eventmachine 0.12.6 → 0.12.8

data/lib/protocols/smtpserver.rb

@@ -1,556 +0,0 @@
-# $Id$
-#
-# Author:: Francis Cianfrocca (gmail: blackhedd)
-# Homepage::  http://rubyeventmachine.com
-# Date:: 16 July 2006
-# 
-# See EventMachine and EventMachine::Connection for documentation and
-# usage examples.
-#
-#----------------------------------------------------------------------------
-#
-# Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
-# Gmail: blackhedd
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of either: 1) the GNU General Public License
-# as published by the Free Software Foundation; either version 2 of the
-# License, or (at your option) any later version; or 2) Ruby's License.
-# 
-# See the file COPYING for complete licensing information.
-#
-#---------------------------------------------------------------------------
-#
-# 
-
-
-#require 'base64'
-
-module EventMachine
-module Protocols
-
-
-=begin
-	This is a protocol handler for the server side of SMTP.
-	It's NOT a complete SMTP server obeying all the semantics of servers conforming to
-	RFC2821. Rather, it uses overridable method stubs to communicate protocol states
-	and data to user code. User code is responsible for doing the right things with the
-	data in order to get complete and correct SMTP server behavior.
-
-	Useful paragraphs in RFC-2821:
-	4.3.2: Concise list of command-reply sequences, in essence a text representation
-	of the command state-machine.
-
-	STARTTLS is defined in RFC2487.
-	Observe that there are important rules governing whether a publicly-referenced server
-	(meaning one whose Internet address appears in public MX records) may require the
-	non-optional use of TLS.
-	Non-optional TLS does not apply to EHLO, NOOP, QUIT or STARTTLS.
-
-=end
-
-	class SmtpServer < EventMachine::Connection
-		include Protocols::LineText2
-
-		HeloRegex = /\AHELO\s*/i
-		EhloRegex = /\AEHLO\s*/i
-		QuitRegex = /\AQUIT/i
-		MailFromRegex = /\AMAIL FROM:\s*/i
-		RcptToRegex = /\ARCPT TO:\s*/i
-		DataRegex = /\ADATA/i
-		NoopRegex = /\ANOOP/i
-		RsetRegex = /\ARSET/i
-		VrfyRegex = /\AVRFY\s+/i
-		ExpnRegex = /\AEXPN\s+/i
-		HelpRegex = /\AHELP/i
-		StarttlsRegex = /\ASTARTTLS/i
-		AuthRegex = /\AAUTH\s+/i
-
-
-		# Class variable containing default parameters that can be overridden
-		# in application code.
-		# Individual objects of this class will make an instance-local copy of
-		# the class variable, so that they can be reconfigured on a per-instance
-		# basis.
-		#
-		# Chunksize is the number of data lines we'll buffer before
-		# sending them to the application. TODO, make this user-configurable.
-		#
-		@@parms = {
-			:chunksize => 4000,
-			:verbose => false
-		}
-		def self.parms= parms={}
-			@@parms.merge!(parms)
-		end
-
-
-
-		def initialize *args
-			super
-			@parms = @@parms
-			init_protocol_state
-		end
-
-		def parms= parms={}
-			@parms.merge!(parms)
-		end
-
-		# In SMTP, the server talks first. But by a (perhaps flawed) axiom in EM,
-		# #post_init will execute BEFORE the block passed to #start_server, for any
-		# given accepted connection. Since in this class we'll probably be getting
-		# a lot of initialization parameters, we want the guts of post_init to
-		# run AFTER the application has initialized the connection object. So we
-		# use a spawn to schedule the post_init to run later.
-		# It's a little weird, I admit. A reasonable alternative would be to set
-		# parameters as a class variable and to do that before accepting any connections.
-		#
-		# OBSOLETE, now we have @@parms. But the spawn is nice to keep as an illustration.
-		#
-		def post_init
-			#send_data "220 #{get_server_greeting}\r\n" (ORIGINAL)
-			#(EM.spawn {|x| x.send_data "220 #{x.get_server_greeting}\r\n"}).notify(self)
-			(EM.spawn {|x| x.send_server_greeting}).notify(self)
-		end
-
-		def send_server_greeting
-			send_data "220 #{get_server_greeting}\r\n"
-		end
-
-		def receive_line ln
-			@@parms[:verbose] and $>.puts ">>> #{ln}"
-			
-			return process_data_line(ln) if @state.include?(:data)
-			
-			case ln
-			when EhloRegex
-				process_ehlo $'.dup
-			when HeloRegex
-				process_helo $'.dup
-			when MailFromRegex
-				process_mail_from $'.dup
-			when RcptToRegex
-				process_rcpt_to $'.dup
-			when DataRegex
-				process_data
-			when RsetRegex
-				process_rset
-			when VrfyRegex
-				process_vrfy
-			when ExpnRegex
-				process_expn
-			when HelpRegex
-				process_help
-			when NoopRegex
-				process_noop
-			when QuitRegex
-				process_quit
-			when StarttlsRegex
-				process_starttls
-			when AuthRegex
-				process_auth $'.dup
-			else
-				process_unknown
-			end
-		end
-
-    # TODO - implement this properly, the implementation is a stub!
-    def process_vrfy
-      send_data "250 Ok, but unimplemented\r\n"
-    end
-    # TODO - implement this properly, the implementation is a stub!
-    def process_help
-      send_data "250 Ok, but unimplemented\r\n"
-    end
-    # TODO - implement this properly, the implementation is a stub!
-    def process_expn
-      send_data "250 Ok, but unimplemented\r\n"
-    end
-
-		#--
-		# This is called at several points to restore the protocol state
-		# to a pre-transaction state. In essence, we "forget" having seen
-		# any valid command except EHLO and STARTTLS.
-		# We also have to callback user code, in case they're keeping track
-		# of senders, recipients, and whatnot.
-		#
-		# We try to follow the convention of avoiding the verb "receive" for
-		# internal method names except receive_line (which we inherit), and
-		# using only receive_xxx for user-overridable stubs.
-		#
-		# init_protocol_state is called when we initialize the connection as
-		# well as during reset_protocol_state. It does NOT call the user
-		# override method. This enables us to promise the users that they
-		# won't see the overridable fire except after EHLO and RSET, and
-		# after a message has been received. Although the latter may be wrong.
-		# The standard may allow multiple DATA segments with the same set of
-		# senders and recipients.
-		#
-		def reset_protocol_state
-			init_protocol_state
-			s,@state = @state,[]
-			@state << :starttls if s.include?(:starttls)
-			@state << :ehlo if s.include?(:ehlo)
-			receive_transaction
-		end
-		def init_protocol_state
-			@state ||= []
-		end
-
-
-		#--
-		# EHLO/HELO is always legal, per the standard. On success
-		# it always clears buffers and initiates a mail "transaction."
-		# Which means that a MAIL FROM must follow.
-		# 
-		# Per the standard, an EHLO/HELO or a RSET "initiates" an email
-		# transaction. Thereafter, MAIL FROM must be received before
-		# RCPT TO, before DATA. Not sure what this specific ordering
-		# achieves semantically, but it does make it easier to 
-		# implement. We also support user-specified requirements for
-		# STARTTLS and AUTH. We make it impossible to proceed to MAIL FROM
-		# without fulfilling tls and/or auth, if the user specified either
-		# or both as required. We need to check the extension standard
-		# for auth to see if a credential is discarded after a RSET along
-		# with all the rest of the state. We'll behave as if it is.
-		# Now clearly, we can't discard tls after its been negotiated
-		# without dropping the connection, so that flag doesn't get cleared.
-		#
-		def process_ehlo domain
-			if receive_ehlo_domain domain
-				send_data "250-#{get_server_domain}\r\n"
-				if @@parms[:starttls]
-					send_data "250-STARTTLS\r\n"
-				end
-				if @@parms[:auth]
-					send_data "250-AUTH PLAIN LOGIN\r\n"
-				end
-				send_data "250-NO-SOLICITING\r\n"
-				# TODO, size needs to be configurable.
-				send_data "250 SIZE 20000000\r\n"
-				reset_protocol_state
-				@state << :ehlo
-			else
-				send_data "550 Requested action not taken\r\n"
-			end
-		end
-
-		def process_helo domain
-			if receive_ehlo_domain domain.dup
-				send_data "250 #{get_server_domain}\r\n"
-				reset_protocol_state
-				@state << :ehlo
-			else
-				send_data "550 Requested action not taken\r\n"
-			end
-		end
-
-		def process_quit
-			send_data "221 Ok\r\n"
-			close_connection_after_writing
-		end
-
-		def process_noop
-			send_data "250 Ok\r\n"
-		end
-
-		def process_unknown
-			send_data "500 Unknown command\r\n"
-		end
-
-		#--
-		# So far, only AUTH PLAIN is supported but we should do at least LOGIN as well.
-		# TODO, support clients that send AUTH PLAIN with no parameter, expecting a 3xx
-		# response and a continuation of the auth conversation.
-		#
-		def process_auth str
-			if @state.include?(:auth)
-				send_data "503 auth already issued\r\n"
-			elsif str =~ /\APLAIN\s+/i
-				plain = ($'.dup).unpack("m").first # Base64::decode64($'.dup)
-				discard,user,psw = plain.split("\000")
-				if receive_plain_auth user,psw
-					send_data "235 authentication ok\r\n"
-					@state << :auth
-				else
-					send_data "535 invalid authentication\r\n"
-				end
-			#elsif str =~ /\ALOGIN\s+/i
-			else
-				send_data "504 auth mechanism not available\r\n"
-			end
-		end
-
-		#--
-		# Unusually, we can deal with a Deferrable returned from the user application.
-		# This was added to deal with a special case in a particular application, but
-		# it would be a nice idea to add it to the other user-code callbacks.
-		#
-		def process_data
-			unless @state.include?(:rcpt)
-				send_data "503 Operation sequence error\r\n"
-			else
-				succeeded = proc {
-					send_data "354 Send it\r\n"
-					@state << :data
-					@databuffer = []
-				}
-				failed = proc {
-					send_data "550 Operation failed\r\n"
-				}
-
-				d = receive_data_command
-
-				if d.respond_to?(:callback)
-					d.callback(&succeeded)
-					d.errback(&failed)
-				else
-					(d ? succeeded : failed).call
-				end
-			end
-		end
-
-		def process_rset
-			reset_protocol_state
-			receive_reset
-			send_data "250 Ok\r\n"
-		end
-
-		def unbind
-			connection_ended
-		end
-
-		#--
-		# STARTTLS may not be issued before EHLO, or unless the user has chosen
-		# to support it.
-		# TODO, must support user-supplied certificates.
-		#
-		def process_starttls
-			if @@parms[:starttls]
-				if @state.include?(:starttls)
-					send_data "503 TLS Already negotiated\r\n"
-				elsif ! @state.include?(:ehlo)
-					send_data "503 EHLO required before STARTTLS\r\n"
-				else
-					send_data "220 Start TLS negotiation\r\n"
-					start_tls
-					@state << :starttls
-				end
-			else
-				process_unknown
-			end
-		end
-
-
-		#--
-		# Requiring TLS is touchy, cf RFC2784.
-		# Requiring AUTH seems to be much more reasonable.
-		# We don't currently support any notion of deriving an authentication from the TLS
-		# negotiation, although that would certainly be reasonable.
-		# We DON'T allow MAIL FROM to be given twice.
-		# We DON'T enforce all the various rules for validating the sender or
-		# the reverse-path (like whether it should be null), and notifying the reverse
-		# path in case of delivery problems. All of that is left to the calling application.
-		#
-		def process_mail_from sender
-			if (@@parms[:starttls]==:required and !@state.include?(:starttls))
-				send_data "550 This server requires STARTTLS before MAIL FROM\r\n"
-			elsif (@@parms[:auth]==:required and !@state.include?(:auth))
-				send_data "550 This server requires authentication before MAIL FROM\r\n"
-			elsif @state.include?(:mail_from)
-				send_data "503 MAIL already given\r\n"
-			else
-				unless receive_sender sender
-					send_data "550 sender is unacceptable\r\n"
-				else
-					send_data "250 Ok\r\n"
-					@state << :mail_from
-				end
-			end
-		end
-
-		#--
-		# Since we require :mail_from to have been seen before we process RCPT TO,
-		# we don't need to repeat the tests for TLS and AUTH.
-		# Note that we don't remember or do anything else with the recipients.
-		# All of that is on the user code.
-		# TODO: we should enforce user-definable limits on the total number of
-		# recipients per transaction.
-		# We might want to make sure that a given recipient is only seen once, but
-		# for now we'll let that be the user's problem.
-		#
-		# User-written code can return a deferrable from receive_recipient.
-		#
-		def process_rcpt_to rcpt
-			unless @state.include?(:mail_from)
-				send_data "503 MAIL is required before RCPT\r\n"
-			else
-				succeeded = proc {
-					send_data "250 Ok\r\n"
-					@state << :rcpt unless @state.include?(:rcpt)
-				}
-				failed = proc {
-					send_data "550 recipient is unacceptable\r\n"
-				}
-
-				d = receive_recipient rcpt
-
-				if d.respond_to?(:set_deferred_status)
-					d.callback(&succeeded)
-					d.errback(&failed)
-				else
-					(d ? succeeded : failed).call
-				end
-
-=begin
-				unless receive_recipient rcpt
-					send_data "550 recipient is unacceptable\r\n"
-				else
-					send_data "250 Ok\r\n"
-					@state << :rcpt unless @state.include?(:rcpt)
-				end
-=end
-			end
-		end
-
-
-		# Send the incoming data to the application one chunk at a time, rather than
-		# one line at a time. That lets the application be a little more flexible about
-		# storing to disk, etc.
-		# Since we clear the chunk array every time we submit it, the caller needs to be
-		# aware to do things like dup it if he wants to keep it around across calls.
-		#
-		# DON'T reset the transaction upon disposition of the incoming message.
-		# This means another DATA command can be accepted with the same sender and recipients.
-		# If the client wants to reset, he can call RSET.
-		# Not sure whether the standard requires a transaction-reset at this point, but it
-		# appears not to.
-		#
-		# User-written code can return a Deferrable as a response from receive_message.
-		#
-		def process_data_line ln
-			if ln == "."
-				if @databuffer.length > 0
-					receive_data_chunk @databuffer
-					@databuffer.clear
-				end
-
-
-				succeeded = proc {
-					send_data "250 Message accepted\r\n"
-				}
-				failed = proc {
-					send_data "550 Message rejected\r\n"
-				}
-
-				d = receive_message
-
-				if d.respond_to?(:set_deferred_status)
-					d.callback(&succeeded)
-					d.errback(&failed)
-				else
-					(d ? succeeded : failed).call
-				end
-
-				@state.delete :data
-			else
-				# slice off leading . if any
-				ln.slice!(0...1) if ln[0] == 46
-				@databuffer << ln
-				if @databuffer.length > @@parms[:chunksize]
-					receive_data_chunk @databuffer
-					@databuffer.clear
-				end
-			end
-		end
-
-
-		#------------------------------------------
-		# Everything from here on can be overridden in user code.
-
-		# The greeting returned in the initial connection message to the client.
-		def get_server_greeting
-			"EventMachine SMTP Server"
-		end
-		# The domain name returned in the first line of the response to a
-		# successful EHLO or HELO command.
-		def get_server_domain
-			"Ok EventMachine SMTP Server"
-		end
-
-		# A false response from this user-overridable method will cause a
-		# 550 error to be returned to the remote client.
-		#
-		def receive_ehlo_domain domain
-			true
-		end
-
-		# Return true or false to indicate that the authentication is acceptable.
-		def receive_plain_auth user, password
-			true
-		end
-
-		# Receives the argument of the MAIL FROM command. Return false to
-		# indicate to the remote client that the sender is not accepted.
-		# This can only be successfully called once per transaction.
-		#
-		def receive_sender sender
-			true
-		end
-
-		# Receives the argument of a RCPT TO command. Can be given multiple
-		# times per transaction. Return false to reject the recipient.
-		#
-		def receive_recipient rcpt
-			true
-		end
-
-		# Sent when the remote peer issues the RSET command.
-		# Since RSET is not allowed to fail (according to the protocol),
-		# we ignore any return value from user overrides of this method.
-		#
-		def receive_reset
-		end
-
-		# Sent when the remote peer has ended the connection.
-		#
-		def connection_ended
-		end
-
-		# Called when the remote peer sends the DATA command.
-		# Returning false will cause us to send a 550 error to the peer.
-		# This can be useful for dealing with problems that arise from processing
-		# the whole set of sender and recipients.
-		#
-		def receive_data_command
-			true
-		end
-
-		# Sent when data from the remote peer is available. The size can be controlled
-		# by setting the :chunksize parameter. This call can be made multiple times.
-		# The goal is to strike a balance between sending the data to the application one
-		# line at a time, and holding all of a very large message in memory.
-		#
-		def receive_data_chunk data
-			@smtps_msg_size ||= 0
-			@smtps_msg_size += data.join.length
-			STDERR.write "<#{@smtps_msg_size}>"
-		end
-
-		# Sent after a message has been completely received. User code
-		# must return true or false to indicate whether the message has
-		# been accepted for delivery.
-		def receive_message
-			@@parms[:verbose] and $>.puts "Received complete message"
-			true
-		end
-
-		# This is called when the protocol state is reset. It happens
-		# when the remote client calls EHLO/HELO or RSET.
-		def receive_transaction
-		end
-	end
-end
-end
-
-