EHLO must be repeated after STARTTLS

5 files changed, 55 insertions, 46 deletions

diff --git a/src/qmail-remote/qmail-remote-io.c b/src/qmail-remote/qmail-remote-io.c
index b7e9f8c..2b305c9 100644
--- a/src/qmail-remote/qmail-remote-io.c
+++ b/src/qmail-remote/qmail-remote-io.c
@@ -16,6 +16,7 @@ enum gola_e
   GOLA_TIMEOUT,
   GOLA_FDR,
   GOLA_FDW,
+  GOLA_HELOHOST,
   GOLA_N
 } ;
 
@@ -140,12 +141,12 @@ static inline void smtp_body (buffer *in, buffer *out, char const *fmtip, char c
   if (code >= 500)
   {
     qmailr_smtp_quit(out, timeout) ;
-    qmailr_perm("qmail-remote-io: ", "connected to ", fmtip, " but sender was rejected") ;
+    qmailr_perm("qmail-remote-io: ", "connected to ", fmtip, " but sender was rejected", ".\nRemote host said: ", buf+4) ;
   }
   else if (code >= 400)
   {
     qmailr_smtp_quit(out, timeout) ;
-    qmailr_temp("qmail-remote-io: ", "connected to ", fmtip, " but sender was rejected") ;
+    qmailr_temp("qmail-remote-io: ", "connected to ", fmtip, " but sender was rejected", ".\nRemote host said: ", buf+4) ;
   }
 
   for (unsigned int i = 0 ; i < n ; i++)
@@ -160,12 +161,12 @@ static inline void smtp_body (buffer *in, buffer *out, char const *fmtip, char c
     if (code >= 500)
     {
       qmailr_smtp_quit(out, timeout) ;
-      qmailr_die('h', fmtip, " does not like recipient.\n", "Remote host said: ", buf+4) ;
+      qmailr_die('h', fmtip, " does not like recipient", ".\nRemote host said: ", buf+4) ;
     }
     else if (code >= 400)
     {
       qmailr_smtp_quit(out, timeout) ;
-      qmailr_die('s', fmtip, " does not like recipient.\n", "Remote host said: ", buf+4) ;
+      qmailr_die('s', fmtip, " does not like recipient", ".\nRemote host said: ", buf+4) ;
     }
     else
     {
@@ -219,6 +220,7 @@ int main (int argc, char const *const *argv)
     { .so = 't', .lo = "timeoutremote", .i = GOLA_TIMEOUT },
     { .so = '6', .lo = "fdr", .i = GOLA_FDR },
     { .so = '7', .lo = "fdw", .i = GOLA_FDW },
+    { .so = 0, .lo = "helohost", .i = GOLA_HELOHOST },
   } ;
   char const *wgola[GOLA_N] = { 0 } ;
   unsigned int fdr = 6, fdw = 7 ;
@@ -226,7 +228,7 @@ int main (int argc, char const *const *argv)
   buffer in, out ;
   char inbuf[1024] ;
   char outbuf[BUFFER_OUTSIZE] ;
-  unsigned int golc = qgol_main(argc, argv, 0, 0, rgola, 3, 0, wgola) ;
+  unsigned int golc = qgol_main(argc, argv, 0, 0, rgola, 4, 0, wgola) ;
   argc -= golc ; argv += golc ;
   if (argc < 3) qmailr_perm("qmail-remote-io: ", "too few arguments") ;
 
@@ -241,5 +243,10 @@ int main (int argc, char const *const *argv)
   buffer_init(&out, &buffer_write, fdw, outbuf, BUFFER_OUTSIZE) ;
 
   tain_now_set_stopwatch_g() ;
+  if (wgola[GOLA_HELOHOST])
+  {
+    if (qmailr_smtp_start(&in, &out, wgola[GOLA_HELOHOST], timeoutremote) == -1)
+      qmailr_tempusys("initiate SMTP exchange with ", argv[0]) ;
+  }
   smtp_body(&in, &out, argv[0], argv[1], argv + 2, argc - 2, timeoutremote) ;
 }
diff --git a/src/qmail-remote/qmail-remote.c b/src/qmail-remote/qmail-remote.c
index 8d3f095..0e8eaee 100644
--- a/src/qmail-remote/qmail-remote.c
+++ b/src/qmail-remote/qmail-remote.c
@@ -51,42 +51,6 @@ static inline void exec_notls (int fd, char const *fmtip, unsigned int timeoutre
   qmailr_tempusys("exec ", argv[0]) ;
 }
 
-static int smtp_start (buffer *in, buffer *out, char const *helohost, unsigned int timeout, char const *fmtip)
-{
-  int hastls = 0 ;
-  tain deadline ;
-  char line[1024] ;
-  int r = qmailr_smtp_read_answer(in, line, 1024, timeout) ;
-  if (r == -1) qmailr_tempusys("read from ", fmtip) ;
-  if (!r) qmailr_temp("Connected to ", fmtip, " but connection died") ;
-  if (r != 220)
-  {
-    qmailr_smtp_quit(out, timeout) ;
-    qmailr_temp("Connected to ", fmtip, " but greeting failed") ;
-  }
-
-  buffer_putnoflush(out, "EHLO ", 5) ;
-  buffer_putsnoflush(out, helohost) ;
-  buffer_putnoflush(out, "\r\n", 2) ;
-
-  qdeadline(&deadline, timeout) ;
-  if (!buffer_timed_flush_g(out, &deadline))
-    qmailr_tempusys("send ", "EHLO", " to ", fmtip) ;
-
-  qdeadline(&deadline, timeout) ;
-  for (;;)
-  {
-    unsigned int code = 250 ;
-    int r = qmailr_smtp_read_line(in, line, 1024, &code, &deadline) ;
-    if (r == -1) qmailr_tempusys("read from ", fmtip) ;
-    if (!r) qmailr_temp("Connected to ", fmtip, " but connection died") ;
-    if (code != 250) qmailr_temp("Connected to ", fmtip, " but it speaks a weird protocol") ;
-    if (!strcasecmp(line + 4, "STARTTLS")) hastls = 1 ;
-    if (r == 1) break ;
-  }
-  return hastls ;
-}
-
 static void attempt_smtp (int fd, char const *ip, int is6, unsigned int timeoutconnect, unsigned int timeoutremote, qmailr_tls const *qtls, size_t helopos, size_t const *eaddrpos, unsigned int n, size_t mxnamepos, char const *storage)
 {
   int hastls ;
@@ -98,7 +62,8 @@ static void attempt_smtp (int fd, char const *ip, int is6, unsigned int timeoutc
   if (is6) fmtip[ip6_fmt(fmtip, ip)] = 0 ;
   else fmtip[ip4_fmt(fmtip, ip)] = 0 ;
 
-  hastls = smtp_start(&in, &out, storage + helopos, timeoutremote, fmtip) ;
+  hastls = qmailr_smtp_start(&in, &out, storage + helopos, timeoutremote) ;
+  if (hastls == -1) qmailr_tempusys("initiate SMTP exchange with ", fmtip) ;
   if (qtls->flagwanttls)
   {
     if (hastls)
@@ -116,7 +81,7 @@ static void attempt_smtp (int fd, char const *ip, int is6, unsigned int timeoutc
         qmailr_smtp_quit(&out, timeoutremote) ;
         qmailr_temp("Connected to ", fmtip, " but connection died") ;
       }
-      else if (r == 220) run_tls(fd, fmtip, timeoutconnect, timeoutremote, qtls, eaddrpos, n, mxnamepos, storage) ;
+      else if (r == 220) run_tls(fd, fmtip, timeoutconnect, timeoutremote, qtls, helopos, eaddrpos, n, mxnamepos, storage) ;
       if (qtls->strictness) return ;
     }
     else if (qtls->strictness >= 2) return ;
diff --git a/src/qmail-remote/qmail-remote.h b/src/qmail-remote/qmail-remote.h
index ce7de4f..ad36d88 100644
--- a/src/qmail-remote/qmail-remote.h
+++ b/src/qmail-remote/qmail-remote.h
@@ -46,6 +46,6 @@ extern int smtproutes_match (smtproutes const *, char const *, stralloc *, size_
 extern void smtproutes_free (smtproutes *) ;
 
 
-extern void run_tls (int, char const *, unsigned int, unsigned int, qmailr_tls const *, size_t const *, unsigned int, size_t, char const *) gccattr_noreturn ;
+extern void run_tls (int, char const *, unsigned int, unsigned int, qmailr_tls const *, size_t, size_t const *, unsigned int, size_t, char const *) gccattr_noreturn ;
 
 #endif
diff --git a/src/qmail-remote/qmailr_smtp.c b/src/qmail-remote/qmailr_smtp.c
index a0faf78..1d5d426 100644
--- a/src/qmail-remote/qmailr_smtp.c
+++ b/src/qmail-remote/qmailr_smtp.c
@@ -51,3 +51,38 @@ void qmailr_smtp_quit (buffer *out, unsigned int timeout)
   qdeadline(&deadline, timeout) ;
   buffer_timed_flush_g(out, &deadline) ;
 }
+
+int qmailr_smtp_start (buffer *in, buffer *out, char const *helohost, unsigned int timeout)
+{
+  int hastls = 0 ;
+  tain deadline ;
+  char line[1024] ;
+  int r = qmailr_smtp_read_answer(in, line, 1024, timeout) ;
+  if (r == -1) return -1 ;
+  if (!r) return (errno = EPIPE, -1) ;
+  if (r != 220)
+  {
+    qmailr_smtp_quit(out, timeout) ;
+    return (errno = EPROTO, -1) ;
+  }
+
+  buffer_putnoflush(out, "EHLO ", 5) ;
+  buffer_putsnoflush(out, helohost) ;
+  buffer_putnoflush(out, "\r\n", 2) ;
+
+  qdeadline(&deadline, timeout) ;
+  if (!buffer_timed_flush_g(out, &deadline)) return -1 ;
+
+  qdeadline(&deadline, timeout) ;
+  for (;;)
+  {
+    unsigned int code = 250 ;
+    int r = qmailr_smtp_read_line(in, line, 1024, &code, &deadline) ;
+    if (r == -1) return -1 ;
+    if (!r) return (errno = EPIPE, -1) ;
+    if (code != 250) return (errno = EPROTO, -1) ;
+    if (!strcasecmp(line + 4, "STARTTLS")) hastls = 1 ;
+    if (r == 1) break ;
+  }
+  return hastls ;
+}
diff --git a/src/qmail-remote/tls.c b/src/qmail-remote/tls.c
index f084258..ffe9f2a 100644
--- a/src/qmail-remote/tls.c
+++ b/src/qmail-remote/tls.c
@@ -31,7 +31,7 @@ So instead of execing, we spawn it and stick around to translate
 the exit code and the error message back to qmail-rspawn.
 */
 
-void run_tls (int fdr, char const *fmtip, unsigned int timeoutconnect, unsigned int timeoutremote, qmailr_tls const *qtls, size_t const *eaddrpos, unsigned int n, size_t mxnamepos, char const *storage)
+void run_tls (int fdr, char const *fmtip, unsigned int timeoutconnect, unsigned int timeoutremote, qmailr_tls const *qtls, size_t helopos, size_t const *eaddrpos, unsigned int n, size_t mxnamepos, char const *storage)
 {
   int wstat ;
   pid_t pid ;
@@ -48,7 +48,7 @@ void run_tls (int fdr, char const *fmtip, unsigned int timeoutconnect, unsigned
   char fmtw[UINT_FMT] ;
   char fmtt[UINT_FMT] ;
   char fmtk[UINT_FMT] ;
-  char const *argv[21 + n] ;
+  char const *argv[23 + n] ;
 
   if (fdw == -1) qmailr_tempusys("duplicate file descriptor") ;
   if (pipe(p) == -1) qmailr_tempusys("pipe") ;
@@ -87,6 +87,8 @@ void run_tls (int fdr, char const *fmtip, unsigned int timeoutconnect, unsigned
   argv[m++] = fmtr ;
   argv[m++] = "-7" ;
   argv[m++] = fmtw ;
+  argv[m++] = "--helohost" ;
+  argv[m++] = storage + helopos ;
   argv[m++] = "--" ;
   argv[m++] = fmtip ;
   for (unsigned int i = 0 ; i < n ; i++) argv[m++] = storage + eaddrpos[i] ;