1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 * RFC1870 SMTP Service Extension for Message Size
24 * RFC2195 CRAM-MD5 authentication
25 * RFC2831 DIGEST-MD5 authentication
26 * RFC3207 SMTP over TLS
27 * RFC4422 Simple Authentication and Security Layer (SASL)
28 * RFC4616 PLAIN authentication
29 * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism
30 * RFC4954 SMTP Authentication
31 * RFC5321 SMTP protocol
32 * RFC5890 Internationalized Domain Names for Applications (IDNA)
33 * RFC6531 SMTP Extension for Internationalized Email
34 * RFC6532 Internationalized Email Headers
35 * RFC6749 OAuth 2.0 Authorization Framework
36 * RFC8314 Use of TLS for Email Submission and Access
37 * Draft SMTP URL Interface <draft-earhart-url-smtp-00.txt>
38 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
39 *
40 ***************************************************************************/
41
42 #include "curl_setup.h"
43
44 #ifndef CURL_DISABLE_SMTP
45
46 #ifdef HAVE_NETINET_IN_H
47 #include <netinet/in.h>
48 #endif
49 #ifdef HAVE_ARPA_INET_H
50 #include <arpa/inet.h>
51 #endif
52 #ifdef HAVE_NETDB_H
53 #include <netdb.h>
54 #endif
55 #ifdef __VMS
56 #include <in.h>
57 #include <inet.h>
58 #endif
59
60 #include <curl/curl.h>
61 #include "urldata.h"
62 #include "sendf.h"
63 #include "hostip.h"
64 #include "progress.h"
65 #include "transfer.h"
66 #include "escape.h"
67 #include "http.h" /* for HTTP proxy tunnel stuff */
68 #include "mime.h"
69 #include "socks.h"
70 #include "smtp.h"
71 #include "strtoofft.h"
72 #include "strcase.h"
73 #include "vtls/vtls.h"
74 #include "cfilters.h"
75 #include "connect.h"
76 #include "select.h"
77 #include "multiif.h"
78 #include "url.h"
79 #include "curl_gethostname.h"
80 #include "bufref.h"
81 #include "curl_sasl.h"
82 #include "warnless.h"
83 #include "idn.h"
84 /* The last 3 #include files should be in this order */
85 #include "curl_printf.h"
86 #include "curl_memory.h"
87 #include "memdebug.h"
88
89 /* Local API functions */
90 static CURLcode smtp_regular_transfer(struct Curl_easy *data, bool *done);
91 static CURLcode smtp_do(struct Curl_easy *data, bool *done);
92 static CURLcode smtp_done(struct Curl_easy *data, CURLcode status,
93 bool premature);
94 static CURLcode smtp_connect(struct Curl_easy *data, bool *done);
95 static CURLcode smtp_disconnect(struct Curl_easy *data,
96 struct connectdata *conn, bool dead);
97 static CURLcode smtp_multi_statemach(struct Curl_easy *data, bool *done);
98 static int smtp_getsock(struct Curl_easy *data,
99 struct connectdata *conn, curl_socket_t *socks);
100 static CURLcode smtp_doing(struct Curl_easy *data, bool *dophase_done);
101 static CURLcode smtp_setup_connection(struct Curl_easy *data,
102 struct connectdata *conn);
103 static CURLcode smtp_parse_url_options(struct connectdata *conn);
104 static CURLcode smtp_parse_url_path(struct Curl_easy *data);
105 static CURLcode smtp_parse_custom_request(struct Curl_easy *data);
106 static CURLcode smtp_parse_address(const char *fqma,
107 char **address, struct hostname *host);
108 static CURLcode smtp_perform_auth(struct Curl_easy *data, const char *mech,
109 const struct bufref *initresp);
110 static CURLcode smtp_continue_auth(struct Curl_easy *data, const char *mech,
111 const struct bufref *resp);
112 static CURLcode smtp_cancel_auth(struct Curl_easy *data, const char *mech);
113 static CURLcode smtp_get_message(struct Curl_easy *data, struct bufref *out);
114 static CURLcode cr_eob_add(struct Curl_easy *data);
115
116 /*
117 * SMTP protocol handler.
118 */
119
120 const struct Curl_handler Curl_handler_smtp = {
121 "smtp", /* scheme */
122 smtp_setup_connection, /* setup_connection */
123 smtp_do, /* do_it */
124 smtp_done, /* done */
125 ZERO_NULL, /* do_more */
126 smtp_connect, /* connect_it */
127 smtp_multi_statemach, /* connecting */
128 smtp_doing, /* doing */
129 smtp_getsock, /* proto_getsock */
130 smtp_getsock, /* doing_getsock */
131 ZERO_NULL, /* domore_getsock */
132 ZERO_NULL, /* perform_getsock */
133 smtp_disconnect, /* disconnect */
134 ZERO_NULL, /* write_resp */
135 ZERO_NULL, /* write_resp_hd */
136 ZERO_NULL, /* connection_check */
137 ZERO_NULL, /* attach connection */
138 PORT_SMTP, /* defport */
139 CURLPROTO_SMTP, /* protocol */
140 CURLPROTO_SMTP, /* family */
141 PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
142 PROTOPT_URLOPTIONS
143 };
144
145 #ifdef USE_SSL
146 /*
147 * SMTPS protocol handler.
148 */
149
150 const struct Curl_handler Curl_handler_smtps = {
151 "smtps", /* scheme */
152 smtp_setup_connection, /* setup_connection */
153 smtp_do, /* do_it */
154 smtp_done, /* done */
155 ZERO_NULL, /* do_more */
156 smtp_connect, /* connect_it */
157 smtp_multi_statemach, /* connecting */
158 smtp_doing, /* doing */
159 smtp_getsock, /* proto_getsock */
160 smtp_getsock, /* doing_getsock */
161 ZERO_NULL, /* domore_getsock */
162 ZERO_NULL, /* perform_getsock */
163 smtp_disconnect, /* disconnect */
164 ZERO_NULL, /* write_resp */
165 ZERO_NULL, /* write_resp_hd */
166 ZERO_NULL, /* connection_check */
167 ZERO_NULL, /* attach connection */
168 PORT_SMTPS, /* defport */
169 CURLPROTO_SMTPS, /* protocol */
170 CURLPROTO_SMTP, /* family */
171 PROTOPT_CLOSEACTION | PROTOPT_SSL
172 | PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS /* flags */
173 };
174 #endif
175
176 /* SASL parameters for the smtp protocol */
177 static const struct SASLproto saslsmtp = {
178 "smtp", /* The service name */
179 smtp_perform_auth, /* Send authentication command */
180 smtp_continue_auth, /* Send authentication continuation */
181 smtp_cancel_auth, /* Cancel authentication */
182 smtp_get_message, /* Get SASL response message */
183 512 - 8, /* Max line len - strlen("AUTH ") - 1 space - crlf */
184 334, /* Code received when continuation is expected */
185 235, /* Code to receive upon authentication success */
186 SASL_AUTH_DEFAULT, /* Default mechanisms */
187 SASL_FLAG_BASE64 /* Configuration flags */
188 };
189
190 #ifdef USE_SSL
smtp_to_smtps(struct connectdata * conn)191 static void smtp_to_smtps(struct connectdata *conn)
192 {
193 /* Change the connection handler */
194 conn->handler = &Curl_handler_smtps;
195
196 /* Set the connection's upgraded to TLS flag */
197 conn->bits.tls_upgraded = TRUE;
198 }
199 #else
200 #define smtp_to_smtps(x) Curl_nop_stmt
201 #endif
202
203 /***********************************************************************
204 *
205 * smtp_endofresp()
206 *
207 * Checks for an ending SMTP status code at the start of the given string, but
208 * also detects various capabilities from the EHLO response including the
209 * supported authentication mechanisms.
210 */
smtp_endofresp(struct Curl_easy * data,struct connectdata * conn,char * line,size_t len,int * resp)211 static bool smtp_endofresp(struct Curl_easy *data, struct connectdata *conn,
212 char *line, size_t len, int *resp)
213 {
214 struct smtp_conn *smtpc = &conn->proto.smtpc;
215 bool result = FALSE;
216 (void)data;
217
218 /* Nothing for us */
219 if(len < 4 || !ISDIGIT(line[0]) || !ISDIGIT(line[1]) || !ISDIGIT(line[2]))
220 return FALSE;
221
222 /* Do we have a command response? This should be the response code followed
223 by a space and optionally some text as per RFC-5321 and as outlined in
224 Section 4. Examples of RFC-4954 but some email servers ignore this and
225 only send the response code instead as per Section 4.2. */
226 if(line[3] == ' ' || len == 5) {
227 char tmpline[6];
228
229 result = TRUE;
230 memset(tmpline, '\0', sizeof(tmpline));
231 memcpy(tmpline, line, (len == 5 ? 5 : 3));
232 *resp = curlx_sltosi(strtol(tmpline, NULL, 10));
233
234 /* Make sure real server never sends internal value */
235 if(*resp == 1)
236 *resp = 0;
237 }
238 /* Do we have a multiline (continuation) response? */
239 else if(line[3] == '-' &&
240 (smtpc->state == SMTP_EHLO || smtpc->state == SMTP_COMMAND)) {
241 result = TRUE;
242 *resp = 1; /* Internal response code */
243 }
244
245 return result;
246 }
247
248 /***********************************************************************
249 *
250 * smtp_get_message()
251 *
252 * Gets the authentication message from the response buffer.
253 */
smtp_get_message(struct Curl_easy * data,struct bufref * out)254 static CURLcode smtp_get_message(struct Curl_easy *data, struct bufref *out)
255 {
256 char *message = Curl_dyn_ptr(&data->conn->proto.smtpc.pp.recvbuf);
257 size_t len = data->conn->proto.smtpc.pp.nfinal;
258
259 if(len > 4) {
260 /* Find the start of the message */
261 len -= 4;
262 for(message += 4; *message == ' ' || *message == '\t'; message++, len--)
263 ;
264
265 /* Find the end of the message */
266 while(len--)
267 if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' &&
268 message[len] != '\t')
269 break;
270
271 /* Terminate the message */
272 message[++len] = '\0';
273 Curl_bufref_set(out, message, len, NULL);
274 }
275 else
276 /* junk input => zero length output */
277 Curl_bufref_set(out, "", 0, NULL);
278
279 return CURLE_OK;
280 }
281
282 /***********************************************************************
283 *
284 * smtp_state()
285 *
286 * This is the ONLY way to change SMTP state!
287 */
smtp_state(struct Curl_easy * data,smtpstate newstate)288 static void smtp_state(struct Curl_easy *data, smtpstate newstate)
289 {
290 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
291 #if !defined(CURL_DISABLE_VERBOSE_STRINGS)
292 /* for debug purposes */
293 static const char * const names[] = {
294 "STOP",
295 "SERVERGREET",
296 "EHLO",
297 "HELO",
298 "STARTTLS",
299 "UPGRADETLS",
300 "AUTH",
301 "COMMAND",
302 "MAIL",
303 "RCPT",
304 "DATA",
305 "POSTDATA",
306 "QUIT",
307 /* LAST */
308 };
309
310 if(smtpc->state != newstate)
311 CURL_TRC_SMTP(data, "state change from %s to %s",
312 names[smtpc->state], names[newstate]);
313 #endif
314
315 smtpc->state = newstate;
316 }
317
318 /***********************************************************************
319 *
320 * smtp_perform_ehlo()
321 *
322 * Sends the EHLO command to not only initialise communication with the ESMTP
323 * server but to also obtain a list of server side supported capabilities.
324 */
smtp_perform_ehlo(struct Curl_easy * data)325 static CURLcode smtp_perform_ehlo(struct Curl_easy *data)
326 {
327 CURLcode result = CURLE_OK;
328 struct connectdata *conn = data->conn;
329 struct smtp_conn *smtpc = &conn->proto.smtpc;
330
331 smtpc->sasl.authmechs = SASL_AUTH_NONE; /* No known auth. mechanism yet */
332 smtpc->sasl.authused = SASL_AUTH_NONE; /* Clear the authentication mechanism
333 used for esmtp connections */
334 smtpc->tls_supported = FALSE; /* Clear the TLS capability */
335 smtpc->auth_supported = FALSE; /* Clear the AUTH capability */
336
337 /* Send the EHLO command */
338 result = Curl_pp_sendf(data, &smtpc->pp, "EHLO %s", smtpc->domain);
339
340 if(!result)
341 smtp_state(data, SMTP_EHLO);
342
343 return result;
344 }
345
346 /***********************************************************************
347 *
348 * smtp_perform_helo()
349 *
350 * Sends the HELO command to initialise communication with the SMTP server.
351 */
smtp_perform_helo(struct Curl_easy * data,struct connectdata * conn)352 static CURLcode smtp_perform_helo(struct Curl_easy *data,
353 struct connectdata *conn)
354 {
355 CURLcode result = CURLE_OK;
356 struct smtp_conn *smtpc = &conn->proto.smtpc;
357
358 smtpc->sasl.authused = SASL_AUTH_NONE; /* No authentication mechanism used
359 in smtp connections */
360
361 /* Send the HELO command */
362 result = Curl_pp_sendf(data, &smtpc->pp, "HELO %s", smtpc->domain);
363
364 if(!result)
365 smtp_state(data, SMTP_HELO);
366
367 return result;
368 }
369
370 /***********************************************************************
371 *
372 * smtp_perform_starttls()
373 *
374 * Sends the STLS command to start the upgrade to TLS.
375 */
smtp_perform_starttls(struct Curl_easy * data,struct connectdata * conn)376 static CURLcode smtp_perform_starttls(struct Curl_easy *data,
377 struct connectdata *conn)
378 {
379 /* Send the STARTTLS command */
380 CURLcode result = Curl_pp_sendf(data, &conn->proto.smtpc.pp,
381 "%s", "STARTTLS");
382
383 if(!result)
384 smtp_state(data, SMTP_STARTTLS);
385
386 return result;
387 }
388
389 /***********************************************************************
390 *
391 * smtp_perform_upgrade_tls()
392 *
393 * Performs the upgrade to TLS.
394 */
smtp_perform_upgrade_tls(struct Curl_easy * data)395 static CURLcode smtp_perform_upgrade_tls(struct Curl_easy *data)
396 {
397 /* Start the SSL connection */
398 struct connectdata *conn = data->conn;
399 struct smtp_conn *smtpc = &conn->proto.smtpc;
400 CURLcode result;
401 bool ssldone = FALSE;
402
403 if(!Curl_conn_is_ssl(conn, FIRSTSOCKET)) {
404 result = Curl_ssl_cfilter_add(data, conn, FIRSTSOCKET);
405 if(result)
406 goto out;
407 }
408
409 result = Curl_conn_connect(data, FIRSTSOCKET, FALSE, &ssldone);
410 if(!result) {
411 smtpc->ssldone = ssldone;
412 if(smtpc->state != SMTP_UPGRADETLS)
413 smtp_state(data, SMTP_UPGRADETLS);
414
415 if(smtpc->ssldone) {
416 smtp_to_smtps(conn);
417 result = smtp_perform_ehlo(data);
418 }
419 }
420 out:
421 return result;
422 }
423
424 /***********************************************************************
425 *
426 * smtp_perform_auth()
427 *
428 * Sends an AUTH command allowing the client to login with the given SASL
429 * authentication mechanism.
430 */
smtp_perform_auth(struct Curl_easy * data,const char * mech,const struct bufref * initresp)431 static CURLcode smtp_perform_auth(struct Curl_easy *data,
432 const char *mech,
433 const struct bufref *initresp)
434 {
435 CURLcode result = CURLE_OK;
436 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
437 const char *ir = (const char *) Curl_bufref_ptr(initresp);
438
439 if(ir) { /* AUTH <mech> ...<crlf> */
440 /* Send the AUTH command with the initial response */
441 result = Curl_pp_sendf(data, &smtpc->pp, "AUTH %s %s", mech, ir);
442 }
443 else {
444 /* Send the AUTH command */
445 result = Curl_pp_sendf(data, &smtpc->pp, "AUTH %s", mech);
446 }
447
448 return result;
449 }
450
451 /***********************************************************************
452 *
453 * smtp_continue_auth()
454 *
455 * Sends SASL continuation data.
456 */
smtp_continue_auth(struct Curl_easy * data,const char * mech,const struct bufref * resp)457 static CURLcode smtp_continue_auth(struct Curl_easy *data,
458 const char *mech,
459 const struct bufref *resp)
460 {
461 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
462
463 (void)mech;
464
465 return Curl_pp_sendf(data, &smtpc->pp,
466 "%s", (const char *) Curl_bufref_ptr(resp));
467 }
468
469 /***********************************************************************
470 *
471 * smtp_cancel_auth()
472 *
473 * Sends SASL cancellation.
474 */
smtp_cancel_auth(struct Curl_easy * data,const char * mech)475 static CURLcode smtp_cancel_auth(struct Curl_easy *data, const char *mech)
476 {
477 struct smtp_conn *smtpc = &data->conn->proto.smtpc;
478
479 (void)mech;
480
481 return Curl_pp_sendf(data, &smtpc->pp, "*");
482 }
483
484 /***********************************************************************
485 *
486 * smtp_perform_authentication()
487 *
488 * Initiates the authentication sequence, with the appropriate SASL
489 * authentication mechanism.
490 */
smtp_perform_authentication(struct Curl_easy * data)491 static CURLcode smtp_perform_authentication(struct Curl_easy *data)
492 {
493 CURLcode result = CURLE_OK;
494 struct connectdata *conn = data->conn;
495 struct smtp_conn *smtpc = &conn->proto.smtpc;
496 saslprogress progress;
497
498 /* Check we have enough data to authenticate with, and the
499 server supports authentication, and end the connect phase if not */
500 if(!smtpc->auth_supported ||
501 !Curl_sasl_can_authenticate(&smtpc->sasl, data)) {
502 smtp_state(data, SMTP_STOP);
503 return result;
504 }
505
506 /* Calculate the SASL login details */
507 result = Curl_sasl_start(&smtpc->sasl, data, FALSE, &progress);
508
509 if(!result) {
510 if(progress == SASL_INPROGRESS)
511 smtp_state(data, SMTP_AUTH);
512 else {
513 /* Other mechanisms not supported */
514 infof(data, "No known authentication mechanisms supported");
515 result = CURLE_LOGIN_DENIED;
516 }
517 }
518
519 return result;
520 }
521
522 /***********************************************************************
523 *
524 * smtp_perform_command()
525 *
526 * Sends a SMTP based command.
527 */
smtp_perform_command(struct Curl_easy * data)528 static CURLcode smtp_perform_command(struct Curl_easy *data)
529 {
530 CURLcode result = CURLE_OK;
531 struct connectdata *conn = data->conn;
532 struct SMTP *smtp = data->req.p.smtp;
533
534 if(smtp->rcpt) {
535 /* We notify the server we are sending UTF-8 data if a) it supports the
536 SMTPUTF8 extension and b) The mailbox contains UTF-8 characters, in
537 either the local address or hostname parts. This is regardless of
538 whether the hostname is encoded using IDN ACE */
539 bool utf8 = FALSE;
540
541 if((!smtp->custom) || (!smtp->custom[0])) {
542 char *address = NULL;
543 struct hostname host = { NULL, NULL, NULL, NULL };
544
545 /* Parse the mailbox to verify into the local address and hostname
546 parts, converting the hostname to an IDN A-label if necessary */
547 result = smtp_parse_address(smtp->rcpt->data,
548 &address, &host);
549 if(result)
550 return result;
551
552 /* Establish whether we should report SMTPUTF8 to the server for this
553 mailbox as per RFC-6531 sect. 3.1 point 6 */
554 utf8 = (conn->proto.smtpc.utf8_supported) &&
555 ((host.encalloc) || (!Curl_is_ASCII_name(address)) ||
556 (!Curl_is_ASCII_name(host.name)));
557
558 /* Send the VRFY command (Note: The hostname part may be absent when the
559 host is a local system) */
560 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "VRFY %s%s%s%s",
561 address,
562 host.name ? "@" : "",
563 host.name ? host.name : "",
564 utf8 ? " SMTPUTF8" : "");
565
566 Curl_free_idnconverted_hostname(&host);
567 free(address);
568 }
569 else {
570 /* Establish whether we should report that we support SMTPUTF8 for EXPN
571 commands to the server as per RFC-6531 sect. 3.1 point 6 */
572 utf8 = (conn->proto.smtpc.utf8_supported) &&
573 (!strcmp(smtp->custom, "EXPN"));
574
575 /* Send the custom recipient based command such as the EXPN command */
576 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp,
577 "%s %s%s", smtp->custom,
578 smtp->rcpt->data,
579 utf8 ? " SMTPUTF8" : "");
580 }
581 }
582 else
583 /* Send the non-recipient based command such as HELP */
584 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "%s",
585 smtp->custom && smtp->custom[0] != '\0' ?
586 smtp->custom : "HELP");
587
588 if(!result)
589 smtp_state(data, SMTP_COMMAND);
590
591 return result;
592 }
593
594 /***********************************************************************
595 *
596 * smtp_perform_mail()
597 *
598 * Sends an MAIL command to initiate the upload of a message.
599 */
smtp_perform_mail(struct Curl_easy * data)600 static CURLcode smtp_perform_mail(struct Curl_easy *data)
601 {
602 char *from = NULL;
603 char *auth = NULL;
604 char *size = NULL;
605 CURLcode result = CURLE_OK;
606 struct connectdata *conn = data->conn;
607
608 /* We notify the server we are sending UTF-8 data if a) it supports the
609 SMTPUTF8 extension and b) The mailbox contains UTF-8 characters, in
610 either the local address or hostname parts. This is regardless of
611 whether the hostname is encoded using IDN ACE */
612 bool utf8 = FALSE;
613
614 /* Calculate the FROM parameter */
615 if(data->set.str[STRING_MAIL_FROM]) {
616 char *address = NULL;
617 struct hostname host = { NULL, NULL, NULL, NULL };
618
619 /* Parse the FROM mailbox into the local address and hostname parts,
620 converting the hostname to an IDN A-label if necessary */
621 result = smtp_parse_address(data->set.str[STRING_MAIL_FROM],
622 &address, &host);
623 if(result)
624 goto out;
625
626 /* Establish whether we should report SMTPUTF8 to the server for this
627 mailbox as per RFC-6531 sect. 3.1 point 4 and sect. 3.4 */
628 utf8 = (conn->proto.smtpc.utf8_supported) &&
629 ((host.encalloc) || (!Curl_is_ASCII_name(address)) ||
630 (!Curl_is_ASCII_name(host.name)));
631
632 if(host.name) {
633 from = aprintf("<%s@%s>", address, host.name);
634
635 Curl_free_idnconverted_hostname(&host);
636 }
637 else
638 /* An invalid mailbox was provided but we will simply let the server
639 worry about that and reply with a 501 error */
640 from = aprintf("<%s>", address);
641
642 free(address);
643 }
644 else
645 /* Null reverse-path, RFC-5321, sect. 3.6.3 */
646 from = strdup("<>");
647
648 if(!from) {
649 result = CURLE_OUT_OF_MEMORY;
650 goto out;
651 }
652
653 /* Calculate the optional AUTH parameter */
654 if(data->set.str[STRING_MAIL_AUTH] && conn->proto.smtpc.sasl.authused) {
655 if(data->set.str[STRING_MAIL_AUTH][0] != '\0') {
656 char *address = NULL;
657 struct hostname host = { NULL, NULL, NULL, NULL };
658
659 /* Parse the AUTH mailbox into the local address and hostname parts,
660 converting the hostname to an IDN A-label if necessary */
661 result = smtp_parse_address(data->set.str[STRING_MAIL_AUTH],
662 &address, &host);
663 if(result)
664 goto out;
665
666 /* Establish whether we should report SMTPUTF8 to the server for this
667 mailbox as per RFC-6531 sect. 3.1 point 4 and sect. 3.4 */
668 if((!utf8) && (conn->proto.smtpc.utf8_supported) &&
669 ((host.encalloc) || (!Curl_is_ASCII_name(address)) ||
670 (!Curl_is_ASCII_name(host.name))))
671 utf8 = TRUE;
672
673 if(host.name) {
674 auth = aprintf("<%s@%s>", address, host.name);
675
676 Curl_free_idnconverted_hostname(&host);
677 }
678 else
679 /* An invalid mailbox was provided but we will simply let the server
680 worry about it */
681 auth = aprintf("<%s>", address);
682 free(address);
683 }
684 else
685 /* Empty AUTH, RFC-2554, sect. 5 */
686 auth = strdup("<>");
687
688 if(!auth) {
689 result = CURLE_OUT_OF_MEMORY;
690 goto out;
691 }
692 }
693
694 #ifndef CURL_DISABLE_MIME
695 /* Prepare the mime data if some. */
696 if(data->set.mimepost.kind != MIMEKIND_NONE) {
697 /* Use the whole structure as data. */
698 data->set.mimepost.flags &= ~(unsigned int)MIME_BODY_ONLY;
699
700 /* Add external headers and mime version. */
701 curl_mime_headers(&data->set.mimepost, data->set.headers, 0);
702 result = Curl_mime_prepare_headers(data, &data->set.mimepost, NULL,
703 NULL, MIMESTRATEGY_MAIL);
704
705 if(!result)
706 if(!Curl_checkheaders(data, STRCONST("Mime-Version")))
707 result = Curl_mime_add_header(&data->set.mimepost.curlheaders,
708 "Mime-Version: 1.0");
709
710 if(!result)
711 result = Curl_creader_set_mime(data, &data->set.mimepost);
712 if(result)
713 goto out;
714 data->state.infilesize = Curl_creader_total_length(data);
715 }
716 else
717 #endif
718 {
719 result = Curl_creader_set_fread(data, data->state.infilesize);
720 if(result)
721 goto out;
722 }
723
724 /* Calculate the optional SIZE parameter */
725 if(conn->proto.smtpc.size_supported && data->state.infilesize > 0) {
726 size = aprintf("%" FMT_OFF_T, data->state.infilesize);
727
728 if(!size) {
729 result = CURLE_OUT_OF_MEMORY;
730 goto out;
731 }
732 }
733
734 /* If the mailboxes in the FROM and AUTH parameters do not include a UTF-8
735 based address then quickly scan through the recipient list and check if
736 any there do, as we need to correctly identify our support for SMTPUTF8
737 in the envelope, as per RFC-6531 sect. 3.4 */
738 if(conn->proto.smtpc.utf8_supported && !utf8) {
739 struct SMTP *smtp = data->req.p.smtp;
740 struct curl_slist *rcpt = smtp->rcpt;
741
742 while(rcpt && !utf8) {
743 /* Does the hostname contain non-ASCII characters? */
744 if(!Curl_is_ASCII_name(rcpt->data))
745 utf8 = TRUE;
746
747 rcpt = rcpt->next;
748 }
749 }
750
751 /* Add the client reader doing STMP EOB escaping */
752 result = cr_eob_add(data);
753 if(result)
754 goto out;
755
756 /* Send the MAIL command */
757 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp,
758 "MAIL FROM:%s%s%s%s%s%s",
759 from, /* Mandatory */
760 auth ? " AUTH=" : "", /* Optional on AUTH support */
761 auth ? auth : "", /* */
762 size ? " SIZE=" : "", /* Optional on SIZE support */
763 size ? size : "", /* */
764 utf8 ? " SMTPUTF8" /* Internationalised mailbox */
765 : ""); /* included in our envelope */
766
767 out:
768 free(from);
769 free(auth);
770 free(size);
771
772 if(!result)
773 smtp_state(data, SMTP_MAIL);
774
775 return result;
776 }
777
778 /***********************************************************************
779 *
780 * smtp_perform_rcpt_to()
781 *
782 * Sends a RCPT TO command for a given recipient as part of the message upload
783 * process.
784 */
smtp_perform_rcpt_to(struct Curl_easy * data)785 static CURLcode smtp_perform_rcpt_to(struct Curl_easy *data)
786 {
787 CURLcode result = CURLE_OK;
788 struct connectdata *conn = data->conn;
789 struct SMTP *smtp = data->req.p.smtp;
790 char *address = NULL;
791 struct hostname host = { NULL, NULL, NULL, NULL };
792
793 /* Parse the recipient mailbox into the local address and hostname parts,
794 converting the hostname to an IDN A-label if necessary */
795 result = smtp_parse_address(smtp->rcpt->data,
796 &address, &host);
797 if(result)
798 return result;
799
800 /* Send the RCPT TO command */
801 if(host.name)
802 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "RCPT TO:<%s@%s>",
803 address, host.name);
804 else
805 /* An invalid mailbox was provided but we will simply let the server worry
806 about that and reply with a 501 error */
807 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "RCPT TO:<%s>",
808 address);
809
810 Curl_free_idnconverted_hostname(&host);
811 free(address);
812
813 if(!result)
814 smtp_state(data, SMTP_RCPT);
815
816 return result;
817 }
818
819 /***********************************************************************
820 *
821 * smtp_perform_quit()
822 *
823 * Performs the quit action prior to sclose() being called.
824 */
smtp_perform_quit(struct Curl_easy * data,struct connectdata * conn)825 static CURLcode smtp_perform_quit(struct Curl_easy *data,
826 struct connectdata *conn)
827 {
828 /* Send the QUIT command */
829 CURLcode result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "%s", "QUIT");
830
831 if(!result)
832 smtp_state(data, SMTP_QUIT);
833
834 return result;
835 }
836
837 /* For the initial server greeting */
smtp_state_servergreet_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)838 static CURLcode smtp_state_servergreet_resp(struct Curl_easy *data,
839 int smtpcode,
840 smtpstate instate)
841 {
842 CURLcode result = CURLE_OK;
843 (void)instate; /* no use for this yet */
844
845 if(smtpcode/100 != 2) {
846 failf(data, "Got unexpected smtp-server response: %d", smtpcode);
847 result = CURLE_WEIRD_SERVER_REPLY;
848 }
849 else
850 result = smtp_perform_ehlo(data);
851
852 return result;
853 }
854
855 /* For STARTTLS responses */
smtp_state_starttls_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)856 static CURLcode smtp_state_starttls_resp(struct Curl_easy *data,
857 int smtpcode,
858 smtpstate instate)
859 {
860 CURLcode result = CURLE_OK;
861 (void)instate; /* no use for this yet */
862
863 /* Pipelining in response is forbidden. */
864 if(data->conn->proto.smtpc.pp.overflow)
865 return CURLE_WEIRD_SERVER_REPLY;
866
867 if(smtpcode != 220) {
868 if(data->set.use_ssl != CURLUSESSL_TRY) {
869 failf(data, "STARTTLS denied, code %d", smtpcode);
870 result = CURLE_USE_SSL_FAILED;
871 }
872 else
873 result = smtp_perform_authentication(data);
874 }
875 else
876 result = smtp_perform_upgrade_tls(data);
877
878 return result;
879 }
880
881 /* For EHLO responses */
smtp_state_ehlo_resp(struct Curl_easy * data,struct connectdata * conn,int smtpcode,smtpstate instate)882 static CURLcode smtp_state_ehlo_resp(struct Curl_easy *data,
883 struct connectdata *conn, int smtpcode,
884 smtpstate instate)
885 {
886 CURLcode result = CURLE_OK;
887 struct smtp_conn *smtpc = &conn->proto.smtpc;
888 const char *line = Curl_dyn_ptr(&smtpc->pp.recvbuf);
889 size_t len = smtpc->pp.nfinal;
890
891 (void)instate; /* no use for this yet */
892
893 if(smtpcode/100 != 2 && smtpcode != 1) {
894 if(data->set.use_ssl <= CURLUSESSL_TRY
895 || Curl_conn_is_ssl(conn, FIRSTSOCKET))
896 result = smtp_perform_helo(data, conn);
897 else {
898 failf(data, "Remote access denied: %d", smtpcode);
899 result = CURLE_REMOTE_ACCESS_DENIED;
900 }
901 }
902 else if(len >= 4) {
903 line += 4;
904 len -= 4;
905
906 /* Does the server support the STARTTLS capability? */
907 if(len >= 8 && !memcmp(line, "STARTTLS", 8))
908 smtpc->tls_supported = TRUE;
909
910 /* Does the server support the SIZE capability? */
911 else if(len >= 4 && !memcmp(line, "SIZE", 4))
912 smtpc->size_supported = TRUE;
913
914 /* Does the server support the UTF-8 capability? */
915 else if(len >= 8 && !memcmp(line, "SMTPUTF8", 8))
916 smtpc->utf8_supported = TRUE;
917
918 /* Does the server support authentication? */
919 else if(len >= 5 && !memcmp(line, "AUTH ", 5)) {
920 smtpc->auth_supported = TRUE;
921
922 /* Advance past the AUTH keyword */
923 line += 5;
924 len -= 5;
925
926 /* Loop through the data line */
927 for(;;) {
928 size_t llen;
929 size_t wordlen;
930 unsigned short mechbit;
931
932 while(len &&
933 (*line == ' ' || *line == '\t' ||
934 *line == '\r' || *line == '\n')) {
935
936 line++;
937 len--;
938 }
939
940 if(!len)
941 break;
942
943 /* Extract the word */
944 for(wordlen = 0; wordlen < len && line[wordlen] != ' ' &&
945 line[wordlen] != '\t' && line[wordlen] != '\r' &&
946 line[wordlen] != '\n';)
947 wordlen++;
948
949 /* Test the word for a matching authentication mechanism */
950 mechbit = Curl_sasl_decode_mech(line, wordlen, &llen);
951 if(mechbit && llen == wordlen)
952 smtpc->sasl.authmechs |= mechbit;
953
954 line += wordlen;
955 len -= wordlen;
956 }
957 }
958
959 if(smtpcode != 1) {
960 if(data->set.use_ssl && !Curl_conn_is_ssl(conn, FIRSTSOCKET)) {
961 /* We do not have a SSL/TLS connection yet, but SSL is requested */
962 if(smtpc->tls_supported)
963 /* Switch to TLS connection now */
964 result = smtp_perform_starttls(data, conn);
965 else if(data->set.use_ssl == CURLUSESSL_TRY)
966 /* Fallback and carry on with authentication */
967 result = smtp_perform_authentication(data);
968 else {
969 failf(data, "STARTTLS not supported.");
970 result = CURLE_USE_SSL_FAILED;
971 }
972 }
973 else
974 result = smtp_perform_authentication(data);
975 }
976 }
977 else {
978 failf(data, "Unexpectedly short EHLO response");
979 result = CURLE_WEIRD_SERVER_REPLY;
980 }
981
982 return result;
983 }
984
985 /* For HELO responses */
smtp_state_helo_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)986 static CURLcode smtp_state_helo_resp(struct Curl_easy *data, int smtpcode,
987 smtpstate instate)
988 {
989 CURLcode result = CURLE_OK;
990 (void)instate; /* no use for this yet */
991
992 if(smtpcode/100 != 2) {
993 failf(data, "Remote access denied: %d", smtpcode);
994 result = CURLE_REMOTE_ACCESS_DENIED;
995 }
996 else
997 /* End of connect phase */
998 smtp_state(data, SMTP_STOP);
999
1000 return result;
1001 }
1002
1003 /* For SASL authentication responses */
smtp_state_auth_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)1004 static CURLcode smtp_state_auth_resp(struct Curl_easy *data,
1005 int smtpcode,
1006 smtpstate instate)
1007 {
1008 CURLcode result = CURLE_OK;
1009 struct connectdata *conn = data->conn;
1010 struct smtp_conn *smtpc = &conn->proto.smtpc;
1011 saslprogress progress;
1012
1013 (void)instate; /* no use for this yet */
1014
1015 result = Curl_sasl_continue(&smtpc->sasl, data, smtpcode, &progress);
1016 if(!result)
1017 switch(progress) {
1018 case SASL_DONE:
1019 smtp_state(data, SMTP_STOP); /* Authenticated */
1020 break;
1021 case SASL_IDLE: /* No mechanism left after cancellation */
1022 failf(data, "Authentication cancelled");
1023 result = CURLE_LOGIN_DENIED;
1024 break;
1025 default:
1026 break;
1027 }
1028
1029 return result;
1030 }
1031
1032 /* For command responses */
smtp_state_command_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)1033 static CURLcode smtp_state_command_resp(struct Curl_easy *data, int smtpcode,
1034 smtpstate instate)
1035 {
1036 CURLcode result = CURLE_OK;
1037 struct SMTP *smtp = data->req.p.smtp;
1038 char *line = Curl_dyn_ptr(&data->conn->proto.smtpc.pp.recvbuf);
1039 size_t len = data->conn->proto.smtpc.pp.nfinal;
1040
1041 (void)instate; /* no use for this yet */
1042
1043 if((smtp->rcpt && smtpcode/100 != 2 && smtpcode != 553 && smtpcode != 1) ||
1044 (!smtp->rcpt && smtpcode/100 != 2 && smtpcode != 1)) {
1045 failf(data, "Command failed: %d", smtpcode);
1046 result = CURLE_WEIRD_SERVER_REPLY;
1047 }
1048 else {
1049 if(!data->req.no_body)
1050 result = Curl_client_write(data, CLIENTWRITE_BODY, line, len);
1051
1052 if(smtpcode != 1) {
1053 if(smtp->rcpt) {
1054 smtp->rcpt = smtp->rcpt->next;
1055
1056 if(smtp->rcpt) {
1057 /* Send the next command */
1058 result = smtp_perform_command(data);
1059 }
1060 else
1061 /* End of DO phase */
1062 smtp_state(data, SMTP_STOP);
1063 }
1064 else
1065 /* End of DO phase */
1066 smtp_state(data, SMTP_STOP);
1067 }
1068 }
1069
1070 return result;
1071 }
1072
1073 /* For MAIL responses */
smtp_state_mail_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)1074 static CURLcode smtp_state_mail_resp(struct Curl_easy *data, int smtpcode,
1075 smtpstate instate)
1076 {
1077 CURLcode result = CURLE_OK;
1078 (void)instate; /* no use for this yet */
1079
1080 if(smtpcode/100 != 2) {
1081 failf(data, "MAIL failed: %d", smtpcode);
1082 result = CURLE_SEND_ERROR;
1083 }
1084 else
1085 /* Start the RCPT TO command */
1086 result = smtp_perform_rcpt_to(data);
1087
1088 return result;
1089 }
1090
1091 /* For RCPT responses */
smtp_state_rcpt_resp(struct Curl_easy * data,struct connectdata * conn,int smtpcode,smtpstate instate)1092 static CURLcode smtp_state_rcpt_resp(struct Curl_easy *data,
1093 struct connectdata *conn, int smtpcode,
1094 smtpstate instate)
1095 {
1096 CURLcode result = CURLE_OK;
1097 struct SMTP *smtp = data->req.p.smtp;
1098 bool is_smtp_err = FALSE;
1099 bool is_smtp_blocking_err = FALSE;
1100
1101 (void)instate; /* no use for this yet */
1102
1103 is_smtp_err = (smtpcode/100 != 2);
1104
1105 /* If there is multiple RCPT TO to be issued, it is possible to ignore errors
1106 and proceed with only the valid addresses. */
1107 is_smtp_blocking_err = (is_smtp_err && !data->set.mail_rcpt_allowfails);
1108
1109 if(is_smtp_err) {
1110 /* Remembering the last failure which we can report if all "RCPT TO" have
1111 failed and we cannot proceed. */
1112 smtp->rcpt_last_error = smtpcode;
1113
1114 if(is_smtp_blocking_err) {
1115 failf(data, "RCPT failed: %d", smtpcode);
1116 result = CURLE_SEND_ERROR;
1117 }
1118 }
1119 else {
1120 /* Some RCPT TO commands have succeeded. */
1121 smtp->rcpt_had_ok = TRUE;
1122 }
1123
1124 if(!is_smtp_blocking_err) {
1125 smtp->rcpt = smtp->rcpt->next;
1126
1127 if(smtp->rcpt)
1128 /* Send the next RCPT TO command */
1129 result = smtp_perform_rcpt_to(data);
1130 else {
1131 /* We were not able to issue a successful RCPT TO command while going
1132 over recipients (potentially multiple). Sending back last error. */
1133 if(!smtp->rcpt_had_ok) {
1134 failf(data, "RCPT failed: %d (last error)", smtp->rcpt_last_error);
1135 result = CURLE_SEND_ERROR;
1136 }
1137 else {
1138 /* Send the DATA command */
1139 result = Curl_pp_sendf(data, &conn->proto.smtpc.pp, "%s", "DATA");
1140
1141 if(!result)
1142 smtp_state(data, SMTP_DATA);
1143 }
1144 }
1145 }
1146
1147 return result;
1148 }
1149
1150 /* For DATA response */
smtp_state_data_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)1151 static CURLcode smtp_state_data_resp(struct Curl_easy *data, int smtpcode,
1152 smtpstate instate)
1153 {
1154 CURLcode result = CURLE_OK;
1155 (void)instate; /* no use for this yet */
1156
1157 if(smtpcode != 354) {
1158 failf(data, "DATA failed: %d", smtpcode);
1159 result = CURLE_SEND_ERROR;
1160 }
1161 else {
1162 /* Set the progress upload size */
1163 Curl_pgrsSetUploadSize(data, data->state.infilesize);
1164
1165 /* SMTP upload */
1166 Curl_xfer_setup1(data, CURL_XFER_SEND, -1, FALSE);
1167
1168 /* End of DO phase */
1169 smtp_state(data, SMTP_STOP);
1170 }
1171
1172 return result;
1173 }
1174
1175 /* For POSTDATA responses, which are received after the entire DATA
1176 part has been sent to the server */
smtp_state_postdata_resp(struct Curl_easy * data,int smtpcode,smtpstate instate)1177 static CURLcode smtp_state_postdata_resp(struct Curl_easy *data,
1178 int smtpcode,
1179 smtpstate instate)
1180 {
1181 CURLcode result = CURLE_OK;
1182
1183 (void)instate; /* no use for this yet */
1184
1185 if(smtpcode != 250)
1186 result = CURLE_WEIRD_SERVER_REPLY;
1187
1188 /* End of DONE phase */
1189 smtp_state(data, SMTP_STOP);
1190
1191 return result;
1192 }
1193
smtp_statemachine(struct Curl_easy * data,struct connectdata * conn)1194 static CURLcode smtp_statemachine(struct Curl_easy *data,
1195 struct connectdata *conn)
1196 {
1197 CURLcode result = CURLE_OK;
1198 int smtpcode;
1199 struct smtp_conn *smtpc = &conn->proto.smtpc;
1200 struct pingpong *pp = &smtpc->pp;
1201 size_t nread = 0;
1202
1203 /* Busy upgrading the connection; right now all I/O is SSL/TLS, not SMTP */
1204 upgrade_tls:
1205 if(smtpc->state == SMTP_UPGRADETLS)
1206 return smtp_perform_upgrade_tls(data);
1207
1208 /* Flush any data that needs to be sent */
1209 if(pp->sendleft)
1210 return Curl_pp_flushsend(data, pp);
1211
1212 do {
1213 /* Read the response from the server */
1214 result = Curl_pp_readresp(data, FIRSTSOCKET, pp, &smtpcode, &nread);
1215 if(result)
1216 return result;
1217
1218 /* Store the latest response for later retrieval if necessary */
1219 if(smtpc->state != SMTP_QUIT && smtpcode != 1)
1220 data->info.httpcode = smtpcode;
1221
1222 if(!smtpcode)
1223 break;
1224
1225 /* We have now received a full SMTP server response */
1226 switch(smtpc->state) {
1227 case SMTP_SERVERGREET:
1228 result = smtp_state_servergreet_resp(data, smtpcode, smtpc->state);
1229 break;
1230
1231 case SMTP_EHLO:
1232 result = smtp_state_ehlo_resp(data, conn, smtpcode, smtpc->state);
1233 break;
1234
1235 case SMTP_HELO:
1236 result = smtp_state_helo_resp(data, smtpcode, smtpc->state);
1237 break;
1238
1239 case SMTP_STARTTLS:
1240 result = smtp_state_starttls_resp(data, smtpcode, smtpc->state);
1241 /* During UPGRADETLS, leave the read loop as we need to connect
1242 * (e.g. TLS handshake) before we continue sending/receiving. */
1243 if(!result && (smtpc->state == SMTP_UPGRADETLS))
1244 goto upgrade_tls;
1245 break;
1246
1247 case SMTP_AUTH:
1248 result = smtp_state_auth_resp(data, smtpcode, smtpc->state);
1249 break;
1250
1251 case SMTP_COMMAND:
1252 result = smtp_state_command_resp(data, smtpcode, smtpc->state);
1253 break;
1254
1255 case SMTP_MAIL:
1256 result = smtp_state_mail_resp(data, smtpcode, smtpc->state);
1257 break;
1258
1259 case SMTP_RCPT:
1260 result = smtp_state_rcpt_resp(data, conn, smtpcode, smtpc->state);
1261 break;
1262
1263 case SMTP_DATA:
1264 result = smtp_state_data_resp(data, smtpcode, smtpc->state);
1265 break;
1266
1267 case SMTP_POSTDATA:
1268 result = smtp_state_postdata_resp(data, smtpcode, smtpc->state);
1269 break;
1270
1271 case SMTP_QUIT:
1272 default:
1273 /* internal error */
1274 smtp_state(data, SMTP_STOP);
1275 break;
1276 }
1277 } while(!result && smtpc->state != SMTP_STOP && Curl_pp_moredata(pp));
1278
1279 return result;
1280 }
1281
1282 /* Called repeatedly until done from multi.c */
smtp_multi_statemach(struct Curl_easy * data,bool * done)1283 static CURLcode smtp_multi_statemach(struct Curl_easy *data, bool *done)
1284 {
1285 CURLcode result = CURLE_OK;
1286 struct connectdata *conn = data->conn;
1287 struct smtp_conn *smtpc = &conn->proto.smtpc;
1288
1289 if((conn->handler->flags & PROTOPT_SSL) && !smtpc->ssldone) {
1290 bool ssldone = FALSE;
1291 result = Curl_conn_connect(data, FIRSTSOCKET, FALSE, &ssldone);
1292 smtpc->ssldone = ssldone;
1293 if(result || !smtpc->ssldone)
1294 return result;
1295 }
1296
1297 result = Curl_pp_statemach(data, &smtpc->pp, FALSE, FALSE);
1298 *done = (smtpc->state == SMTP_STOP);
1299
1300 return result;
1301 }
1302
smtp_block_statemach(struct Curl_easy * data,struct connectdata * conn,bool disconnecting)1303 static CURLcode smtp_block_statemach(struct Curl_easy *data,
1304 struct connectdata *conn,
1305 bool disconnecting)
1306 {
1307 CURLcode result = CURLE_OK;
1308 struct smtp_conn *smtpc = &conn->proto.smtpc;
1309
1310 while(smtpc->state != SMTP_STOP && !result)
1311 result = Curl_pp_statemach(data, &smtpc->pp, TRUE, disconnecting);
1312
1313 return result;
1314 }
1315
1316 /* Allocate and initialize the SMTP struct for the current Curl_easy if
1317 required */
smtp_init(struct Curl_easy * data)1318 static CURLcode smtp_init(struct Curl_easy *data)
1319 {
1320 CURLcode result = CURLE_OK;
1321 struct SMTP *smtp;
1322
1323 smtp = data->req.p.smtp = calloc(1, sizeof(struct SMTP));
1324 if(!smtp)
1325 result = CURLE_OUT_OF_MEMORY;
1326
1327 return result;
1328 }
1329
1330 /* For the SMTP "protocol connect" and "doing" phases only */
smtp_getsock(struct Curl_easy * data,struct connectdata * conn,curl_socket_t * socks)1331 static int smtp_getsock(struct Curl_easy *data,
1332 struct connectdata *conn, curl_socket_t *socks)
1333 {
1334 return Curl_pp_getsock(data, &conn->proto.smtpc.pp, socks);
1335 }
1336
1337 /***********************************************************************
1338 *
1339 * smtp_connect()
1340 *
1341 * This function should do everything that is to be considered a part of
1342 * the connection phase.
1343 *
1344 * The variable pointed to by 'done' will be TRUE if the protocol-layer
1345 * connect phase is done when this function returns, or FALSE if not.
1346 */
smtp_connect(struct Curl_easy * data,bool * done)1347 static CURLcode smtp_connect(struct Curl_easy *data, bool *done)
1348 {
1349 CURLcode result = CURLE_OK;
1350 struct connectdata *conn = data->conn;
1351 struct smtp_conn *smtpc = &conn->proto.smtpc;
1352 struct pingpong *pp = &smtpc->pp;
1353
1354 *done = FALSE; /* default to not done yet */
1355
1356 /* We always support persistent connections in SMTP */
1357 connkeep(conn, "SMTP default");
1358
1359 PINGPONG_SETUP(pp, smtp_statemachine, smtp_endofresp);
1360
1361 /* Initialize the SASL storage */
1362 Curl_sasl_init(&smtpc->sasl, data, &saslsmtp);
1363
1364 /* Initialise the pingpong layer */
1365 Curl_pp_init(pp);
1366
1367 /* Parse the URL options */
1368 result = smtp_parse_url_options(conn);
1369 if(result)
1370 return result;
1371
1372 /* Parse the URL path */
1373 result = smtp_parse_url_path(data);
1374 if(result)
1375 return result;
1376
1377 /* Start off waiting for the server greeting response */
1378 smtp_state(data, SMTP_SERVERGREET);
1379
1380 result = smtp_multi_statemach(data, done);
1381
1382 return result;
1383 }
1384
1385 /***********************************************************************
1386 *
1387 * smtp_done()
1388 *
1389 * The DONE function. This does what needs to be done after a single DO has
1390 * performed.
1391 *
1392 * Input argument is already checked for validity.
1393 */
smtp_done(struct Curl_easy * data,CURLcode status,bool premature)1394 static CURLcode smtp_done(struct Curl_easy *data, CURLcode status,
1395 bool premature)
1396 {
1397 CURLcode result = CURLE_OK;
1398 struct connectdata *conn = data->conn;
1399 struct SMTP *smtp = data->req.p.smtp;
1400
1401 (void)premature;
1402
1403 if(!smtp)
1404 return CURLE_OK;
1405
1406 /* Cleanup our per-request based variables */
1407 Curl_safefree(smtp->custom);
1408
1409 if(status) {
1410 connclose(conn, "SMTP done with bad status"); /* marked for closure */
1411 result = status; /* use the already set error code */
1412 }
1413 else if(!data->set.connect_only && data->set.mail_rcpt &&
1414 (data->state.upload || IS_MIME_POST(data))) {
1415
1416 smtp_state(data, SMTP_POSTDATA);
1417
1418 /* Run the state-machine */
1419 result = smtp_block_statemach(data, conn, FALSE);
1420 }
1421
1422 /* Clear the transfer mode for the next request */
1423 smtp->transfer = PPTRANSFER_BODY;
1424 CURL_TRC_SMTP(data, "smtp_done(status=%d, premature=%d) -> %d",
1425 status, premature, result);
1426 return result;
1427 }
1428
1429 /***********************************************************************
1430 *
1431 * smtp_perform()
1432 *
1433 * This is the actual DO function for SMTP. Transfer a mail, send a command
1434 * or get some data according to the options previously setup.
1435 */
smtp_perform(struct Curl_easy * data,bool * connected,bool * dophase_done)1436 static CURLcode smtp_perform(struct Curl_easy *data, bool *connected,
1437 bool *dophase_done)
1438 {
1439 /* This is SMTP and no proxy */
1440 CURLcode result = CURLE_OK;
1441 struct SMTP *smtp = data->req.p.smtp;
1442
1443 CURL_TRC_SMTP(data, "smtp_perform(), start");
1444
1445 if(data->req.no_body) {
1446 /* Requested no body means no transfer */
1447 smtp->transfer = PPTRANSFER_INFO;
1448 }
1449
1450 *dophase_done = FALSE; /* not done yet */
1451
1452 /* Store the first recipient (or NULL if not specified) */
1453 smtp->rcpt = data->set.mail_rcpt;
1454
1455 /* Track of whether we have successfully sent at least one RCPT TO command */
1456 smtp->rcpt_had_ok = FALSE;
1457
1458 /* Track of the last error we have received by sending RCPT TO command */
1459 smtp->rcpt_last_error = 0;
1460
1461 /* Initial data character is the first character in line: it is implicitly
1462 preceded by a virtual CRLF. */
1463 smtp->trailing_crlf = TRUE;
1464 smtp->eob = 2;
1465
1466 /* Start the first command in the DO phase */
1467 if((data->state.upload || IS_MIME_POST(data)) && data->set.mail_rcpt)
1468 /* MAIL transfer */
1469 result = smtp_perform_mail(data);
1470 else
1471 /* SMTP based command (VRFY, EXPN, NOOP, RSET or HELP) */
1472 result = smtp_perform_command(data);
1473
1474 if(result)
1475 goto out;
1476
1477 /* Run the state-machine */
1478 result = smtp_multi_statemach(data, dophase_done);
1479
1480 *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
1481
1482 out:
1483 CURL_TRC_SMTP(data, "smtp_perform() -> %d, connected=%d, done=%d",
1484 result, *connected, *dophase_done);
1485 return result;
1486 }
1487
1488 /***********************************************************************
1489 *
1490 * smtp_do()
1491 *
1492 * This function is registered as 'curl_do' function. It decodes the path
1493 * parts etc as a wrapper to the actual DO function (smtp_perform).
1494 *
1495 * The input argument is already checked for validity.
1496 */
smtp_do(struct Curl_easy * data,bool * done)1497 static CURLcode smtp_do(struct Curl_easy *data, bool *done)
1498 {
1499 CURLcode result = CURLE_OK;
1500 DEBUGASSERT(data);
1501 DEBUGASSERT(data->conn);
1502 *done = FALSE; /* default to false */
1503
1504 /* Parse the custom request */
1505 result = smtp_parse_custom_request(data);
1506 if(result)
1507 return result;
1508
1509 result = smtp_regular_transfer(data, done);
1510 CURL_TRC_SMTP(data, "smtp_do() -> %d, done=%d", result, *done);
1511 return result;
1512 }
1513
1514 /***********************************************************************
1515 *
1516 * smtp_disconnect()
1517 *
1518 * Disconnect from an SMTP server. Cleanup protocol-specific per-connection
1519 * resources. BLOCKING.
1520 */
smtp_disconnect(struct Curl_easy * data,struct connectdata * conn,bool dead_connection)1521 static CURLcode smtp_disconnect(struct Curl_easy *data,
1522 struct connectdata *conn,
1523 bool dead_connection)
1524 {
1525 struct smtp_conn *smtpc = &conn->proto.smtpc;
1526 (void)data;
1527
1528 /* We cannot send quit unconditionally. If this connection is stale or
1529 bad in any way, sending quit and waiting around here will make the
1530 disconnect wait in vain and cause more problems than we need to. */
1531
1532 if(!dead_connection && conn->bits.protoconnstart) {
1533 if(!smtp_perform_quit(data, conn))
1534 (void)smtp_block_statemach(data, conn, TRUE); /* ignore errors on QUIT */
1535 }
1536
1537 /* Disconnect from the server */
1538 Curl_pp_disconnect(&smtpc->pp);
1539
1540 /* Cleanup the SASL module */
1541 Curl_sasl_cleanup(conn, smtpc->sasl.authused);
1542
1543 /* Cleanup our connection based variables */
1544 Curl_safefree(smtpc->domain);
1545 CURL_TRC_SMTP(data, "smtp_disconnect(), finished");
1546
1547 return CURLE_OK;
1548 }
1549
1550 /* Call this when the DO phase has completed */
smtp_dophase_done(struct Curl_easy * data,bool connected)1551 static CURLcode smtp_dophase_done(struct Curl_easy *data, bool connected)
1552 {
1553 struct SMTP *smtp = data->req.p.smtp;
1554
1555 (void)connected;
1556
1557 if(smtp->transfer != PPTRANSFER_BODY)
1558 /* no data to transfer */
1559 Curl_xfer_setup_nop(data);
1560
1561 return CURLE_OK;
1562 }
1563
1564 /* Called from multi.c while DOing */
smtp_doing(struct Curl_easy * data,bool * dophase_done)1565 static CURLcode smtp_doing(struct Curl_easy *data, bool *dophase_done)
1566 {
1567 CURLcode result = smtp_multi_statemach(data, dophase_done);
1568
1569 if(result)
1570 DEBUGF(infof(data, "DO phase failed"));
1571 else if(*dophase_done) {
1572 result = smtp_dophase_done(data, FALSE /* not connected */);
1573
1574 DEBUGF(infof(data, "DO phase is complete"));
1575 }
1576
1577 CURL_TRC_SMTP(data, "smtp_doing() -> %d, done=%d", result, *dophase_done);
1578 return result;
1579 }
1580
1581 /***********************************************************************
1582 *
1583 * smtp_regular_transfer()
1584 *
1585 * The input argument is already checked for validity.
1586 *
1587 * Performs all commands done before a regular transfer between a local and a
1588 * remote host.
1589 */
smtp_regular_transfer(struct Curl_easy * data,bool * dophase_done)1590 static CURLcode smtp_regular_transfer(struct Curl_easy *data,
1591 bool *dophase_done)
1592 {
1593 CURLcode result = CURLE_OK;
1594 bool connected = FALSE;
1595
1596 /* Make sure size is unknown at this point */
1597 data->req.size = -1;
1598
1599 /* Set the progress data */
1600 Curl_pgrsSetUploadCounter(data, 0);
1601 Curl_pgrsSetDownloadCounter(data, 0);
1602 Curl_pgrsSetUploadSize(data, -1);
1603 Curl_pgrsSetDownloadSize(data, -1);
1604
1605 /* Carry out the perform */
1606 result = smtp_perform(data, &connected, dophase_done);
1607
1608 /* Perform post DO phase operations if necessary */
1609 if(!result && *dophase_done)
1610 result = smtp_dophase_done(data, connected);
1611
1612 CURL_TRC_SMTP(data, "smtp_regular_transfer() -> %d, done=%d",
1613 result, *dophase_done);
1614 return result;
1615 }
1616
smtp_setup_connection(struct Curl_easy * data,struct connectdata * conn)1617 static CURLcode smtp_setup_connection(struct Curl_easy *data,
1618 struct connectdata *conn)
1619 {
1620 CURLcode result;
1621
1622 /* Clear the TLS upgraded flag */
1623 conn->bits.tls_upgraded = FALSE;
1624
1625 /* Initialise the SMTP layer */
1626 result = smtp_init(data);
1627 CURL_TRC_SMTP(data, "smtp_setup_connection() -> %d", result);
1628 return result;
1629 }
1630
1631 /***********************************************************************
1632 *
1633 * smtp_parse_url_options()
1634 *
1635 * Parse the URL login options.
1636 */
smtp_parse_url_options(struct connectdata * conn)1637 static CURLcode smtp_parse_url_options(struct connectdata *conn)
1638 {
1639 CURLcode result = CURLE_OK;
1640 struct smtp_conn *smtpc = &conn->proto.smtpc;
1641 const char *ptr = conn->options;
1642
1643 while(!result && ptr && *ptr) {
1644 const char *key = ptr;
1645 const char *value;
1646
1647 while(*ptr && *ptr != '=')
1648 ptr++;
1649
1650 value = ptr + 1;
1651
1652 while(*ptr && *ptr != ';')
1653 ptr++;
1654
1655 if(strncasecompare(key, "AUTH=", 5))
1656 result = Curl_sasl_parse_url_auth_option(&smtpc->sasl,
1657 value, ptr - value);
1658 else
1659 result = CURLE_URL_MALFORMAT;
1660
1661 if(*ptr == ';')
1662 ptr++;
1663 }
1664
1665 return result;
1666 }
1667
1668 /***********************************************************************
1669 *
1670 * smtp_parse_url_path()
1671 *
1672 * Parse the URL path into separate path components.
1673 */
smtp_parse_url_path(struct Curl_easy * data)1674 static CURLcode smtp_parse_url_path(struct Curl_easy *data)
1675 {
1676 /* The SMTP struct is already initialised in smtp_connect() */
1677 struct connectdata *conn = data->conn;
1678 struct smtp_conn *smtpc = &conn->proto.smtpc;
1679 const char *path = &data->state.up.path[1]; /* skip leading path */
1680 char localhost[HOSTNAME_MAX + 1];
1681
1682 /* Calculate the path if necessary */
1683 if(!*path) {
1684 if(!Curl_gethostname(localhost, sizeof(localhost)))
1685 path = localhost;
1686 else
1687 path = "localhost";
1688 }
1689
1690 /* URL decode the path and use it as the domain in our EHLO */
1691 return Curl_urldecode(path, 0, &smtpc->domain, NULL, REJECT_CTRL);
1692 }
1693
1694 /***********************************************************************
1695 *
1696 * smtp_parse_custom_request()
1697 *
1698 * Parse the custom request.
1699 */
smtp_parse_custom_request(struct Curl_easy * data)1700 static CURLcode smtp_parse_custom_request(struct Curl_easy *data)
1701 {
1702 CURLcode result = CURLE_OK;
1703 struct SMTP *smtp = data->req.p.smtp;
1704 const char *custom = data->set.str[STRING_CUSTOMREQUEST];
1705
1706 /* URL decode the custom request */
1707 if(custom)
1708 result = Curl_urldecode(custom, 0, &smtp->custom, NULL, REJECT_CTRL);
1709
1710 return result;
1711 }
1712
1713 /***********************************************************************
1714 *
1715 * smtp_parse_address()
1716 *
1717 * Parse the fully qualified mailbox address into a local address part and the
1718 * hostname, converting the hostname to an IDN A-label, as per RFC-5890, if
1719 * necessary.
1720 *
1721 * Parameters:
1722 *
1723 * conn [in] - The connection handle.
1724 * fqma [in] - The fully qualified mailbox address (which may or
1725 * may not contain UTF-8 characters).
1726 * address [in/out] - A new allocated buffer which holds the local
1727 * address part of the mailbox. This buffer must be
1728 * free'ed by the caller.
1729 * host [in/out] - The hostname structure that holds the original,
1730 * and optionally encoded, hostname.
1731 * Curl_free_idnconverted_hostname() must be called
1732 * once the caller has finished with the structure.
1733 *
1734 * Returns CURLE_OK on success.
1735 *
1736 * Notes:
1737 *
1738 * Should a UTF-8 hostname require conversion to IDN ACE and we cannot honor
1739 * that conversion then we shall return success. This allow the caller to send
1740 * the data to the server as a U-label (as per RFC-6531 sect. 3.2).
1741 *
1742 * If an mailbox '@' separator cannot be located then the mailbox is considered
1743 * to be either a local mailbox or an invalid mailbox (depending on what the
1744 * calling function deems it to be) then the input will simply be returned in
1745 * the address part with the hostname being NULL.
1746 */
smtp_parse_address(const char * fqma,char ** address,struct hostname * host)1747 static CURLcode smtp_parse_address(const char *fqma, char **address,
1748 struct hostname *host)
1749 {
1750 CURLcode result = CURLE_OK;
1751 size_t length;
1752
1753 /* Duplicate the fully qualified email address so we can manipulate it,
1754 ensuring it does not contain the delimiters if specified */
1755 char *dup = strdup(fqma[0] == '<' ? fqma + 1 : fqma);
1756 if(!dup)
1757 return CURLE_OUT_OF_MEMORY;
1758
1759 length = strlen(dup);
1760 if(length) {
1761 if(dup[length - 1] == '>')
1762 dup[length - 1] = '\0';
1763 }
1764
1765 /* Extract the hostname from the address (if we can) */
1766 host->name = strpbrk(dup, "@");
1767 if(host->name) {
1768 *host->name = '\0';
1769 host->name = host->name + 1;
1770
1771 /* Attempt to convert the hostname to IDN ACE */
1772 (void) Curl_idnconvert_hostname(host);
1773
1774 /* If Curl_idnconvert_hostname() fails then we shall attempt to continue
1775 and send the hostname using UTF-8 rather than as 7-bit ACE (which is
1776 our preference) */
1777 }
1778
1779 /* Extract the local address from the mailbox */
1780 *address = dup;
1781
1782 return result;
1783 }
1784
1785 struct cr_eob_ctx {
1786 struct Curl_creader super;
1787 struct bufq buf;
1788 size_t n_eob; /* how many EOB bytes we matched so far */
1789 size_t eob; /* Number of bytes of the EOB (End Of Body) that
1790 have been received so far */
1791 BIT(read_eos); /* we read an EOS from the next reader */
1792 BIT(eos); /* we have returned an EOS */
1793 };
1794
cr_eob_init(struct Curl_easy * data,struct Curl_creader * reader)1795 static CURLcode cr_eob_init(struct Curl_easy *data,
1796 struct Curl_creader *reader)
1797 {
1798 struct cr_eob_ctx *ctx = reader->ctx;
1799 (void)data;
1800 /* The first char we read is the first on a line, as if we had
1801 * read CRLF just before */
1802 ctx->n_eob = 2;
1803 Curl_bufq_init2(&ctx->buf, (16 * 1024), 1, BUFQ_OPT_SOFT_LIMIT);
1804 return CURLE_OK;
1805 }
1806
cr_eob_close(struct Curl_easy * data,struct Curl_creader * reader)1807 static void cr_eob_close(struct Curl_easy *data, struct Curl_creader *reader)
1808 {
1809 struct cr_eob_ctx *ctx = reader->ctx;
1810 (void)data;
1811 Curl_bufq_free(&ctx->buf);
1812 }
1813
1814 /* this is the 5-bytes End-Of-Body marker for SMTP */
1815 #define SMTP_EOB "\r\n.\r\n"
1816 #define SMTP_EOB_FIND_LEN 3
1817
1818 /* client reader doing SMTP End-Of-Body escaping. */
cr_eob_read(struct Curl_easy * data,struct Curl_creader * reader,char * buf,size_t blen,size_t * pnread,bool * peos)1819 static CURLcode cr_eob_read(struct Curl_easy *data,
1820 struct Curl_creader *reader,
1821 char *buf, size_t blen,
1822 size_t *pnread, bool *peos)
1823 {
1824 struct cr_eob_ctx *ctx = reader->ctx;
1825 CURLcode result = CURLE_OK;
1826 size_t nread, i, start, n;
1827 bool eos;
1828
1829 if(!ctx->read_eos && Curl_bufq_is_empty(&ctx->buf)) {
1830 /* Get more and convert it when needed */
1831 result = Curl_creader_read(data, reader->next, buf, blen, &nread, &eos);
1832 if(result)
1833 return result;
1834
1835 ctx->read_eos = eos;
1836 if(nread) {
1837 if(!ctx->n_eob && !memchr(buf, SMTP_EOB[0], nread)) {
1838 /* not in the middle of a match, no EOB start found, just pass */
1839 *pnread = nread;
1840 *peos = FALSE;
1841 return CURLE_OK;
1842 }
1843 /* scan for EOB (continuation) and convert */
1844 for(i = start = 0; i < nread; ++i) {
1845 if(ctx->n_eob >= SMTP_EOB_FIND_LEN) {
1846 /* matched the EOB prefix and seeing additional char, add '.' */
1847 result = Curl_bufq_cwrite(&ctx->buf, buf + start, i - start, &n);
1848 if(result)
1849 return result;
1850 result = Curl_bufq_cwrite(&ctx->buf, ".", 1, &n);
1851 if(result)
1852 return result;
1853 ctx->n_eob = 0;
1854 start = i;
1855 if(data->state.infilesize > 0)
1856 data->state.infilesize++;
1857 }
1858
1859 if(buf[i] != SMTP_EOB[ctx->n_eob])
1860 ctx->n_eob = 0;
1861
1862 if(buf[i] == SMTP_EOB[ctx->n_eob]) {
1863 /* matching another char of the EOB */
1864 ++ctx->n_eob;
1865 }
1866 }
1867
1868 /* add any remainder to buf */
1869 if(start < nread) {
1870 result = Curl_bufq_cwrite(&ctx->buf, buf + start, nread - start, &n);
1871 if(result)
1872 return result;
1873 }
1874 }
1875
1876 if(ctx->read_eos) {
1877 /* if we last matched a CRLF or if the data was empty, add ".\r\n"
1878 * to end the body. If we sent something and it did not end with "\r\n",
1879 * add "\r\n.\r\n" to end the body */
1880 const char *eob = SMTP_EOB;
1881 switch(ctx->n_eob) {
1882 case 2:
1883 /* seen a CRLF at the end, just add the remainder */
1884 eob = &SMTP_EOB[2];
1885 break;
1886 case 3:
1887 /* ended with '\r\n.', we should escpe the last '.' */
1888 eob = "." SMTP_EOB;
1889 break;
1890 default:
1891 break;
1892 }
1893 result = Curl_bufq_cwrite(&ctx->buf, eob, strlen(eob), &n);
1894 if(result)
1895 return result;
1896 }
1897 }
1898
1899 *peos = FALSE;
1900 if(!Curl_bufq_is_empty(&ctx->buf)) {
1901 result = Curl_bufq_cread(&ctx->buf, buf, blen, pnread);
1902 }
1903 else
1904 *pnread = 0;
1905
1906 if(ctx->read_eos && Curl_bufq_is_empty(&ctx->buf)) {
1907 /* no more data, read all, done. */
1908 ctx->eos = TRUE;
1909 }
1910 *peos = ctx->eos;
1911 DEBUGF(infof(data, "cr_eob_read(%zu) -> %d, %zd, %d",
1912 blen, result, *pnread, *peos));
1913 return result;
1914 }
1915
cr_eob_total_length(struct Curl_easy * data,struct Curl_creader * reader)1916 static curl_off_t cr_eob_total_length(struct Curl_easy *data,
1917 struct Curl_creader *reader)
1918 {
1919 /* this reader changes length depending on input */
1920 (void)data;
1921 (void)reader;
1922 return -1;
1923 }
1924
1925 static const struct Curl_crtype cr_eob = {
1926 "cr-smtp-eob",
1927 cr_eob_init,
1928 cr_eob_read,
1929 cr_eob_close,
1930 Curl_creader_def_needs_rewind,
1931 cr_eob_total_length,
1932 Curl_creader_def_resume_from,
1933 Curl_creader_def_rewind,
1934 Curl_creader_def_unpause,
1935 Curl_creader_def_is_paused,
1936 Curl_creader_def_done,
1937 sizeof(struct cr_eob_ctx)
1938 };
1939
cr_eob_add(struct Curl_easy * data)1940 static CURLcode cr_eob_add(struct Curl_easy *data)
1941 {
1942 struct Curl_creader *reader = NULL;
1943 CURLcode result;
1944
1945 result = Curl_creader_create(&reader, data, &cr_eob,
1946 CURL_CR_CONTENT_ENCODE);
1947 if(!result)
1948 result = Curl_creader_add(data, reader);
1949
1950 if(result && reader)
1951 Curl_creader_free(data, reader);
1952 return result;
1953 }
1954
1955 #endif /* CURL_DISABLE_SMTP */
1956
