00
init_session_data(&sdata);
2011-11-14 15:57:52 +01:00
state = SMTP_STATE_HELO;
continue;
}
/* by default send 502 command not implemented message */
syslog(LOG_PRIORITY, "%s: invalid command: *%s*", sdata.ttmpfile, buf);
strncat(resp, SMTP_RESP_502_ERR, MAXBUFSIZE-1);
}
/* now we can send our buffered response */
if(strlen(resp) > 0){
2012-10-28 20:36:46 +01:00
//send(new_sd, resp, strlen(resp), 0);
write1(new_sd, resp, sdata.tls, data->ssl);
2011-11-14 15:57:52 +01:00
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: sent: %s", sdata.ttmpfile, resp);
memset(resp, 0, MAXBUFSIZE);
2012-10-28 20:36:46 +01:00
#ifdef HAVE_STARTTLS
if(starttls == 1 && sdata.tls == 0){
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: waiting for ssl handshake", sdata.ttmpfile);
rc = SSL_accept(data->ssl);
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: SSL_accept() finished", sdata.ttmpfile);
if(rc == 1){
sdata.tls = 1;
}
else {
ERR_error_string_n(ERR_get_error(), ssl_error, SMALLBUFSIZE);
syslog(LOG_PRIORITY, "%s: SSL_accept() failed, rc=%d, errorcode: %d, error text: %s\n", sdata.ttmpfile, rc, SSL_get_error(data->ssl, rc), ssl_error);
}
}
#endif
2011-11-14 15:57:52 +01:00
}
2012-06-20 10:28:20 +02:00
if(state == SMTP_STATE_FINISHED){
goto QUITTING;
}
2011-11-14 15:57:52 +01:00
} /* while */
/*
* if we are not in SMTP_STATE_QUIT and the message was not injected,
* ie. we have timed out than send back 421 error message
*/
2011-11-16 14:47:47 +01:00
if(state < SMTP_STATE_QUIT && inj == ERR){
2011-11-14 15:57:52 +01:00
snprintf(buf, MAXBUFSIZE-1, SMTP_RESP_421_ERR, cfg->hostid);
2012-10-28 20:36:46 +01:00
//send(new_sd, buf, strlen(buf), 0);
write1(new_sd, buf, sdata.tls, data->ssl);
2011-11-14 15:57:52 +01:00
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: sent: %s", sdata.ttmpfile, buf);
if(sdata.fd != -1){
syslog(LOG_PRIORITY, "%s: removing stale files: %s, %s", sdata.ttmpfile, sdata.ttmpfile, sdata.tmpframe);
close(sdata.fd);
unlink(sdata.ttmpfile);
unlink(sdata.tmpframe);
}
2011-11-14 15:57:52 +01:00
goto QUITTING;
}
QUITTING:
2012-01-07 00:00:36 +01:00
update_counters(&sdata, data, &counters, cfg);
2011-11-14 15:57:52 +01:00
#ifdef NEED_MYSQL
mysql_close(&(sdata.mysql));
#endif
2012-10-28 20:36:46 +01:00
#ifdef HAVE_STARTTLS
if(sdata.tls == 1){
SSL_shutdown(data->ssl);
SSL_free(data->ssl);
}
#endif
2011-11-14 15:57:52 +01:00
if(cfg->verbosity >= _LOG_INFO) syslog(LOG_PRIORITY, "processed %llu messages", counters.c_rcvd);
2012-01-07 00:00:36 +01:00
return (int)counters.c_rcvd;
2011-11-14 15:57:52 +01:00
}