1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 * RFC1870 SMTP Service Extension for Message Size
24 * RFC2195 CRAM-MD5 authentication
25 * RFC2831 DIGEST-MD5 authentication
26 * RFC3207 SMTP over TLS
27 * RFC4422 Simple Authentication and Security Layer (SASL)
28 * RFC4616 PLAIN authentication
29 * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism
30 * RFC4954 SMTP Authentication
31 * RFC5321 SMTP protocol
32 * RFC5890 Internationalized Domain Names for Applications (IDNA)
33 * RFC6531 SMTP Extension for Internationalized Email
34 * RFC6532 Internationalized Email Headers
35 * RFC6749 OAuth 2.0 Authorization Framework
36 * RFC8314 Use of TLS for Email Submission and Access
37 * Draft SMTP URL Interface <draft-earhart-url-smtp-00.txt>
38 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
39 *
40 ***************************************************************************/
41
42 #include "curl_setup.h"
43
44 #ifndef CURL_DISABLE_SMTP
45
46 #ifdef HAVE_NETINET_IN_H
47 #include <netinet/in.h>
48 #endif
49 #ifdef HAVE_ARPA_INET_H
50 #include <arpa/inet.h>
51 #endif
52 #ifdef HAVE_NETDB_H
53 #include <netdb.h>
54 #endif
55 #ifdef __VMS
56 #include <in.h>
57 #include <inet.h>
58 #endif
59
60 #include <curl/curl.h>
61 #include "urldata.h"
62 #include "sendf.h"
63 #include "hostip.h"
64 #include "progress.h"
65 #include "transfer.h"
66 #include "escape.h"
67 #include "http.h" /* for HTTP proxy tunnel stuff */
68 #include "mime.h"
69 #include "socks.h"
70 #include "smtp.h"
71 #include "strtoofft.h"
72 #include "strcase.h"
73 #include "vtls/vtls.h"
74 #include "cfilters.h"
75 #include "connect.h"
76 #include "select.h"
77 #include "multiif.h"
78 #include "url.h"
79 #include "curl_gethostname.h"
80 #include "bufref.h"
81 #include "curl_sasl.h"
82 #include "warnless.h"
83 #include "idn.h"
84 /* The last 3 #include files should be in this order */
85 #include "curl_printf.h"
86 #include "curl_memory.h"
87 #include "memdebug.h"
88
89 /* Local API functions */
90 static CURLcode smtp_regular_transfer(struct Curl_easy *data, bool *done);
91 static CURLcode smtp_do(struct Curl_easy *data, bool *done);
92 static CURLcode smtp_done(struct Curl_easy *data, CURLcode status,
93 bool premature);
94 static CURLcode smtp_connect(struct Curl_easy *data, bool *done);
95 static CURLcode smtp_disconnect(struct Curl_easy *data,
96 struct connectdata *conn, bool dead);
97 static CURLcode smtp_multi_statemach(struct Curl_easy *data, bool *done);
98 static int smtp_getsock(struct Curl_easy *data,
99 struct connectdata *conn, curl_socket_t *socks);
100 static CURLcode smtp_doing(struct Curl_easy *data, bool *dophase_done);
101 static CURLcode smtp_setup_connection(struct Curl_easy *data,
102 struct connectdata *conn);
103 static CURLcode smtp_parse_url_options(struct connectdata *conn);
104 static CURLcode smtp_parse_url_path(struct Curl_easy *data);
105 static CURLcode smtp_parse_custom_request(struct Curl_easy *data);
106 static CURLcode smtp_parse_address(const char *fqma,
107 char **address, struct hostname *host);
108 static CURLcode smtp_perform_auth(struct Curl_easy *data, const char *mech,
109 const struct bufref *initresp);
110 static CURLcode smtp_continue_auth(struct Curl_easy *data, const char *mech,
111 const struct bufref *resp);
112 static CURLcode smtp_cancel_auth(struct Curl_easy *data, const char *mech);
113 static CURLcode smtp_get_message(struct Curl_easy *data, struct bufref *out);
114
115 /*
116 * SMTP protocol handler.
117 */
118
119 const struct Curl_handler Curl_handler_smtp = {
120 "SMTP", /* scheme */
121 smtp_setup_connection, /* setup_connection */
122 smtp_do, /* do_it */
123 smtp_done, /* done */
124 ZERO_NULL, /* do_more */
125 smtp_connect, /* connect_it */
126 smtp_multi_statemach, /* connecting */
127 smtp_doing, /* doing */
128 smtp_getsock, /* proto_getsock */
129 smtp_getsock, /* doing_getsock */
130 ZERO_NULL, /* domore_getsock */
131 ZERO_NULL, /* perform_getsock */
132 smtp_disconnect, /* disconnect */
133 ZERO_NULL, /* write_resp */
134 ZERO_NULL, /* connection_check */
135 ZERO_NULL, /* attach connection */
136 PORT_SMTP, /* defport */
137 CURLPROTO_SMTP, /* protocol */
138 CURLPROTO_SMTP, /* family */
139 PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
140 PROTOPT_URLOPTIONS
141 };
142
143 #ifdef USE_SSL
144 /*
145 * SMTPS protocol handler.
146 */
147
148 const struct Curl_handler Curl_handler_smtps = {
149 "SMTPS", /* scheme */
150 smtp_setup_connection, /* setup_connection */
151 smtp_do, /* do_it */
152 smtp_done, /* done */
153 ZERO_NULL, /* do_more */
154 smtp_connect, /* connect_it */
155 smtp_multi_statemach, /* connecting */
156 smtp_doing, /* doing */
157 smtp_getsock, /* proto_getsock */
158 smtp_getsock, /* doing_getsock */
159 ZERO_NULL, /* domore_getsock */
160 ZERO_NULL, /* perform_getsock */
161 smtp_disconnect, /* disconnect */
162 ZERO_NULL, /* write_resp */
163 ZERO_NULL, /* connection_check */
164 ZERO_NULL, /* attach connection */
165 PORT_SMTPS, /* defport */
166 CURLPROTO_SMTPS, /* protocol */
167 CURLPROTO_SMTP, /* family */
168 PROTOPT_CLOSEACTION | PROTOPT_SSL
169 | PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS /* flags */
170 };
171 #endif
172
173 /* SASL parameters for the smtp protocol */
174 static const struct SASLproto saslsmtp = {
175 "smtp", /* The service name */
176 smtp_perform_auth, /* Send authentication command */
177 smtp_continue_auth, /* Send authentication continuation */
178 smtp_cancel_auth, /* Cancel authentication */
179 smtp_get_message, /* Get SASL response message */
180 512 - 8, /* Max line len - strlen("AUTH ") - 1 space - crlf */
181 334, /* Code received when continuation is expected */
182 235, /* Code to receive upon authentication success */
183 SASL_AUTH_DEFAULT, /* Default mechanisms */
184 SASL_FLAG_BASE64 /* Configuration flags */
185 };
186
187 #ifdef USE_SSL
smtp_to_smtps(struct connectdata *conn)188 static void smtp_to_smtps(struct connectdata *conn)
189 {
190 /* Change the connection handler */
191 conn->handler = &Curl_handler_smtps;
192
193 /* Set the connection's upgraded to TLS flag */
194 conn->bits.tls_upgraded = TRUE;
195 }
196 #else
197 #define smtp_to_smtps(x) Curl_nop_stmt
198 #endif
199
200 /***********************************************************************
201 *
202 * smtp_endofresp()
203 *
204 * Checks for an ending SMTP status code at the start of the given string, but
205 * also detects various capabilities from the EHLO response including the
206 * supported authentication mechanisms.
207 */
smtp_endofresp(struct Curl_easy *data, struct connectdata *conn, char *line, size_t len, int *resp)208 static bool smtp_endofresp(struct Curl_easy *data, struct connectdata *conn,
209 char *line, size_t len, int *resp)
210 {
211 struct smtp_conn *smtpc = &conn->proto.smtpc;
212 bool result = FALSE;
213 (void)data;
214
215 /* Nothing for us */
216 if(len < 4 || !ISDIGIT(line[0]) || !ISDIGIT(line[1]) || !ISDIGIT(line[2]))
217 return FALSE;
218
219 /* Do we have a command response? This should be the response code followed
220 by a space and optionally some text as per RFC-5321 and as outlined in
221 Section 4. Examples of RFC-4954 but some email servers ignore this and
222 only send the response code instead as per Section 4.2. */
223 if(line[3] == ' ' || len == 5) {
224 char tmpline[6];
225
226 result = TRUE;
227 memset(tmpline, '\0', sizeof(tmpline));
228 memcpy(tmpline, line, (len == 5 ? 5 : 3));
229 *resp = curlx_sltosi(strtol(tmpline, NULL, 10));
230
231 /* Make sure real server never sends internal value */
232 if(*resp == 1)
233 *resp = 0;
234 }
235 /* Do we have a multiline (continuation) response? */
236 else if(line[3] == '-' &&
237 (smtpc->state == SMTP_EHLO || smtpc->state == SMTP_COMMAND)) {
238 result = TRUE;
239 *resp = 1; /* Internal response code */
240 }
241
242 return result;
243 }
244
245 /***********************************************************************
246 *
247 * smtp_get_message()
248 *
249 * Gets the authentication message from the response buffer.
250 */
smtp_get_message(struct Curl_easy *data, struct bufref *out)251 static CURLcode smtp_get_message(struct Curl_easy *data, struct bufref *out)
252 {
253 char *message = Curl_dyn_ptr(&data->conn->proto.smtpc.pp.recvbuf);
254 size_t len = data->conn->proto.smtpc.pp.nfinal;
255
256 if(len > 4) {
257 /* Find the start of the message */
258 len -= 4;
259 for(message += 4; *message == ' ' || *message == '\t'; message++, len--)
260 ;
261
262 /* Find the end of the message */
263 while(len--)
264 if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' &&
265 message[len] != '\t')
266 break;
267
268 /* Terminate the message */
269 message[++len] = '\0';
270 Curl_bufref_set(out, message, len, NULL);
271 }
272 else
273 /* junk input => zero length output */
274 Curl_bufref_set(out, "", 0, NULL);
275
276 return CURLE_OK;
277 }
278
279 /***********************************************************************
280 *
281 * smtp_state()
282 *
283 * This is the ONLY way to change SMTP state!
284 */
smtp_state(struct Curl_easy *data, smtpstate newstate)285 static void smtp_state(struct Curl_easy *data, smtpstate newstate)
286 {
287 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
288 #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
289 /* for debug purposes */
290 static const char * const names[] = {
291 "STOP",
292 "SERVERGREET",
293 "EHLO",
294 "HELO",
295 "STARTTLS",
296 "UPGRADETLS",
297 "AUTH",
298 "COMMAND",
299 "MAIL",
300 "RCPT",
301 "DATA",
302 "POSTDATA",
303 "QUIT",
304 /* LAST */
305 };
306
307 if(smtpc->state != newstate)
308 infof(data, "SMTP %p state change from %s to %s",
309 (void *)smtpc, names[smtpc->state], names[newstate]);
310 #endif
311
312 smtpc->state = newstate;
313 }
314
315 /***********************************************************************
316 *
317 * smtp_perform_ehlo()
318 *
319 * Sends the EHLO command to not only initialise communication with the ESMTP
320 * server but to also obtain a list of server side supported capabilities.
321 */
smtp_perform_ehlo(struct Curl_easy *data)322 static CURLcode smtp_perform_ehlo(struct Curl_easy *data)
323 {
324 CURLcode result = CURLE_OK;
325 struct connectdata *conn = data->conn;
326 struct smtp_conn *smtpc = &conn->proto.smtpc;
327
328 smtpc->sasl.authmechs = SASL_AUTH_NONE; /* No known auth. mechanism yet */
329 smtpc->sasl.authused = SASL_AUTH_NONE; /* Clear the authentication mechanism
330 used for esmtp connections */
331 smtpc->tls_supported = FALSE; /* Clear the TLS capability */
332 smtpc->auth_supported = FALSE; /* Clear the AUTH capability */
333
334 /* Send the EHLO command */
335 result = Curl_pp_sendf(data, &smtpc->pp, "EHLO %s", smtpc->domain);
336
337 if(!result)
338 smtp_state(data, SMTP_EHLO);
339
340 return result;
341 }
342
343 /***********************************************************************
344 *
345 * smtp_perform_helo()
346 *
347 * Sends the HELO command to initialise communication with the SMTP server.
348 */
smtp_perform_helo(struct Curl_easy *data, struct connectdata *conn)349 static CURLcode smtp_perform_helo(struct Curl_easy *data,
350 struct connectdata *conn)
351 {
352 CURLcode result = CURLE_OK;
353 struct smtp_conn *smtpc = &conn->proto.smtpc;
354
355 smtpc->sasl.authused = SASL_AUTH_NONE; /* No authentication mechanism used
356 in smtp connections */
357
358 /* Send the HELO command */
359 result = Curl_pp_sendf(data, &smtpc->pp, "HELO %s", smtpc->domain);
360
361 if(!result)
362 smtp_state(data, SMTP_HELO);
363
364 return result;
365 }
366
367 /***********************************************************************
368 *
369 * smtp_perform_starttls()
370 *
371 * Sends the STLS command to start the upgrade to TLS.
372 */
smtp_perform_starttls(struct Curl_easy *data, struct connectdata *conn)373 static CURLcode smtp_perform_starttls(struct Curl_easy *data,
374 struct connectdata *conn)
375 {
376 /* Send the STARTTLS command */
377 CURLcode result = Curl_pp_sendf(data, &conn->proto.smtpc.pp,
378 "%s", "STARTTLS");
379
380 if(!result)
381 smtp_state(data, SMTP_STARTTLS);
382
383 return result;
384 }
385
386 /***********************************************************************
387 *
388 * smtp_perform_upgrade_tls()
389 *
390 * Performs the upgrade to TLS.
391 */
smtp_perform_upgrade_tls(struct Curl_easy *data)392 static CURLcode smtp_perform_upgrade_tls(struct Curl_easy *data)
393 {
394 /* Start the SSL connection */
395 struct connectdata *conn = data->conn;
396 struct smtp_conn *smtpc = &conn->proto.smtpc;
397 CURLcode result;
398 bool ssldone = FALSE;
399
400 if(!Curl_conn_is_ssl(conn, FIRSTSOCKET)) {
401 result = Curl_ssl_cfilter_add(data, conn, FIRSTSOCKET);
402 if(result)
403 goto out;
404 }
405
406 result = Curl_conn_connect(data, FIRSTSOCKET, FALSE, &ssldone);
407 if(!result) {
408 smtpc->ssldone = ssldone;
409 if(smtpc->state != SMTP_UPGRADETLS)
410 smtp_state(data, SMTP_UPGRADETLS);
411
412 if(smtpc->ssldone) {
413 smtp_to_smtps(conn);
414 result = smtp_perform_ehlo(data);
415 }
416 }
417 out:
418 return result;
419 }
420
421 /***********************************************************************
422 *
423 * smtp_perform_auth()
424 *
425 * Sends an AUTH command allowing the client to login with the given SASL
426 * authentication mechanism.
427 */
smtp_perform_auth(struct Curl_easy *data, const char *mech, const struct bufref *initresp)428 static CURLcode smtp_perform_auth(struct Curl_easy *data,
429 const char *mech,
430 const struct bufref *initresp)
431 {
432 CURLcode result = CURLE_OK;
433 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
434 const char *ir = (const char *) Curl_bufref_ptr(initresp);
435
436 if(ir) { /* AUTH <mech> ...<crlf> */
437 /* Send the AUTH command with the initial response */
438 result = Curl_pp_sendf(data, &smtpc->pp, "AUTH %s %s", mech, ir);
439 }
440 else {
441 /* Send the AUTH command */
442 result = Curl_pp_sendf(data, &smtpc->pp, "AUTH %s", mech);
443 }
444
445 return result;
446 }
447
448 /***********************************************************************
449 *
450 * smtp_continue_auth()
451 *
452 * Sends SASL continuation data.
453 */
smtp_continue_auth(struct Curl_easy *data, const char *mech, const struct bufref *resp)454 static CURLcode smtp_continue_auth(struct Curl_easy *data,
455 const char *mech,
456 const struct bufref *resp)
457 {
458 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
459
460 (void)mech;
461
462 return Curl_pp_sendf(data, &smtpc->pp,
463 "%s", (const char *) Curl_bufref_ptr(resp));
464 }
465
466 /***********************************************************************
467 *
468 * smtp_cancel_auth()
469 *
470 * Sends SASL cancellation.
471 */
smtp_cancel_auth(struct Curl_easy *data, const char *mech)472 static CURLcode smtp_cancel_auth(struct Curl_easy *data, const char *mech)
473 {
474 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
475
476 (void)mech;
477
478 return Curl_pp_sendf(data, &smtpc->pp, "*");
479 }
480
481 /***********************************************************************
482 *
483 * smtp_perform_authentication()
484 *
485 * Initiates the authentication sequence, with the appropriate SASL
486 * authentication mechanism.
487 */
smtp_perform_authentication(struct Curl_easy *data)488 static CURLcode smtp_perform_authentication(struct Curl_easy *data)
489 {
490 CURLcode result = CURLE_OK;
491 struct connectdata *conn = data->conn;
492 struct smtp_conn *smtpc = &conn->proto.smtpc;
493 saslprogress progress;
494
495 /* Check we have enough data to authenticate with, and the
496 server supports authentication, and end the connect phase if not */
497 if(!smtpc->auth_supported ||
498 !Curl_sasl_can_authenticate(&smtpc->sasl, data)) {
499 smtp_state(data, SMTP_STOP);
500 return result;
501 }
502
503 /* Calculate the SASL login details */
504 result = Curl_sasl_start(&smtpc->sasl, data, FALSE, &progress);
505
506 if(!result) {
507 if(progress == SASL_INPROGRESS)
508 smtp_state(data, SMTP_AUTH);
509 else {
510 /* Other mechanisms not supported */
511 infof(data, "No known authentication mechanisms supported");
512 result = CURLE_LOGIN_DENIED;
513 }
514 }
515
516 return result;
517 }
518
519 /***********************************************************************
520 *
521 * smtp_perform_command()
522 *
523 * Sends a SMTP based command.
524 */
smtp_perform_command(struct Curl_easy *data)525 static CURLcode smtp_perform_command(struct Curl_easy *data)
526 {
527 CURLcode result = CURLE_OK;
528 struct connectdata *conn = data->conn;
529 struct SMTP *smtp = data->req.p.smtp;
530
531 if(smtp->rcpt) {
532 /* We notify the server we are sending UTF-8 data if a) it supports the
533 SMTPUTF8 extension and b) The mailbox contains UTF-8 characters, in
534 either the local address or host name parts. This is regardless of
535 whether the host name is encoded using IDN ACE */
536 bool utf8 = FALSE;
537
538 if((!smtp->custom) || (!smtp->custom[0])) {
539 char *address = NULL;
540 struct hostname host = { NULL, NULL, NULL, NULL };
541
542 /* Parse the mailbox to verify into the local address and host name
543 parts, converting the host name to an IDN A-label if necessary */
544 result = smtp_parse_address(smtp->rcpt->data,
545 &address, &host);
546 if(result)
547 return result;
548
549 /* Establish whether we should report SMTPUTF8 to the server for this
550 mailbox as per RFC-6531 sect. 3.1 point 6 */
551 utf8 = (conn->proto.smtpc.utf8_supported) &&
552 ((host.encalloc) || (!Curl_is_ASCII_name(address)) ||
553 (!Curl_is_ASCII_name(host.name)));
554
555 /* Send the VRFY command (Note: The host name part may be absent when the
556 host is a local system) */
557 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "VRFY %s%s%s%s",
558 address,
559 host.name ? "@" : "",
560 host.name ? host.name : "",
561 utf8 ? " SMTPUTF8" : "");
562
563 Curl_free_idnconverted_hostname(&host);
564 free(address);
565 }
566 else {
567 /* Establish whether we should report that we support SMTPUTF8 for EXPN
568 commands to the server as per RFC-6531 sect. 3.1 point 6 */
569 utf8 = (conn->proto.smtpc.utf8_supported) &&
570 (!strcmp(smtp->custom, "EXPN"));
571
572 /* Send the custom recipient based command such as the EXPN command */
573 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp,
574 "%s %s%s", smtp->custom,
575 smtp->rcpt->data,
576 utf8 ? " SMTPUTF8" : "");
577 }
578 }
579 else
580 /* Send the non-recipient based command such as HELP */
581 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "%s",
582 smtp->custom && smtp->custom[0] != '\0' ?
583 smtp->custom : "HELP");
584
585 if(!result)
586 smtp_state(data, SMTP_COMMAND);
587
588 return result;
589 }
590
591 /***********************************************************************
592 *
593 * smtp_perform_mail()
594 *
595 * Sends an MAIL command to initiate the upload of a message.
596 */
smtp_perform_mail(struct Curl_easy *data)597 static CURLcode smtp_perform_mail(struct Curl_easy *data)
598 {
599 char *from = NULL;
600 char *auth = NULL;
601 char *size = NULL;
602 CURLcode result = CURLE_OK;
603 struct connectdata *conn = data->conn;
604
605 /* We notify the server we are sending UTF-8 data if a) it supports the
606 SMTPUTF8 extension and b) The mailbox contains UTF-8 characters, in
607 either the local address or host name parts. This is regardless of
608 whether the host name is encoded using IDN ACE */
609 bool utf8 = FALSE;
610
611 /* Calculate the FROM parameter */
612 if(data->set.str[STRING_MAIL_FROM]) {
613 char *address = NULL;
614 struct hostname host = { NULL, NULL, NULL, NULL };
615
616 /* Parse the FROM mailbox into the local address and host name parts,
617 converting the host name to an IDN A-label if necessary */
618 result = smtp_parse_address(data->set.str[STRING_MAIL_FROM],
619 &address, &host);
620 if(result)
621 return result;
622
623 /* Establish whether we should report SMTPUTF8 to the server for this
624 mailbox as per RFC-6531 sect. 3.1 point 4 and sect. 3.4 */
625 utf8 = (conn->proto.smtpc.utf8_supported) &&
626 ((host.encalloc) || (!Curl_is_ASCII_name(address)) ||
627 (!Curl_is_ASCII_name(host.name)));
628
629 if(host.name) {
630 from = aprintf("<%s@%s>", address, host.name);
631
632 Curl_free_idnconverted_hostname(&host);
633 }
634 else
635 /* An invalid mailbox was provided but we'll simply let the server worry
636 about that and reply with a 501 error */
637 from = aprintf("<%s>", address);
638
639 free(address);
640 }
641 else
642 /* Null reverse-path, RFC-5321, sect. 3.6.3 */
643 from = strdup("<>");
644
645 if(!from)
646 return CURLE_OUT_OF_MEMORY;
647
648 /* Calculate the optional AUTH parameter */
649 if(data->set.str[STRING_MAIL_AUTH] && conn->proto.smtpc.sasl.authused) {
650 if(data->set.str[STRING_MAIL_AUTH][0] != '\0') {
651 char *address = NULL;
652 struct hostname host = { NULL, NULL, NULL, NULL };
653
654 /* Parse the AUTH mailbox into the local address and host name parts,
655 converting the host name to an IDN A-label if necessary */
656 result = smtp_parse_address(data->set.str[STRING_MAIL_AUTH],
657 &address, &host);
658 if(result) {
659 free(from);
660 return result;
661 }
662
663 /* Establish whether we should report SMTPUTF8 to the server for this
664 mailbox as per RFC-6531 sect. 3.1 point 4 and sect. 3.4 */
665 if((!utf8) && (conn->proto.smtpc.utf8_supported) &&
666 ((host.encalloc) || (!Curl_is_ASCII_name(address)) ||
667 (!Curl_is_ASCII_name(host.name))))
668 utf8 = TRUE;
669
670 if(host.name) {
671 auth = aprintf("<%s@%s>", address, host.name);
672
673 Curl_free_idnconverted_hostname(&host);
674 }
675 else
676 /* An invalid mailbox was provided but we'll simply let the server
677 worry about it */
678 auth = aprintf("<%s>", address);
679
680 free(address);
681 }
682 else
683 /* Empty AUTH, RFC-2554, sect. 5 */
684 auth = strdup("<>");
685
686 if(!auth) {
687 free(from);
688
689 return CURLE_OUT_OF_MEMORY;
690 }
691 }
692
693 /* Prepare the mime data if some. */
694 if(data->set.mimepost.kind != MIMEKIND_NONE) {
695 /* Use the whole structure as data. */
696 data->set.mimepost.flags &= ~MIME_BODY_ONLY;
697
698 /* Add external headers and mime version. */
699 curl_mime_headers(&data->set.mimepost, data->set.headers, 0);
700 result = Curl_mime_prepare_headers(data, &data->set.mimepost, NULL,
701 NULL, MIMESTRATEGY_MAIL);
702
703 if(!result)
704 if(!Curl_checkheaders(data, STRCONST("Mime-Version")))
705 result = Curl_mime_add_header(&data->set.mimepost.curlheaders,
706 "Mime-Version: 1.0");
707
708 /* Make sure we will read the entire mime structure. */
709 if(!result)
710 result = Curl_mime_rewind(&data->set.mimepost);
711
712 if(result) {
713 free(from);
714 free(auth);
715
716 return result;
717 }
718
719 data->state.infilesize = Curl_mime_size(&data->set.mimepost);
720
721 /* Read from mime structure. */
722 data->state.fread_func = (curl_read_callback) Curl_mime_read;
723 data->state.in = (void *) &data->set.mimepost;
724 }
725
726 /* Calculate the optional SIZE parameter */
727 if(conn->proto.smtpc.size_supported && data->state.infilesize > 0) {
728 size = aprintf("%" CURL_FORMAT_CURL_OFF_T, data->state.infilesize);
729
730 if(!size) {
731 free(from);
732 free(auth);
733
734 return CURLE_OUT_OF_MEMORY;
735 }
736 }
737
738 /* If the mailboxes in the FROM and AUTH parameters don't include a UTF-8
739 based address then quickly scan through the recipient list and check if
740 any there do, as we need to correctly identify our support for SMTPUTF8
741 in the envelope, as per RFC-6531 sect. 3.4 */
742 if(conn->proto.smtpc.utf8_supported && !utf8) {
743 struct SMTP *smtp = data->req.p.smtp;
744 struct curl_slist *rcpt = smtp->rcpt;
745
746 while(rcpt && !utf8) {
747 /* Does the host name contain non-ASCII characters? */
748 if(!Curl_is_ASCII_name(rcpt->data))
749 utf8 = TRUE;
750
751 rcpt = rcpt->next;
752 }
753 }
754
755 /* Send the MAIL command */
756 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp,
757 "MAIL FROM:%s%s%s%s%s%s",
758 from, /* Mandatory */
759 auth ? " AUTH=" : "", /* Optional on AUTH support */
760 auth ? auth : "", /* */
761 size ? " SIZE=" : "", /* Optional on SIZE support */
762 size ? size : "", /* */
763 utf8 ? " SMTPUTF8" /* Internationalised mailbox */
764 : ""); /* included in our envelope */
765
766 free(from);
767 free(auth);
768 free(size);
769
770 if(!result)
771 smtp_state(data, SMTP_MAIL);
772
773 return result;
774 }
775
776 /***********************************************************************
777 *
778 * smtp_perform_rcpt_to()
779 *
780 * Sends a RCPT TO command for a given recipient as part of the message upload
781 * process.
782 */
smtp_perform_rcpt_to(struct Curl_easy *data)783 static CURLcode smtp_perform_rcpt_to(struct Curl_easy *data)
784 {
785 CURLcode result = CURLE_OK;
786 struct connectdata *conn = data->conn;
787 struct SMTP *smtp = data->req.p.smtp;
788 char *address = NULL;
789 struct hostname host = { NULL, NULL, NULL, NULL };
790
791 /* Parse the recipient mailbox into the local address and host name parts,
792 converting the host name to an IDN A-label if necessary */
793 result = smtp_parse_address(smtp->rcpt->data,
794 &address, &host);
795 if(result)
796 return result;
797
798 /* Send the RCPT TO command */
799 if(host.name)
800 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "RCPT TO:<%s@%s>",
801 address, host.name);
802 else
803 /* An invalid mailbox was provided but we'll simply let the server worry
804 about that and reply with a 501 error */
805 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "RCPT TO:<%s>",
806 address);
807
808 Curl_free_idnconverted_hostname(&host);
809 free(address);
810
811 if(!result)
812 smtp_state(data, SMTP_RCPT);
813
814 return result;
815 }
816
817 /***********************************************************************
818 *
819 * smtp_perform_quit()
820 *
821 * Performs the quit action prior to sclose() being called.
822 */
smtp_perform_quit(struct Curl_easy *data, struct connectdata *conn)823 static CURLcode smtp_perform_quit(struct Curl_easy *data,
824 struct connectdata *conn)
825 {
826 /* Send the QUIT command */
827 CURLcode result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "%s", "QUIT");
828
829 if(!result)
830 smtp_state(data, SMTP_QUIT);
831
832 return result;
833 }
834
835 /* For the initial server greeting */
smtp_state_servergreet_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)836 static CURLcode smtp_state_servergreet_resp(struct Curl_easy *data,
837 int smtpcode,
838 smtpstate instate)
839 {
840 CURLcode result = CURLE_OK;
841 (void)instate; /* no use for this yet */
842
843 if(smtpcode/100 != 2) {
844 failf(data, "Got unexpected smtp-server response: %d", smtpcode);
845 result = CURLE_WEIRD_SERVER_REPLY;
846 }
847 else
848 result = smtp_perform_ehlo(data);
849
850 return result;
851 }
852
853 /* For STARTTLS responses */
smtp_state_starttls_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)854 static CURLcode smtp_state_starttls_resp(struct Curl_easy *data,
855 int smtpcode,
856 smtpstate instate)
857 {
858 CURLcode result = CURLE_OK;
859 (void)instate; /* no use for this yet */
860
861 /* Pipelining in response is forbidden. */
862 if(data->conn->proto.smtpc.pp.overflow)
863 return CURLE_WEIRD_SERVER_REPLY;
864
865 if(smtpcode != 220) {
866 if(data->set.use_ssl != CURLUSESSL_TRY) {
867 failf(data, "STARTTLS denied, code %d", smtpcode);
868 result = CURLE_USE_SSL_FAILED;
869 }
870 else
871 result = smtp_perform_authentication(data);
872 }
873 else
874 result = smtp_perform_upgrade_tls(data);
875
876 return result;
877 }
878
879 /* For EHLO responses */
smtp_state_ehlo_resp(struct Curl_easy *data, struct connectdata *conn, int smtpcode, smtpstate instate)880 static CURLcode smtp_state_ehlo_resp(struct Curl_easy *data,
881 struct connectdata *conn, int smtpcode,
882 smtpstate instate)
883 {
884 CURLcode result = CURLE_OK;
885 struct smtp_conn *smtpc = &conn->proto.smtpc;
886 const char *line = Curl_dyn_ptr(&smtpc->pp.recvbuf);
887 size_t len = smtpc->pp.nfinal;
888
889 (void)instate; /* no use for this yet */
890
891 if(smtpcode/100 != 2 && smtpcode != 1) {
892 if(data->set.use_ssl <= CURLUSESSL_TRY
893 || Curl_conn_is_ssl(conn, FIRSTSOCKET))
894 result = smtp_perform_helo(data, conn);
895 else {
896 failf(data, "Remote access denied: %d", smtpcode);
897 result = CURLE_REMOTE_ACCESS_DENIED;
898 }
899 }
900 else if(len >= 4) {
901 line += 4;
902 len -= 4;
903
904 /* Does the server support the STARTTLS capability? */
905 if(len >= 8 && !memcmp(line, "STARTTLS", 8))
906 smtpc->tls_supported = TRUE;
907
908 /* Does the server support the SIZE capability? */
909 else if(len >= 4 && !memcmp(line, "SIZE", 4))
910 smtpc->size_supported = TRUE;
911
912 /* Does the server support the UTF-8 capability? */
913 else if(len >= 8 && !memcmp(line, "SMTPUTF8", 8))
914 smtpc->utf8_supported = TRUE;
915
916 /* Does the server support authentication? */
917 else if(len >= 5 && !memcmp(line, "AUTH ", 5)) {
918 smtpc->auth_supported = TRUE;
919
920 /* Advance past the AUTH keyword */
921 line += 5;
922 len -= 5;
923
924 /* Loop through the data line */
925 for(;;) {
926 size_t llen;
927 size_t wordlen;
928 unsigned short mechbit;
929
930 while(len &&
931 (*line == ' ' || *line == '\t' ||
932 *line == '\r' || *line == '\n')) {
933
934 line++;
935 len--;
936 }
937
938 if(!len)
939 break;
940
941 /* Extract the word */
942 for(wordlen = 0; wordlen < len && line[wordlen] != ' ' &&
943 line[wordlen] != '\t' && line[wordlen] != '\r' &&
944 line[wordlen] != '\n';)
945 wordlen++;
946
947 /* Test the word for a matching authentication mechanism */
948 mechbit = Curl_sasl_decode_mech(line, wordlen, &llen);
949 if(mechbit && llen == wordlen)
950 smtpc->sasl.authmechs |= mechbit;
951
952 line += wordlen;
953 len -= wordlen;
954 }
955 }
956
957 if(smtpcode != 1) {
958 if(data->set.use_ssl && !Curl_conn_is_ssl(conn, FIRSTSOCKET)) {
959 /* We don't have a SSL/TLS connection yet, but SSL is requested */
960 if(smtpc->tls_supported)
961 /* Switch to TLS connection now */
962 result = smtp_perform_starttls(data, conn);
963 else if(data->set.use_ssl == CURLUSESSL_TRY)
964 /* Fallback and carry on with authentication */
965 result = smtp_perform_authentication(data);
966 else {
967 failf(data, "STARTTLS not supported.");
968 result = CURLE_USE_SSL_FAILED;
969 }
970 }
971 else
972 result = smtp_perform_authentication(data);
973 }
974 }
975 else {
976 failf(data, "Unexpectedly short EHLO response");
977 result = CURLE_WEIRD_SERVER_REPLY;
978 }
979
980 return result;
981 }
982
983 /* For HELO responses */
smtp_state_helo_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)984 static CURLcode smtp_state_helo_resp(struct Curl_easy *data, int smtpcode,
985 smtpstate instate)
986 {
987 CURLcode result = CURLE_OK;
988 (void)instate; /* no use for this yet */
989
990 if(smtpcode/100 != 2) {
991 failf(data, "Remote access denied: %d", smtpcode);
992 result = CURLE_REMOTE_ACCESS_DENIED;
993 }
994 else
995 /* End of connect phase */
996 smtp_state(data, SMTP_STOP);
997
998 return result;
999 }
1000
1001 /* For SASL authentication responses */
smtp_state_auth_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)1002 static CURLcode smtp_state_auth_resp(struct Curl_easy *data,
1003 int smtpcode,
1004 smtpstate instate)
1005 {
1006 CURLcode result = CURLE_OK;
1007 struct connectdata *conn = data->conn;
1008 struct smtp_conn *smtpc = &conn->proto.smtpc;
1009 saslprogress progress;
1010
1011 (void)instate; /* no use for this yet */
1012
1013 result = Curl_sasl_continue(&smtpc->sasl, data, smtpcode, &progress);
1014 if(!result)
1015 switch(progress) {
1016 case SASL_DONE:
1017 smtp_state(data, SMTP_STOP); /* Authenticated */
1018 break;
1019 case SASL_IDLE: /* No mechanism left after cancellation */
1020 failf(data, "Authentication cancelled");
1021 result = CURLE_LOGIN_DENIED;
1022 break;
1023 default:
1024 break;
1025 }
1026
1027 return result;
1028 }
1029
1030 /* For command responses */
smtp_state_command_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)1031 static CURLcode smtp_state_command_resp(struct Curl_easy *data, int smtpcode,
1032 smtpstate instate)
1033 {
1034 CURLcode result = CURLE_OK;
1035 struct SMTP *smtp = data->req.p.smtp;
1036 char *line = Curl_dyn_ptr(&data->conn->proto.smtpc.pp.recvbuf);
1037 size_t len = data->conn->proto.smtpc.pp.nfinal;
1038
1039 (void)instate; /* no use for this yet */
1040
1041 if((smtp->rcpt && smtpcode/100 != 2 && smtpcode != 553 && smtpcode != 1) ||
1042 (!smtp->rcpt && smtpcode/100 != 2 && smtpcode != 1)) {
1043 failf(data, "Command failed: %d", smtpcode);
1044 result = CURLE_WEIRD_SERVER_REPLY;
1045 }
1046 else {
1047 if(!data->req.no_body)
1048 result = Curl_client_write(data, CLIENTWRITE_BODY, line, len);
1049
1050 if(smtpcode != 1) {
1051 if(smtp->rcpt) {
1052 smtp->rcpt = smtp->rcpt->next;
1053
1054 if(smtp->rcpt) {
1055 /* Send the next command */
1056 result = smtp_perform_command(data);
1057 }
1058 else
1059 /* End of DO phase */
1060 smtp_state(data, SMTP_STOP);
1061 }
1062 else
1063 /* End of DO phase */
1064 smtp_state(data, SMTP_STOP);
1065 }
1066 }
1067
1068 return result;
1069 }
1070
1071 /* For MAIL responses */
smtp_state_mail_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)1072 static CURLcode smtp_state_mail_resp(struct Curl_easy *data, int smtpcode,
1073 smtpstate instate)
1074 {
1075 CURLcode result = CURLE_OK;
1076 (void)instate; /* no use for this yet */
1077
1078 if(smtpcode/100 != 2) {
1079 failf(data, "MAIL failed: %d", smtpcode);
1080 result = CURLE_SEND_ERROR;
1081 }
1082 else
1083 /* Start the RCPT TO command */
1084 result = smtp_perform_rcpt_to(data);
1085
1086 return result;
1087 }
1088
1089 /* For RCPT responses */
smtp_state_rcpt_resp(struct Curl_easy *data, struct connectdata *conn, int smtpcode, smtpstate instate)1090 static CURLcode smtp_state_rcpt_resp(struct Curl_easy *data,
1091 struct connectdata *conn, int smtpcode,
1092 smtpstate instate)
1093 {
1094 CURLcode result = CURLE_OK;
1095 struct SMTP *smtp = data->req.p.smtp;
1096 bool is_smtp_err = FALSE;
1097 bool is_smtp_blocking_err = FALSE;
1098
1099 (void)instate; /* no use for this yet */
1100
1101 is_smtp_err = (smtpcode/100 != 2) ? TRUE : FALSE;
1102
1103 /* If there's multiple RCPT TO to be issued, it's possible to ignore errors
1104 and proceed with only the valid addresses. */
1105 is_smtp_blocking_err =
1106 (is_smtp_err && !data->set.mail_rcpt_allowfails) ? TRUE : FALSE;
1107
1108 if(is_smtp_err) {
1109 /* Remembering the last failure which we can report if all "RCPT TO" have
1110 failed and we cannot proceed. */
1111 smtp->rcpt_last_error = smtpcode;
1112
1113 if(is_smtp_blocking_err) {
1114 failf(data, "RCPT failed: %d", smtpcode);
1115 result = CURLE_SEND_ERROR;
1116 }
1117 }
1118 else {
1119 /* Some RCPT TO commands have succeeded. */
1120 smtp->rcpt_had_ok = TRUE;
1121 }
1122
1123 if(!is_smtp_blocking_err) {
1124 smtp->rcpt = smtp->rcpt->next;
1125
1126 if(smtp->rcpt)
1127 /* Send the next RCPT TO command */
1128 result = smtp_perform_rcpt_to(data);
1129 else {
1130 /* We weren't able to issue a successful RCPT TO command while going
1131 over recipients (potentially multiple). Sending back last error. */
1132 if(!smtp->rcpt_had_ok) {
1133 failf(data, "RCPT failed: %d (last error)", smtp->rcpt_last_error);
1134 result = CURLE_SEND_ERROR;
1135 }
1136 else {
1137 /* Send the DATA command */
1138 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "%s", "DATA");
1139
1140 if(!result)
1141 smtp_state(data, SMTP_DATA);
1142 }
1143 }
1144 }
1145
1146 return result;
1147 }
1148
1149 /* For DATA response */
smtp_state_data_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)1150 static CURLcode smtp_state_data_resp(struct Curl_easy *data, int smtpcode,
1151 smtpstate instate)
1152 {
1153 CURLcode result = CURLE_OK;
1154 (void)instate; /* no use for this yet */
1155
1156 if(smtpcode != 354) {
1157 failf(data, "DATA failed: %d", smtpcode);
1158 result = CURLE_SEND_ERROR;
1159 }
1160 else {
1161 /* Set the progress upload size */
1162 Curl_pgrsSetUploadSize(data, data->state.infilesize);
1163
1164 /* SMTP upload */
1165 Curl_setup_transfer(data, -1, -1, FALSE, FIRSTSOCKET);
1166
1167 /* End of DO phase */
1168 smtp_state(data, SMTP_STOP);
1169 }
1170
1171 return result;
1172 }
1173
1174 /* For POSTDATA responses, which are received after the entire DATA
1175 part has been sent to the server */
smtp_state_postdata_resp(struct Curl_easy *data, int smtpcode, smtpstate instate)1176 static CURLcode smtp_state_postdata_resp(struct Curl_easy *data,
1177 int smtpcode,
1178 smtpstate instate)
1179 {
1180 CURLcode result = CURLE_OK;
1181
1182 (void)instate; /* no use for this yet */
1183
1184 if(smtpcode != 250)
1185 result = CURLE_WEIRD_SERVER_REPLY;
1186
1187 /* End of DONE phase */
1188 smtp_state(data, SMTP_STOP);
1189
1190 return result;
1191 }
1192
smtp_statemachine(struct Curl_easy *data, struct connectdata *conn)1193 static CURLcode smtp_statemachine(struct Curl_easy *data,
1194 struct connectdata *conn)
1195 {
1196 CURLcode result = CURLE_OK;
1197 curl_socket_t sock = conn->sock[FIRSTSOCKET];
1198 int smtpcode;
1199 struct smtp_conn *smtpc = &conn->proto.smtpc;
1200 struct pingpong *pp = &smtpc->pp;
1201 size_t nread = 0;
1202
1203 /* Busy upgrading the connection; right now all I/O is SSL/TLS, not SMTP */
1204 if(smtpc->state == SMTP_UPGRADETLS)
1205 return smtp_perform_upgrade_tls(data);
1206
1207 /* Flush any data that needs to be sent */
1208 if(pp->sendleft)
1209 return Curl_pp_flushsend(data, pp);
1210
1211 do {
1212 /* Read the response from the server */
1213 result = Curl_pp_readresp(data, sock, pp, &smtpcode, &nread);
1214 if(result)
1215 return result;
1216
1217 /* Store the latest response for later retrieval if necessary */
1218 if(smtpc->state != SMTP_QUIT && smtpcode != 1)
1219 data->info.httpcode = smtpcode;
1220
1221 if(!smtpcode)
1222 break;
1223
1224 /* We have now received a full SMTP server response */
1225 switch(smtpc->state) {
1226 case SMTP_SERVERGREET:
1227 result = smtp_state_servergreet_resp(data, smtpcode, smtpc->state);
1228 break;
1229
1230 case SMTP_EHLO:
1231 result = smtp_state_ehlo_resp(data, conn, smtpcode, smtpc->state);
1232 break;
1233
1234 case SMTP_HELO:
1235 result = smtp_state_helo_resp(data, smtpcode, smtpc->state);
1236 break;
1237
1238 case SMTP_STARTTLS:
1239 result = smtp_state_starttls_resp(data, smtpcode, smtpc->state);
1240 break;
1241
1242 case SMTP_AUTH:
1243 result = smtp_state_auth_resp(data, smtpcode, smtpc->state);
1244 break;
1245
1246 case SMTP_COMMAND:
1247 result = smtp_state_command_resp(data, smtpcode, smtpc->state);
1248 break;
1249
1250 case SMTP_MAIL:
1251 result = smtp_state_mail_resp(data, smtpcode, smtpc->state);
1252 break;
1253
1254 case SMTP_RCPT:
1255 result = smtp_state_rcpt_resp(data, conn, smtpcode, smtpc->state);
1256 break;
1257
1258 case SMTP_DATA:
1259 result = smtp_state_data_resp(data, smtpcode, smtpc->state);
1260 break;
1261
1262 case SMTP_POSTDATA:
1263 result = smtp_state_postdata_resp(data, smtpcode, smtpc->state);
1264 break;
1265
1266 case SMTP_QUIT:
1267 default:
1268 /* internal error */
1269 smtp_state(data, SMTP_STOP);
1270 break;
1271 }
1272 } while(!result && smtpc->state != SMTP_STOP && Curl_pp_moredata(pp));
1273
1274 return result;
1275 }
1276
1277 /* Called repeatedly until done from multi.c */
smtp_multi_statemach(struct Curl_easy *data, bool *done)1278 static CURLcode smtp_multi_statemach(struct Curl_easy *data, bool *done)
1279 {
1280 CURLcode result = CURLE_OK;
1281 struct connectdata *conn = data->conn;
1282 struct smtp_conn *smtpc = &conn->proto.smtpc;
1283
1284 if((conn->handler->flags & PROTOPT_SSL) && !smtpc->ssldone) {
1285 bool ssldone = FALSE;
1286 result = Curl_conn_connect(data, FIRSTSOCKET, FALSE, &ssldone);
1287 smtpc->ssldone = ssldone;
1288 if(result || !smtpc->ssldone)
1289 return result;
1290 }
1291
1292 result = Curl_pp_statemach(data, &smtpc->pp, FALSE, FALSE);
1293 *done = (smtpc->state == SMTP_STOP) ? TRUE : FALSE;
1294
1295 return result;
1296 }
1297
smtp_block_statemach(struct Curl_easy *data, struct connectdata *conn, bool disconnecting)1298 static CURLcode smtp_block_statemach(struct Curl_easy *data,
1299 struct connectdata *conn,
1300 bool disconnecting)
1301 {
1302 CURLcode result = CURLE_OK;
1303 struct smtp_conn *smtpc = &conn->proto.smtpc;
1304
1305 while(smtpc->state != SMTP_STOP && !result)
1306 result = Curl_pp_statemach(data, &smtpc->pp, TRUE, disconnecting);
1307
1308 return result;
1309 }
1310
1311 /* Allocate and initialize the SMTP struct for the current Curl_easy if
1312 required */
smtp_init(struct Curl_easy *data)1313 static CURLcode smtp_init(struct Curl_easy *data)
1314 {
1315 CURLcode result = CURLE_OK;
1316 struct SMTP *smtp;
1317
1318 smtp = data->req.p.smtp = calloc(1, sizeof(struct SMTP));
1319 if(!smtp)
1320 result = CURLE_OUT_OF_MEMORY;
1321
1322 return result;
1323 }
1324
1325 /* For the SMTP "protocol connect" and "doing" phases only */
smtp_getsock(struct Curl_easy *data, struct connectdata *conn, curl_socket_t *socks)1326 static int smtp_getsock(struct Curl_easy *data,
1327 struct connectdata *conn, curl_socket_t *socks)
1328 {
1329 return Curl_pp_getsock(data, &conn->proto.smtpc.pp, socks);
1330 }
1331
1332 /***********************************************************************
1333 *
1334 * smtp_connect()
1335 *
1336 * This function should do everything that is to be considered a part of
1337 * the connection phase.
1338 *
1339 * The variable pointed to by 'done' will be TRUE if the protocol-layer
1340 * connect phase is done when this function returns, or FALSE if not.
1341 */
smtp_connect(struct Curl_easy *data, bool *done)1342 static CURLcode smtp_connect(struct Curl_easy *data, bool *done)
1343 {
1344 CURLcode result = CURLE_OK;
1345 struct connectdata *conn = data->conn;
1346 struct smtp_conn *smtpc = &conn->proto.smtpc;
1347 struct pingpong *pp = &smtpc->pp;
1348
1349 *done = FALSE; /* default to not done yet */
1350
1351 /* We always support persistent connections in SMTP */
1352 connkeep(conn, "SMTP default");
1353
1354 PINGPONG_SETUP(pp, smtp_statemachine, smtp_endofresp);
1355
1356 /* Initialize the SASL storage */
1357 Curl_sasl_init(&smtpc->sasl, data, &saslsmtp);
1358
1359 /* Initialise the pingpong layer */
1360 Curl_pp_init(pp);
1361
1362 /* Parse the URL options */
1363 result = smtp_parse_url_options(conn);
1364 if(result)
1365 return result;
1366
1367 /* Parse the URL path */
1368 result = smtp_parse_url_path(data);
1369 if(result)
1370 return result;
1371
1372 /* Start off waiting for the server greeting response */
1373 smtp_state(data, SMTP_SERVERGREET);
1374
1375 result = smtp_multi_statemach(data, done);
1376
1377 return result;
1378 }
1379
1380 /***********************************************************************
1381 *
1382 * smtp_done()
1383 *
1384 * The DONE function. This does what needs to be done after a single DO has
1385 * performed.
1386 *
1387 * Input argument is already checked for validity.
1388 */
smtp_done(struct Curl_easy *data, CURLcode status, bool premature)1389 static CURLcode smtp_done(struct Curl_easy *data, CURLcode status,
1390 bool premature)
1391 {
1392 CURLcode result = CURLE_OK;
1393 struct connectdata *conn = data->conn;
1394 struct SMTP *smtp = data->req.p.smtp;
1395 struct pingpong *pp = &conn->proto.smtpc.pp;
1396 char *eob;
1397 ssize_t len;
1398 ssize_t bytes_written;
1399
1400 (void)premature;
1401
1402 if(!smtp)
1403 return CURLE_OK;
1404
1405 /* Cleanup our per-request based variables */
1406 Curl_safefree(smtp->custom);
1407
1408 if(status) {
1409 connclose(conn, "SMTP done with bad status"); /* marked for closure */
1410 result = status; /* use the already set error code */
1411 }
1412 else if(!data->set.connect_only && data->set.mail_rcpt &&
1413 (data->state.upload || data->set.mimepost.kind)) {
1414 /* Calculate the EOB taking into account any terminating CRLF from the
1415 previous line of the email or the CRLF of the DATA command when there
1416 is "no mail data". RFC-5321, sect. 4.1.1.4.
1417
1418 Note: As some SSL backends, such as OpenSSL, will cause Curl_write() to
1419 fail when using a different pointer following a previous write, that
1420 returned CURLE_AGAIN, we duplicate the EOB now rather than when the
1421 bytes written doesn't equal len. */
1422 if(smtp->trailing_crlf || !data->state.infilesize) {
1423 eob = strdup(&SMTP_EOB[2]);
1424 len = SMTP_EOB_LEN - 2;
1425 }
1426 else {
1427 eob = strdup(SMTP_EOB);
1428 len = SMTP_EOB_LEN;
1429 }
1430
1431 if(!eob)
1432 return CURLE_OUT_OF_MEMORY;
1433
1434 /* Send the end of block data */
1435 result = Curl_write(data, conn->writesockfd, eob, len, &bytes_written);
1436 if(result) {
1437 free(eob);
1438 return result;
1439 }
1440
1441 if(bytes_written != len) {
1442 /* The whole chunk was not sent so keep it around and adjust the
1443 pingpong structure accordingly */
1444 pp->sendthis = eob;
1445 pp->sendsize = len;
1446 pp->sendleft = len - bytes_written;
1447 }
1448 else {
1449 /* Successfully sent so adjust the response timeout relative to now */
1450 pp->response = Curl_now();
1451
1452 free(eob);
1453 }
1454
1455 smtp_state(data, SMTP_POSTDATA);
1456
1457 /* Run the state-machine */
1458 result = smtp_block_statemach(data, conn, FALSE);
1459 }
1460
1461 /* Clear the transfer mode for the next request */
1462 smtp->transfer = PPTRANSFER_BODY;
1463
1464 return result;
1465 }
1466
1467 /***********************************************************************
1468 *
1469 * smtp_perform()
1470 *
1471 * This is the actual DO function for SMTP. Transfer a mail, send a command
1472 * or get some data according to the options previously setup.
1473 */
smtp_perform(struct Curl_easy *data, bool *connected, bool *dophase_done)1474 static CURLcode smtp_perform(struct Curl_easy *data, bool *connected,
1475 bool *dophase_done)
1476 {
1477 /* This is SMTP and no proxy */
1478 CURLcode result = CURLE_OK;
1479 struct SMTP *smtp = data->req.p.smtp;
1480
1481 DEBUGF(infof(data, "DO phase starts"));
1482
1483 if(data->req.no_body) {
1484 /* Requested no body means no transfer */
1485 smtp->transfer = PPTRANSFER_INFO;
1486 }
1487
1488 *dophase_done = FALSE; /* not done yet */
1489
1490 /* Store the first recipient (or NULL if not specified) */
1491 smtp->rcpt = data->set.mail_rcpt;
1492
1493 /* Track of whether we've successfully sent at least one RCPT TO command */
1494 smtp->rcpt_had_ok = FALSE;
1495
1496 /* Track of the last error we've received by sending RCPT TO command */
1497 smtp->rcpt_last_error = 0;
1498
1499 /* Initial data character is the first character in line: it is implicitly
1500 preceded by a virtual CRLF. */
1501 smtp->trailing_crlf = TRUE;
1502 smtp->eob = 2;
1503
1504 /* Start the first command in the DO phase */
1505 if((data->state.upload || data->set.mimepost.kind) && data->set.mail_rcpt)
1506 /* MAIL transfer */
1507 result = smtp_perform_mail(data);
1508 else
1509 /* SMTP based command (VRFY, EXPN, NOOP, RSET or HELP) */
1510 result = smtp_perform_command(data);
1511
1512 if(result)
1513 return result;
1514
1515 /* Run the state-machine */
1516 result = smtp_multi_statemach(data, dophase_done);
1517
1518 *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
1519
1520 if(*dophase_done)
1521 DEBUGF(infof(data, "DO phase is complete"));
1522
1523 return result;
1524 }
1525
1526 /***********************************************************************
1527 *
1528 * smtp_do()
1529 *
1530 * This function is registered as 'curl_do' function. It decodes the path
1531 * parts etc as a wrapper to the actual DO function (smtp_perform).
1532 *
1533 * The input argument is already checked for validity.
1534 */
smtp_do(struct Curl_easy *data, bool *done)1535 static CURLcode smtp_do(struct Curl_easy *data, bool *done)
1536 {
1537 CURLcode result = CURLE_OK;
1538 DEBUGASSERT(data);
1539 DEBUGASSERT(data->conn);
1540 *done = FALSE; /* default to false */
1541
1542 /* Parse the custom request */
1543 result = smtp_parse_custom_request(data);
1544 if(result)
1545 return result;
1546
1547 result = smtp_regular_transfer(data, done);
1548
1549 return result;
1550 }
1551
1552 /***********************************************************************
1553 *
1554 * smtp_disconnect()
1555 *
1556 * Disconnect from an SMTP server. Cleanup protocol-specific per-connection
1557 * resources. BLOCKING.
1558 */
smtp_disconnect(struct Curl_easy *data, struct connectdata *conn, bool dead_connection)1559 static CURLcode smtp_disconnect(struct Curl_easy *data,
1560 struct connectdata *conn,
1561 bool dead_connection)
1562 {
1563 struct smtp_conn *smtpc = &conn->proto.smtpc;
1564 (void)data;
1565
1566 /* We cannot send quit unconditionally. If this connection is stale or
1567 bad in any way, sending quit and waiting around here will make the
1568 disconnect wait in vain and cause more problems than we need to. */
1569
1570 if(!dead_connection && conn->bits.protoconnstart) {
1571 if(!smtp_perform_quit(data, conn))
1572 (void)smtp_block_statemach(data, conn, TRUE); /* ignore errors on QUIT */
1573 }
1574
1575 /* Disconnect from the server */
1576 Curl_pp_disconnect(&smtpc->pp);
1577
1578 /* Cleanup the SASL module */
1579 Curl_sasl_cleanup(conn, smtpc->sasl.authused);
1580
1581 /* Cleanup our connection based variables */
1582 Curl_safefree(smtpc->domain);
1583
1584 return CURLE_OK;
1585 }
1586
1587 /* Call this when the DO phase has completed */
smtp_dophase_done(struct Curl_easy *data, bool connected)1588 static CURLcode smtp_dophase_done(struct Curl_easy *data, bool connected)
1589 {
1590 struct SMTP *smtp = data->req.p.smtp;
1591
1592 (void)connected;
1593
1594 if(smtp->transfer != PPTRANSFER_BODY)
1595 /* no data to transfer */
1596 Curl_setup_transfer(data, -1, -1, FALSE, -1);
1597
1598 return CURLE_OK;
1599 }
1600
1601 /* Called from multi.c while DOing */
smtp_doing(struct Curl_easy *data, bool *dophase_done)1602 static CURLcode smtp_doing(struct Curl_easy *data, bool *dophase_done)
1603 {
1604 CURLcode result = smtp_multi_statemach(data, dophase_done);
1605
1606 if(result)
1607 DEBUGF(infof(data, "DO phase failed"));
1608 else if(*dophase_done) {
1609 result = smtp_dophase_done(data, FALSE /* not connected */);
1610
1611 DEBUGF(infof(data, "DO phase is complete"));
1612 }
1613
1614 return result;
1615 }
1616
1617 /***********************************************************************
1618 *
1619 * smtp_regular_transfer()
1620 *
1621 * The input argument is already checked for validity.
1622 *
1623 * Performs all commands done before a regular transfer between a local and a
1624 * remote host.
1625 */
smtp_regular_transfer(struct Curl_easy *data, bool *dophase_done)1626 static CURLcode smtp_regular_transfer(struct Curl_easy *data,
1627 bool *dophase_done)
1628 {
1629 CURLcode result = CURLE_OK;
1630 bool connected = FALSE;
1631
1632 /* Make sure size is unknown at this point */
1633 data->req.size = -1;
1634
1635 /* Set the progress data */
1636 Curl_pgrsSetUploadCounter(data, 0);
1637 Curl_pgrsSetDownloadCounter(data, 0);
1638 Curl_pgrsSetUploadSize(data, -1);
1639 Curl_pgrsSetDownloadSize(data, -1);
1640
1641 /* Carry out the perform */
1642 result = smtp_perform(data, &connected, dophase_done);
1643
1644 /* Perform post DO phase operations if necessary */
1645 if(!result && *dophase_done)
1646 result = smtp_dophase_done(data, connected);
1647
1648 return result;
1649 }
1650
smtp_setup_connection(struct Curl_easy *data, struct connectdata *conn)1651 static CURLcode smtp_setup_connection(struct Curl_easy *data,
1652 struct connectdata *conn)
1653 {
1654 CURLcode result;
1655
1656 /* Clear the TLS upgraded flag */
1657 conn->bits.tls_upgraded = FALSE;
1658
1659 /* Initialise the SMTP layer */
1660 result = smtp_init(data);
1661 if(result)
1662 return result;
1663
1664 return CURLE_OK;
1665 }
1666
1667 /***********************************************************************
1668 *
1669 * smtp_parse_url_options()
1670 *
1671 * Parse the URL login options.
1672 */
smtp_parse_url_options(struct connectdata *conn)1673 static CURLcode smtp_parse_url_options(struct connectdata *conn)
1674 {
1675 CURLcode result = CURLE_OK;
1676 struct smtp_conn *smtpc = &conn->proto.smtpc;
1677 const char *ptr = conn->options;
1678
1679 while(!result && ptr && *ptr) {
1680 const char *key = ptr;
1681 const char *value;
1682
1683 while(*ptr && *ptr != '=')
1684 ptr++;
1685
1686 value = ptr + 1;
1687
1688 while(*ptr && *ptr != ';')
1689 ptr++;
1690
1691 if(strncasecompare(key, "AUTH=", 5))
1692 result = Curl_sasl_parse_url_auth_option(&smtpc->sasl,
1693 value, ptr - value);
1694 else
1695 result = CURLE_URL_MALFORMAT;
1696
1697 if(*ptr == ';')
1698 ptr++;
1699 }
1700
1701 return result;
1702 }
1703
1704 /***********************************************************************
1705 *
1706 * smtp_parse_url_path()
1707 *
1708 * Parse the URL path into separate path components.
1709 */
smtp_parse_url_path(struct Curl_easy *data)1710 static CURLcode smtp_parse_url_path(struct Curl_easy *data)
1711 {
1712 /* The SMTP struct is already initialised in smtp_connect() */
1713 struct connectdata *conn = data->conn;
1714 struct smtp_conn *smtpc = &conn->proto.smtpc;
1715 const char *path = &data->state.up.path[1]; /* skip leading path */
1716 char localhost[HOSTNAME_MAX + 1];
1717
1718 /* Calculate the path if necessary */
1719 if(!*path) {
1720 if(!Curl_gethostname(localhost, sizeof(localhost)))
1721 path = localhost;
1722 else
1723 path = "localhost";
1724 }
1725
1726 /* URL decode the path and use it as the domain in our EHLO */
1727 return Curl_urldecode(path, 0, &smtpc->domain, NULL, REJECT_CTRL);
1728 }
1729
1730 /***********************************************************************
1731 *
1732 * smtp_parse_custom_request()
1733 *
1734 * Parse the custom request.
1735 */
smtp_parse_custom_request(struct Curl_easy *data)1736 static CURLcode smtp_parse_custom_request(struct Curl_easy *data)
1737 {
1738 CURLcode result = CURLE_OK;
1739 struct SMTP *smtp = data->req.p.smtp;
1740 const char *custom = data->set.str[STRING_CUSTOMREQUEST];
1741
1742 /* URL decode the custom request */
1743 if(custom)
1744 result = Curl_urldecode(custom, 0, &smtp->custom, NULL, REJECT_CTRL);
1745
1746 return result;
1747 }
1748
1749 /***********************************************************************
1750 *
1751 * smtp_parse_address()
1752 *
1753 * Parse the fully qualified mailbox address into a local address part and the
1754 * host name, converting the host name to an IDN A-label, as per RFC-5890, if
1755 * necessary.
1756 *
1757 * Parameters:
1758 *
1759 * conn [in] - The connection handle.
1760 * fqma [in] - The fully qualified mailbox address (which may or
1761 * may not contain UTF-8 characters).
1762 * address [in/out] - A new allocated buffer which holds the local
1763 * address part of the mailbox. This buffer must be
1764 * free'ed by the caller.
1765 * host [in/out] - The host name structure that holds the original,
1766 * and optionally encoded, host name.
1767 * Curl_free_idnconverted_hostname() must be called
1768 * once the caller has finished with the structure.
1769 *
1770 * Returns CURLE_OK on success.
1771 *
1772 * Notes:
1773 *
1774 * Should a UTF-8 host name require conversion to IDN ACE and we cannot honor
1775 * that conversion then we shall return success. This allow the caller to send
1776 * the data to the server as a U-label (as per RFC-6531 sect. 3.2).
1777 *
1778 * If an mailbox '@' separator cannot be located then the mailbox is considered
1779 * to be either a local mailbox or an invalid mailbox (depending on what the
1780 * calling function deems it to be) then the input will simply be returned in
1781 * the address part with the host name being NULL.
1782 */
smtp_parse_address(const char *fqma, char **address, struct hostname *host)1783 static CURLcode smtp_parse_address(const char *fqma, char **address,
1784 struct hostname *host)
1785 {
1786 CURLcode result = CURLE_OK;
1787 size_t length;
1788
1789 /* Duplicate the fully qualified email address so we can manipulate it,
1790 ensuring it doesn't contain the delimiters if specified */
1791 char *dup = strdup(fqma[0] == '<' ? fqma + 1 : fqma);
1792 if(!dup)
1793 return CURLE_OUT_OF_MEMORY;
1794
1795 length = strlen(dup);
1796 if(length) {
1797 if(dup[length - 1] == '>')
1798 dup[length - 1] = '\0';
1799 }
1800
1801 /* Extract the host name from the address (if we can) */
1802 host->name = strpbrk(dup, "@");
1803 if(host->name) {
1804 *host->name = '\0';
1805 host->name = host->name + 1;
1806
1807 /* Attempt to convert the host name to IDN ACE */
1808 (void) Curl_idnconvert_hostname(host);
1809
1810 /* If Curl_idnconvert_hostname() fails then we shall attempt to continue
1811 and send the host name using UTF-8 rather than as 7-bit ACE (which is
1812 our preference) */
1813 }
1814
1815 /* Extract the local address from the mailbox */
1816 *address = dup;
1817
1818 return result;
1819 }
1820
Curl_smtp_escape_eob(struct Curl_easy *data, const ssize_t nread, const ssize_t offset)1821 CURLcode Curl_smtp_escape_eob(struct Curl_easy *data,
1822 const ssize_t nread,
1823 const ssize_t offset)
1824 {
1825 /* When sending a SMTP payload we must detect CRLF. sequences making sure
1826 they are sent as CRLF.. instead, as a . on the beginning of a line will
1827 be deleted by the server when not part of an EOB terminator and a
1828 genuine CRLF.CRLF which isn't escaped will wrongly be detected as end of
1829 data by the server
1830 */
1831 ssize_t i;
1832 ssize_t si;
1833 struct SMTP *smtp = data->req.p.smtp;
1834 char *scratch = data->state.scratch;
1835 char *newscratch = NULL;
1836 char *oldscratch = NULL;
1837 size_t eob_sent;
1838
1839 /* Do we need to allocate a scratch buffer? */
1840 if(!scratch || data->set.crlf) {
1841 oldscratch = scratch;
1842
1843 scratch = newscratch = malloc(2 * data->set.upload_buffer_size);
1844 if(!newscratch) {
1845 failf(data, "Failed to alloc scratch buffer");
1846
1847 return CURLE_OUT_OF_MEMORY;
1848 }
1849 }
1850 DEBUGASSERT((size_t)data->set.upload_buffer_size >= (size_t)nread);
1851
1852 /* Have we already sent part of the EOB? */
1853 eob_sent = smtp->eob;
1854
1855 /* This loop can be improved by some kind of Boyer-Moore style of
1856 approach but that is saved for later... */
1857 if(offset)
1858 memcpy(scratch, data->req.upload_fromhere, offset);
1859 for(i = offset, si = offset; i < nread; i++) {
1860 if(SMTP_EOB[smtp->eob] == data->req.upload_fromhere[i]) {
1861 smtp->eob++;
1862
1863 /* Is the EOB potentially the terminating CRLF? */
1864 if(2 == smtp->eob || SMTP_EOB_LEN == smtp->eob)
1865 smtp->trailing_crlf = TRUE;
1866 else
1867 smtp->trailing_crlf = FALSE;
1868 }
1869 else if(smtp->eob) {
1870 /* A previous substring matched so output that first */
1871 memcpy(&scratch[si], &SMTP_EOB[eob_sent], smtp->eob - eob_sent);
1872 si += smtp->eob - eob_sent;
1873
1874 /* Then compare the first byte */
1875 if(SMTP_EOB[0] == data->req.upload_fromhere[i])
1876 smtp->eob = 1;
1877 else
1878 smtp->eob = 0;
1879
1880 eob_sent = 0;
1881
1882 /* Reset the trailing CRLF flag as there was more data */
1883 smtp->trailing_crlf = FALSE;
1884 }
1885
1886 /* Do we have a match for CRLF. as per RFC-5321, sect. 4.5.2 */
1887 if(SMTP_EOB_FIND_LEN == smtp->eob) {
1888 /* Copy the replacement data to the target buffer */
1889 memcpy(&scratch[si], &SMTP_EOB_REPL[eob_sent],
1890 SMTP_EOB_REPL_LEN - eob_sent);
1891 si += SMTP_EOB_REPL_LEN - eob_sent;
1892 smtp->eob = 0;
1893 eob_sent = 0;
1894 }
1895 else if(!smtp->eob)
1896 scratch[si++] = data->req.upload_fromhere[i];
1897 }
1898
1899 if(smtp->eob - eob_sent) {
1900 /* A substring matched before processing ended so output that now */
1901 memcpy(&scratch[si], &SMTP_EOB[eob_sent], smtp->eob - eob_sent);
1902 si += smtp->eob - eob_sent;
1903 }
1904
1905 /* Only use the new buffer if we replaced something */
1906 if(si != nread) {
1907 /* Upload from the new (replaced) buffer instead */
1908 data->req.upload_fromhere = scratch;
1909
1910 /* Save the buffer so it can be freed later */
1911 data->state.scratch = scratch;
1912
1913 /* Free the old scratch buffer */
1914 free(oldscratch);
1915
1916 /* Set the new amount too */
1917 data->req.upload_present = si;
1918 }
1919 else
1920 free(newscratch);
1921
1922 return CURLE_OK;
1923 }
1924
1925 #endif /* CURL_DISABLE_SMTP */
1926