summaryrefslogtreecommitdiff
path: root/usr.sbin/smtpd
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/smtpd')
-rw-r--r--usr.sbin/smtpd/smtp.c24
-rw-r--r--usr.sbin/smtpd/smtp_session.c389
-rw-r--r--usr.sbin/smtpd/smtpctl.c18
-rw-r--r--usr.sbin/smtpd/smtpd.h17
-rw-r--r--usr.sbin/smtpd/ssl.c8
5 files changed, 282 insertions, 174 deletions
diff --git a/usr.sbin/smtpd/smtp.c b/usr.sbin/smtpd/smtp.c
index f1f9de3e9e8..852322156d9 100644
--- a/usr.sbin/smtpd/smtp.c
+++ b/usr.sbin/smtpd/smtp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtp.c,v 1.45 2009/05/14 15:05:12 eric Exp $ */
+/* $OpenBSD: smtp.c,v 1.46 2009/05/18 20:23:35 jacekm Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org>
@@ -397,22 +397,18 @@ smtp_dispatch_queue(int sig, short event, void *p)
log_debug("smtp_dispatch_queue: tempfail in queue");
- /*
- * IMSG_QUEUE_TEMPFAIL is not the final reply to
- * IMSG_MFA_RCPT - IMSG_QUEUE_COMMIT_ENVELOPES is.
- * Therefore, nothing more but updating the flags
- * is allowed here. If session_lookup were to be
- * called, then subsequent session_lookup in the
- * IMSG_QUEUE_COMMIT_ENVELOPES handler would fatal for
- * either of two reasons: missing session, or missing
- * EVLOCKED flag.
- */
key.s_id = ss->id;
s = SPLAY_FIND(sessiontree, &env->sc_sessions, &key);
if (s == NULL)
fatalx("smtp_dispatch_queue: session is gone");
- s->s_msg.status |= S_MESSAGE_TEMPFAILURE;
+ if (s->s_flags & F_WRITEONLY) {
+ /*
+ * Session is write-only, can't destroy it.
+ */
+ s->s_msg.status |= S_MESSAGE_TEMPFAILURE;
+ } else
+ fatalx("smtp_dispatch_queue: corrupt session");
break;
}
@@ -752,9 +748,9 @@ session_lookup(struct smtpd *env, u_int64_t id)
if (s == NULL)
fatalx("session_lookup: session is gone");
- if (!(s->s_flags & F_EVLOCKED))
+ if (!(s->s_flags & F_WRITEONLY))
fatalx("session_lookup: corrupt session");
- s->s_flags &= ~F_EVLOCKED;
+ s->s_flags &= ~F_WRITEONLY;
if (s->s_flags & F_QUIT) {
session_destroy(s);
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
index 07711efdb60..8affe5ebeea 100644
--- a/usr.sbin/smtpd/smtp_session.c
+++ b/usr.sbin/smtpd/smtp_session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtp_session.c,v 1.88 2009/05/14 15:05:12 eric Exp $ */
+/* $OpenBSD: smtp_session.c,v 1.89 2009/05/18 20:23:35 jacekm Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org>
@@ -41,37 +41,38 @@
#include "smtpd.h"
-int session_rfc5321_helo_handler(struct session *, char *);
-int session_rfc5321_ehlo_handler(struct session *, char *);
-int session_rfc5321_rset_handler(struct session *, char *);
-int session_rfc5321_noop_handler(struct session *, char *);
-int session_rfc5321_data_handler(struct session *, char *);
-int session_rfc5321_mail_handler(struct session *, char *);
-int session_rfc5321_rcpt_handler(struct session *, char *);
-int session_rfc5321_vrfy_handler(struct session *, char *);
-int session_rfc5321_expn_handler(struct session *, char *);
-int session_rfc5321_turn_handler(struct session *, char *);
-int session_rfc5321_help_handler(struct session *, char *);
-int session_rfc5321_quit_handler(struct session *, char *);
-int session_rfc5321_none_handler(struct session *, char *);
-
-int session_rfc1652_mail_handler(struct session *, char *);
-
-int session_rfc3207_stls_handler(struct session *, char *);
-
-int session_rfc4954_auth_handler(struct session *, char *);
-int session_rfc4954_auth_plain(struct session *, char *, size_t);
-int session_rfc4954_auth_login(struct session *, char *, size_t);
-void session_auth_pickup(struct session *, char *, size_t);
-
-void session_read(struct bufferevent *, void *);
-int session_read_data(struct session *, char *, size_t);
-void session_write(struct bufferevent *, void *);
-void session_error(struct bufferevent *, short, void *);
-void session_command(struct session *, char *, char *);
-int session_set_path(struct path *, char *);
-void session_imsg(struct session *, enum smtp_proc_type,
- enum imsg_type, u_int32_t, pid_t, int, void *, u_int16_t);
+int session_rfc5321_helo_handler(struct session *, char *);
+int session_rfc5321_ehlo_handler(struct session *, char *);
+int session_rfc5321_rset_handler(struct session *, char *);
+int session_rfc5321_noop_handler(struct session *, char *);
+int session_rfc5321_data_handler(struct session *, char *);
+int session_rfc5321_mail_handler(struct session *, char *);
+int session_rfc5321_rcpt_handler(struct session *, char *);
+int session_rfc5321_vrfy_handler(struct session *, char *);
+int session_rfc5321_expn_handler(struct session *, char *);
+int session_rfc5321_turn_handler(struct session *, char *);
+int session_rfc5321_help_handler(struct session *, char *);
+int session_rfc5321_quit_handler(struct session *, char *);
+int session_rfc5321_none_handler(struct session *, char *);
+
+int session_rfc1652_mail_handler(struct session *, char *);
+
+int session_rfc3207_stls_handler(struct session *, char *);
+
+int session_rfc4954_auth_handler(struct session *, char *);
+int session_rfc4954_auth_plain(struct session *, char *, size_t);
+int session_rfc4954_auth_login(struct session *, char *, size_t);
+void session_auth_pickup(struct session *, char *, size_t);
+
+void session_read(struct bufferevent *, void *);
+void session_read_data(struct session *, char *, size_t);
+void session_write(struct bufferevent *, void *);
+void session_error(struct bufferevent *, short event, void *);
+void session_command(struct session *, char *, size_t);
+char *session_readline(struct session *, size_t *);
+int session_set_path(struct path *, char *);
+void session_imsg(struct session *, enum smtp_proc_type,
+ enum imsg_type, u_int32_t, pid_t, int, void *, u_int16_t);
extern struct s_session s_smtp;
@@ -123,8 +124,6 @@ session_rfc3207_stls_handler(struct session *s, char *args)
session_respond(s, "220 Ready to start TLS");
s->s_state = S_TLS;
- bufferevent_disable(s->s_bev, EV_READ);
- ssl_session_init(s);
return 1;
}
@@ -422,7 +421,6 @@ session_rfc5321_quit_handler(struct session *s, char *args)
session_respond(s, "221 %s Closing connection", s->s_env->sc_hostname);
s->s_flags |= F_QUIT;
- bufferevent_disable(s->s_bev, EV_READ);
return 1;
}
@@ -490,9 +488,27 @@ session_rfc5321_help_handler(struct session *s, char *args)
}
void
-session_command(struct session *s, char *cmd, char *args)
+session_command(struct session *s, char *cmd, size_t nr)
{
- unsigned int i;
+ char *ep, *args;
+ unsigned int i;
+
+ if (nr > SMTP_CMDLINE_MAX) {
+ session_respond(s, "500 Line too long");
+ return;
+ }
+
+ if ((ep = strchr(cmd, ':')) == NULL)
+ ep = strchr(cmd, ' ');
+ if (ep != NULL) {
+ *ep = '\0';
+ args = ++ep;
+ while (isspace((int)*args))
+ args++;
+ } else
+ args = NULL;
+
+ log_debug("command: %s\targs: %s", cmd, args);
if (!(s->s_flags & F_EHLO))
goto rfc5321;
@@ -545,8 +561,6 @@ session_auth_pickup(struct session *s, char *arg, size_t nr)
if (s == NULL)
fatal("session_auth_pickup: desynchronized");
- bufferevent_enable(s->s_bev, EV_READ);
-
switch (s->s_state) {
case S_AUTH_INIT:
session_rfc4954_auth_plain(s, arg, nr);
@@ -576,13 +590,11 @@ session_pickup(struct session *s, struct submit_status *ss)
if (s == NULL)
fatal("session_pickup: desynchronized");
- bufferevent_enable(s->s_bev, EV_READ);
-
if ((ss != NULL && ss->code == 421) ||
(s->s_msg.status & S_MESSAGE_TEMPFAILURE)) {
session_respond(s, "421 Service temporarily unavailable");
+ s_smtp.tempfail++;
s->s_flags |= F_QUIT;
- bufferevent_disable(s->s_bev, EV_READ);
return;
}
@@ -678,82 +690,90 @@ session_init(struct listener *l, struct session *s)
{
s->s_state = S_INIT;
- if ((s->s_bev = bufferevent_new(s->s_fd, session_read, session_write,
- session_error, s)) == NULL)
- fatalx("session_init: bufferevent_new failed");
-
- bufferevent_settimeout(s->s_bev, SMTPD_SESSION_TIMEOUT,
- SMTPD_SESSION_TIMEOUT);
-
if (l->flags & F_SMTPS) {
- log_debug("session_init: initializing ssl");
- s->s_flags |= F_EVLOCKED;
- bufferevent_disable(s->s_bev, EV_READ|EV_WRITE);
ssl_session_init(s);
return;
}
+ session_bufferevent_new(s);
session_pickup(s, NULL);
}
void
+session_bufferevent_new(struct session *s)
+{
+ if (s->s_bev != NULL)
+ fatalx("session_bufferevent_new: attempt to override existing "
+ "bufferevent");
+
+ if (s->s_flags & F_WRITEONLY)
+ fatalx("session_bufferevent_new: corrupt session");
+
+ s->s_bev = bufferevent_new(s->s_fd, session_read, session_write,
+ session_error, s);
+ if (s->s_bev == NULL)
+ fatal("session_bufferevent_new");
+
+ bufferevent_settimeout(s->s_bev, SMTPD_SESSION_TIMEOUT,
+ SMTPD_SESSION_TIMEOUT);
+
+ bufferevent_enable(s->s_bev, EV_READ);
+}
+
+void
session_read(struct bufferevent *bev, void *p)
{
struct session *s = p;
char *line;
- char *ep;
- char *args;
size_t nr;
+ int expect_lines = 1;
-read:
- nr = EVBUFFER_LENGTH(bev->input);
- line = evbuffer_readline(bev->input);
- if (line == NULL) {
- if (EVBUFFER_LENGTH(bev->input) > SMTP_ANYLINE_MAX) {
- session_respond(s, "500 Line too long");
+ for (;;) {
+ line = session_readline(s, &nr);
+ if (line == NULL)
+ return;
+
+ if (! expect_lines) {
+ session_respond(s, "500 Pipelining unsupported");
+ s_smtp.toofast++;
s->s_flags |= F_QUIT;
- bufferevent_disable(s->s_bev, EV_READ);
+ return;
}
- return;
- }
- nr -= EVBUFFER_LENGTH(bev->input);
+ expect_lines = 0;
- if (s->s_state == S_DATACONTENT) {
- if (session_read_data(s, line, nr)) {
- free(line);
- return;
+ if (s->s_flags & F_WRITEONLY)
+ fatalx("session_read: corrupt session");
+
+ switch (s->s_state) {
+ case S_AUTH_INIT:
+ case S_AUTH_USERNAME:
+ case S_AUTH_PASSWORD:
+ case S_AUTH_FINALIZE:
+ session_auth_pickup(s, line, nr);
+ break;
+
+ case S_GREETED:
+ case S_HELO:
+ case S_MAIL:
+ case S_RCPT:
+ session_command(s, line, nr);
+ break;
+
+ case S_DATACONTENT:
+ if (strcmp(line, ".") != 0)
+ expect_lines = 1;
+ session_read_data(s, line, nr);
+ break;
+
+ default:
+ fatalx("session_read: unexpected state");
}
- free(line);
- goto read;
- }
- if (IS_AUTH(s->s_state)) {
- session_auth_pickup(s, line, nr);
free(line);
- return;
}
-
- if (nr > SMTP_CMDLINE_MAX) {
- session_respond(s, "500 Line too long");
- return;
- }
-
- if ((ep = strchr(line, ':')) == NULL)
- ep = strchr(line, ' ');
- if (ep != NULL) {
- *ep = '\0';
- args = ++ep;
- while (isspace((int)*args))
- args++;
- } else
- args = NULL;
- log_debug("command: %s\targs: %s", line, args);
- session_command(s, line, args);
- free(line);
- return;
}
-int
+void
session_read_data(struct session *s, char *line, size_t nread)
{
size_t len;
@@ -769,23 +789,24 @@ session_read_data(struct session *s, char *line, size_t nread)
s->s_state = S_HELO;
} else if (s->s_msg.status & S_MESSAGE_TEMPFAILURE) {
session_respond(s, "421 Temporary failure");
- s->s_state = S_HELO;
+ s->s_flags |= F_QUIT;
+ s_smtp.tempfail++;
} else {
session_imsg(s, PROC_QUEUE, IMSG_QUEUE_COMMIT_MESSAGE,
0, 0, -1, &s->s_msg, sizeof(s->s_msg));
s->s_state = S_DONE;
}
- return 1;
+ return;
}
/* Don't waste resources on message if it's going to bin anyway. */
if (s->s_msg.status & (S_MESSAGE_PERMFAILURE|S_MESSAGE_TEMPFAILURE))
- return 0;
+ return;
if (nread > SMTP_TEXTLINE_MAX) {
s->s_msg.status |= S_MESSAGE_PERMFAILURE;
- return 0;
+ return;
}
/* "If the first character is a period and there are other characters
@@ -799,7 +820,7 @@ session_read_data(struct session *s, char *line, size_t nread)
if (fwrite(line, len, 1, s->datafp) != 1 ||
fwrite("\n", 1, 1, s->datafp) != 1) {
s->s_msg.status |= S_MESSAGE_TEMPFAILURE;
- return 0;
+ return;
}
if (! (s->s_flags & F_8BITMIME)) {
@@ -808,11 +829,9 @@ session_read_data(struct session *s, char *line, size_t nread)
break;
if (i != len) {
s->s_msg.status |= S_MESSAGE_PERMFAILURE;
- return 0;
+ return;
}
}
-
- return 0;
}
void
@@ -820,8 +839,83 @@ session_write(struct bufferevent *bev, void *p)
{
struct session *s = p;
- if (s->s_flags & F_QUIT)
+ if (s->s_flags & F_WRITEONLY) {
+ /*
+ * Finished writing to a session that is waiting for an IMSG
+ * response, therefore can't destroy session nor re-enable
+ * reading from it.
+ *
+ * If session_respond caller used F_QUIT to request session
+ * destroy after final write, then session will be destroyed
+ * in session_lookup.
+ *
+ * Reading from session will be re-enabled in session_pickup
+ * using another call to session_respond.
+ */
+ return;
+ } else if (s->s_flags & F_QUIT) {
+ /*
+ * session_respond caller requested the session to be dropped.
+ */
session_destroy(s);
+ } else if (s->s_state == S_TLS) {
+ /*
+ * Start the TLS conversation.
+ * Destroy the bufferevent as the SSL module re-creates it.
+ */
+ bufferevent_free(s->s_bev);
+ s->s_bev = NULL;
+ ssl_session_init(s);
+ } else {
+ /*
+ * Common case of responding to client's request.
+ * Re-enable reading from session so that more commands can
+ * be processed.
+ */
+ bufferevent_enable(s->s_bev, EV_READ);
+ }
+}
+
+void
+session_error(struct bufferevent *bev, short event, void *p)
+{
+ struct session *s = p;
+ char *ip = ss_to_text(&s->s_ss);
+
+ if (event & EVBUFFER_READ) {
+ if (event & EVBUFFER_TIMEOUT) {
+ log_warnx("client %s read timeout", ip);
+ s_smtp.read_timeout++;
+ } else if (event & EVBUFFER_EOF)
+ s_smtp.read_eof++;
+ else if (event & EVBUFFER_ERROR) {
+ log_warn("client %s read error", ip);
+ s_smtp.read_error++;
+ }
+
+ session_destroy(s);
+ return;
+ }
+
+ if (event & EVBUFFER_WRITE) {
+ if (event & EVBUFFER_TIMEOUT) {
+ log_warnx("client %s write timeout", ip);
+ s_smtp.write_timeout++;
+ } else if (event & EVBUFFER_EOF)
+ s_smtp.write_eof++;
+ else if (event & EVBUFFER_ERROR) {
+ log_warn("client %s write error", ip);
+ s_smtp.write_error++;
+ }
+
+ if (s->s_flags & F_WRITEONLY)
+ s->s_flags |= F_QUIT;
+ else
+ session_destroy(s);
+ return;
+ }
+
+ fatalx("session_error: unexpected error");
}
void
@@ -829,57 +923,53 @@ session_destroy(struct session *s)
{
log_debug("session_destroy: killing client: %p", s);
+ if (s->s_flags & F_WRITEONLY)
+ fatalx("session_destroy: corrupt session");
+
if (s->datafp != NULL)
fclose(s->datafp);
- if (s->s_msg.message_id[0] != '\0' && s->s_state != S_DONE) {
- /*
- * IMSG_QUEUE_REMOVE_MESSAGE must not be sent using session_imsg
- * since no reply for it is expected.
- */
+ if (s->s_msg.message_id[0] != '\0' && s->s_state != S_DONE)
imsg_compose(s->s_env->sc_ibufs[PROC_QUEUE],
IMSG_QUEUE_REMOVE_MESSAGE, 0, 0, -1, &s->s_msg,
sizeof(s->s_msg));
- s->s_msg.message_id[0] = '\0';
- s->s_msg.message_uid[0] = '\0';
- }
- close(s->s_fd);
+ ssl_session_destroy(s);
+
+ if (s->s_bev != NULL)
+ bufferevent_free(s->s_bev);
+
+ if (close(s->s_fd) == -1)
+ fatal("session_destroy: close");
s_smtp.sessions_active--;
if (s_smtp.sessions_active < s->s_env->sc_maxconn &&
!(s->s_msg.flags & F_MESSAGE_ENQUEUED))
event_add(&s->s_l->ev, NULL);
- if (s->s_bev != NULL) {
- bufferevent_free(s->s_bev);
- }
- ssl_session_destroy(s);
-
SPLAY_REMOVE(sessiontree, &s->s_env->sc_sessions, s);
bzero(s, sizeof(*s));
free(s);
}
-void
-session_error(struct bufferevent *bev, short event, void *p)
+char *
+session_readline(struct session *s, size_t *nr)
{
- struct session *s = p;
+ char *line;
- if (event & EVBUFFER_TIMEOUT)
- s_smtp.timeout++;
- else
- s_smtp.aborted++;
+ *nr = EVBUFFER_LENGTH(s->s_bev->input);
+ line = evbuffer_readline(s->s_bev->input);
+ if (line == NULL) {
+ if (EVBUFFER_LENGTH(s->s_bev->input) > SMTP_ANYLINE_MAX) {
+ session_respond(s, "500 Line too long");
+ s_smtp.linetoolong++;
+ s->s_flags |= F_QUIT;
+ }
+ return NULL;
+ }
+ *nr -= EVBUFFER_LENGTH(s->s_bev->input);
- /* If events are locked, do not destroy session
- * but set F_QUIT flag so that we destroy it as
- * soon as the event lock is removed.
- */
- if (s->s_flags & F_EVLOCKED) {
- s->s_flags |= F_QUIT;
- bufferevent_disable(s->s_bev, EV_READ);
- } else
- session_destroy(s);
+ return line;
}
int
@@ -921,6 +1011,8 @@ session_respond(struct session *s, char *fmt, ...)
fatal("session_respond: evbuffer_add_vprintf failed");
va_end(ap);
+ if (smtpd_process == PROC_SMTP)
+ bufferevent_disable(s->s_bev, EV_READ);
bufferevent_enable(s->s_bev, EV_WRITE);
}
@@ -931,26 +1023,25 @@ void
session_imsg(struct session *s, enum smtp_proc_type proc, enum imsg_type type,
u_int32_t peerid, pid_t pid, int fd, void *data, u_int16_t datalen)
{
- imsg_compose(s->s_env->sc_ibufs[proc], type, peerid, pid, fd, data,
- datalen);
+ if (s->s_flags & F_WRITEONLY)
+ fatalx("session_imsg: corrupt session");
/*
- * Most IMSGs require replies before session can be safely resumed.
- * Ignore client events so that malicious client cannot trigger
- * session_pickup at a bad time.
+ * Each outgoing IMSG has a response IMSG associated that must be
+ * waited for before the session can be progressed further.
+ * During the wait period:
+ * 1) session must not be destroyed,
+ * 2) session must not be read from,
+ * 3) session may be written to.
+ * Session flag F_WRITEONLY is needed to enforce this policy.
+ *
+ * F_WRITEONLY is cleared in session_lookup.
+ * Reading is re-enabled in session_pickup.
*/
+ s->s_flags |= F_WRITEONLY;
bufferevent_disable(s->s_bev, EV_READ);
-
- /*
- * If session is unexpectedly teared down, event(3) calls session_error
- * without honoring EV_READ block.
- * To avoid session data being destroyed while an IMSG requiring it
- * is with other process, provide a flag that session_error can use to
- * determine if it is safe to destroy session data.
- */
- if (s->s_flags & F_EVLOCKED)
- fatalx("session_imsg: imsg sent when another is pending");
- s->s_flags |= F_EVLOCKED;
+ imsg_compose(s->s_env->sc_ibufs[proc], type, peerid, pid, fd, data,
+ datalen);
}
SPLAY_GENERATE(sessiontree, session, s_nodes, session_cmp);
diff --git a/usr.sbin/smtpd/smtpctl.c b/usr.sbin/smtpd/smtpctl.c
index ecd1cc457ca..ed4bcb3cd86 100644
--- a/usr.sbin/smtpd/smtpctl.c
+++ b/usr.sbin/smtpd/smtpctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtpctl.c,v 1.24 2009/04/23 08:28:45 jacekm Exp $ */
+/* $OpenBSD: smtpctl.c,v 1.25 2009/05/18 20:23:35 jacekm Exp $ */
/*
* Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -294,10 +294,22 @@ show_stats_output(struct imsg *imsg)
printf("runner.active=%zd\n", s_runner.active);
+ printf("smtp.errors.linetoolong=%zd\n", s_smtp.linetoolong);
+ printf("smtp.errors.read_eof=%zd\n", s_smtp.read_eof);
+ printf("smtp.errors.read_system=%zd\n", s_smtp.read_error);
+ printf("smtp.errors.read_timeout=%zd\n", s_smtp.read_timeout);
+ printf("smtp.errors.tempfail=%zd\n", s_smtp.tempfail);
+ printf("smtp.errors.toofast=%zd\n", s_smtp.toofast);
+ printf("smtp.errors.write_eof=%zd\n", s_smtp.write_eof);
+ printf("smtp.errors.write_system=%zd\n", s_smtp.write_error);
+ printf("smtp.errors.write_timeout=%zd\n", s_smtp.write_timeout);
+
printf("smtp.sessions=%zd\n", s_smtp.sessions);
- printf("smtp.sessions.aborted=%zd\n", s_smtp.aborted);
+ printf("smtp.sessions.aborted=%zd\n", s_smtp.read_eof +
+ s_smtp.read_error + s_smtp.write_eof + s_smtp.write_error);
printf("smtp.sessions.active=%zd\n", s_smtp.sessions_active);
- printf("smtp.sessions.timeout=%zd\n", s_smtp.timeout);
+ printf("smtp.sessions.timeout=%zd\n", s_smtp.read_timeout +
+ s_smtp.write_timeout);
printf("smtp.sessions.smtps=%zd\n", s_smtp.smtps);
printf("smtp.sessions.smtps.active=%zd\n", s_smtp.smtps_active);
printf("smtp.sessions.starttls=%zd\n", s_smtp.starttls);
diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h
index 5a25bb49864..2d464a3db45 100644
--- a/usr.sbin/smtpd/smtpd.h
+++ b/usr.sbin/smtpd/smtpd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtpd.h,v 1.107 2009/05/09 20:03:07 jacekm Exp $ */
+/* $OpenBSD: smtpd.h,v 1.108 2009/05/18 20:23:35 jacekm Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org>
@@ -547,7 +547,6 @@ enum session_state {
S_DONE,
S_QUIT
};
-#define IS_AUTH(x) ((x) == S_AUTH_INIT || (x) == S_AUTH_USERNAME || (x) == S_AUTH_PASSWORD || (x) == S_AUTH_FINALIZE)
struct ssl {
SPLAY_ENTRY(ssl) ssl_nodes;
@@ -590,7 +589,7 @@ enum session_flags {
F_AUTHENTICATED = 0x10,
F_PEERHASTLS = 0x20,
F_PEERHASAUTH = 0x40,
- F_EVLOCKED = 0x80
+ F_WRITEONLY = 0x80
};
struct session {
@@ -680,8 +679,15 @@ struct s_session {
size_t starttls;
size_t starttls_active;
- size_t aborted;
- size_t timeout;
+ size_t read_error;
+ size_t read_timeout;
+ size_t read_eof;
+ size_t write_error;
+ size_t write_timeout;
+ size_t write_eof;
+ size_t toofast;
+ size_t tempfail;
+ size_t linetoolong;
};
struct stats {
@@ -907,6 +913,7 @@ void session_pickup(struct session *, struct submit_status *);
void session_destroy(struct session *);
void session_respond(struct session *, char *, ...)
__attribute__ ((format (printf, 2, 3)));
+void session_bufferevent_new(struct session *);
SPLAY_PROTOTYPE(sessiontree, session, s_nodes, session_cmp);
diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c
index 3164c776754..e921382392d 100644
--- a/usr.sbin/smtpd/ssl.c
+++ b/usr.sbin/smtpd/ssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.c,v 1.13 2009/04/15 20:34:59 jacekm Exp $ */
+/* $OpenBSD: ssl.c,v 1.14 2009/05/18 20:23:35 jacekm Exp $ */
/*
* Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -503,8 +503,6 @@ ssl_session_accept(int fd, short event, void *p)
}
}
- event_set(&s->s_bev->ev_read, s->s_fd, EV_READ, ssl_read, s->s_bev);
- event_set(&s->s_bev->ev_write, s->s_fd, EV_WRITE, ssl_write, s->s_bev);
log_info("ssl_session_accept: accepted ssl client");
s->s_flags |= F_SECURE;
@@ -518,7 +516,11 @@ ssl_session_accept(int fd, short event, void *p)
s_smtp.starttls_active++;
}
+ session_bufferevent_new(s);
+ event_set(&s->s_bev->ev_read, s->s_fd, EV_READ, ssl_read, s->s_bev);
+ event_set(&s->s_bev->ev_write, s->s_fd, EV_WRITE, ssl_write, s->s_bev);
session_pickup(s, NULL);
+
return;
retry:
event_add(&s->s_ev, &s->s_tv);