From e38eac354dfb09bb763637a463a9e7e42aab3360 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 25 Jan 2013 18:56:21 +0000 Subject: [PATCH] Fix MAIL TO option parsing for the case where the envelope-from has embedded space. The current code order of parsing the options off the tail prior to taking the address off the front seems bogus. At best the option parser has to deal with the address and discover it is not a known option. When the address localpart has spaces (legal, if the localparte is quoted) confusion ensues as the option-parser is not aware of the address quoting rules. --- src/src/smtp_in.c | 18 +++++------ test/log/2002 | 5 ++- test/log/2102 | 5 ++- test/mail/2002.CALLER | 14 ++++++++- test/mail/2102.CALLER | 14 ++++++++- test/scripts/0000-Basic/0121 | 3 ++ test/scripts/2000-GnuTLS/2002 | 23 ++++++++++++++ test/scripts/2100-OpenSSL/2102 | 23 ++++++++++++++ test/stderr/0121 | 14 +++++++++ test/stdout/0121 | 5 +++ test/stdout/2002 | 40 +++++++++++++++++++++++- test/stdout/2102 | 56 +++++++++++++++++++++++++++++++++- 12 files changed, 203 insertions(+), 17 deletions(-) diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 753f0955b..e630b1498 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -3315,17 +3315,12 @@ while (done <= 0) } if (mail_args->need_value && strcmpic(value, US"") == 0) break; - /* This doesn't seem right to use - if ((char *)mail_args >= (char *)env_mail_type_list + sizeof(env_mail_type_list)) - goto BAD_MAIL_ARGS; - */ switch(mail_args->value) { /* Handle SIZE= by reading the value. We don't do the check till later, in order to be able to log the sender address on failure. */ case ENV_MAIL_OPT_SIZE: - /* if (strcmpic(name, US"SIZE") == 0 && */ if (((size = Ustrtoul(value, &end, 10)), *end == 0)) { if ((size == ULONG_MAX && errno == ERANGE) || size > INT_MAX) @@ -3377,8 +3372,8 @@ while (done <= 0) if (auth_xtextdecode(value, &authenticated_sender) < 0) { /* Put back terminator overrides for error message */ - name[-1] = ' '; value[-1] = '='; + name[-1] = ' '; done = synprot_error(L_smtp_syntax_error, 501, NULL, US"invalid data for AUTH"); goto COMMAND_LOOP; @@ -3421,8 +3416,8 @@ while (done <= 0) overrides for error message */ default: - name[-1] = ' '; value[-1] = '='; + name[-1] = ' '; (void)smtp_handle_acl_fail(ACL_WHERE_MAILAUTH, rc, user_msg, log_msg); goto COMMAND_LOOP; @@ -3438,12 +3433,13 @@ while (done <= 0) #endif /* Unknown option. Stick back the terminator characters and break - the loop. An error for a malformed address will occur. */ + the loop. Do the name-terminator second as extract_option sets + value==name when it found no space. + An error for a malformed address will occur. */ default: - /* BAD_MAIL_ARGS: */ -BAD_MAIL_ARGS: - name[-1] = ' '; value[-1] = '='; + name[-1] = ' '; + arg_error = TRUE; break; } /* Break out of for loop if switch() had bad argument or diff --git a/test/log/2002 b/test/log/2002 index 4b0512a14..774495514 100644 --- a/test/log/2002 +++ b/test/log/2002 @@ -1,10 +1,13 @@ 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 S=sss +1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 S=sss 1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (gnutls_handshake): The peer did not send any certificate. -1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER R=abc T=local_delivery 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 10HmaY-0005vi-00 => CALLER R=abc T=local_delivery 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 => CALLER R=abc T=local_delivery +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/log/2102 b/test/log/2102 index a0d9fc205..da4ee49d7 100644 --- a/test/log/2102 +++ b/test/log/2102 @@ -1,11 +1,14 @@ 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@test.ex H=[127.0.0.1] P=smtps X=TLSv1:AES256-SHA:256 S=sss +1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLSv1:AES256-SHA:256 S=sss 1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (SSL_accept): error: <> 1999-03-02 09:44:33 TLS client disconnected cleanly (rejected our certificate?) -1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLSv1:AES256-SHA:256 DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" S=sss +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLSv1:AES256-SHA:256 DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" S=sss 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER R=abc T=local_delivery 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 10HmaY-0005vi-00 => CALLER R=abc T=local_delivery 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 => CALLER R=abc T=local_delivery +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/mail/2002.CALLER b/test/mail/2002.CALLER index cc606bb0e..a4e0dd526 100644 --- a/test/mail/2002.CALLER +++ b/test/mail/2002.CALLER @@ -10,12 +10,24 @@ TLS: cipher=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 peerdn= This is a test encrypted message. +From "name with spaces"@test.ex Tue Mar 02 09:44:33 1999 +Received: from [127.0.0.1] + by myhost.test.ex with smtps (TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256) + (Exim x.yz) + (envelope-from <"name with spaces"@test.ex>) + id 10HmaY-0005vi-00 + for CALLER@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +tls-certificate-verified: 0 +TLS: cipher=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 peerdn= + +This is a test encrypted message. + From CALLER@test.ex Tue Mar 02 09:44:33 1999 Received: from [ip4.ip4.ip4.ip4] by myhost.test.ex with smtps (TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256) (Exim x.yz) (envelope-from ) - id 10HmaY-0005vi-00 + id 10HmaZ-0005vi-00 for CALLER@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 tls-certificate-verified: 1 TLS: cipher=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 peerdn=C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock diff --git a/test/mail/2102.CALLER b/test/mail/2102.CALLER index 0a2adcf1c..e4be6a342 100644 --- a/test/mail/2102.CALLER +++ b/test/mail/2102.CALLER @@ -10,12 +10,24 @@ TLS: cipher=TLSv1:AES256-SHA:256 peerdn= This is a test encrypted message. +From "name with spaces"@test.ex Tue Mar 02 09:44:33 1999 +Received: from [127.0.0.1] + by myhost.test.ex with smtps (TLSv1:AES256-SHA:256) + (Exim x.yz) + (envelope-from <"name with spaces"@test.ex>) + id 10HmaY-0005vi-00 + for CALLER@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +tls-certificate-verified: 0 +TLS: cipher=TLSv1:AES256-SHA:256 peerdn= + +This is a test encrypted message. + From CALLER@test.ex Tue Mar 02 09:44:33 1999 Received: from [ip4.ip4.ip4.ip4] by myhost.test.ex with smtps (TLSv1:AES256-SHA:256) (Exim x.yz) (envelope-from ) - id 10HmaY-0005vi-00 + id 10HmaZ-0005vi-00 for CALLER@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 tls-certificate-verified: 1 TLS: cipher=TLSv1:AES256-SHA:256 peerdn=/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock diff --git a/test/scripts/0000-Basic/0121 b/test/scripts/0000-Basic/0121 index 4bcb99b47..9ff68fa13 100644 --- a/test/scripts/0000-Basic/0121 +++ b/test/scripts/0000-Basic/0121 @@ -6,6 +6,9 @@ rset mail from: rcpt to: rset +mail from:<"unknown with spaces"@test.ex> +rcpt to: +rset mail from: rcpt to: data diff --git a/test/scripts/2000-GnuTLS/2002 b/test/scripts/2000-GnuTLS/2002 index 06e1a8257..06a7b31d0 100644 --- a/test/scripts/2000-GnuTLS/2002 +++ b/test/scripts/2000-GnuTLS/2002 @@ -25,6 +25,29 @@ This is a test encrypted message. quit ??? 221 **** +client-gnutls 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<"name with spaces"@test.ex> +??? 250 +rcpt to: +??? 250 +DATA +??? 3 +This is a test encrypted message. +. +??? 250 +quit +??? 221 +**** client-gnutls HOSTIPV4 PORT_D ??? 220 ehlo rhu.barb diff --git a/test/scripts/2100-OpenSSL/2102 b/test/scripts/2100-OpenSSL/2102 index 7f9279acd..2e7dca0a6 100644 --- a/test/scripts/2100-OpenSSL/2102 +++ b/test/scripts/2100-OpenSSL/2102 @@ -24,6 +24,29 @@ This is a test encrypted message. quit ??? 221 **** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<"name with spaces"@test.ex> +??? 250 +rcpt to: +??? 250 +DATA +??? 3 +This is a test encrypted message. +. +??? 250 +quit +??? 221 +**** client-ssl HOSTIPV4 PORT_D ??? 220 ehlo rhu.barb diff --git a/test/stderr/0121 b/test/stderr/0121 index c7fcec401..39cdfba9b 100644 --- a/test/stderr/0121 +++ b/test/stderr/0121 @@ -38,6 +38,20 @@ LOG: H=[127.0.0.1] F= rejected RCPT : Send >>> processing "require" >>> check verify = sender >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +>>> routing "unknown with spaces"@test.ex +>>> test.ex in "test.ex"? yes (matched "test.ex") +>>> test.ex in "! +local_domains"? no (matched "! +local_domains") +>>> unknown with spaces in "defer"? no (end of list) +>>> unknown with spaces in "userx"? no (end of list) +>>> no more routers +>>> ----------- end verify ------------ +>>> require: condition test failed in ACL "check_recipient" +LOG: H=[127.0.0.1] sender verify fail for <"unknown with spaces"@test.ex>: Unrouteable address +LOG: H=[127.0.0.1] F=<"unknown with spaces"@test.ex> rejected RCPT : Sender verify failed +>>> using ACL "check_recipient" +>>> processing "require" +>>> check verify = sender +>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing userx@test.ex >>> test.ex in "test.ex"? yes (matched "test.ex") >>> test.ex in "! +local_domains"? no (matched "! +local_domains") diff --git a/test/stdout/0121 b/test/stdout/0121 index 7ef5e4024..5e3968243 100644 --- a/test/stdout/0121 +++ b/test/stdout/0121 @@ -15,6 +15,11 @@ 550 Sender verify failed 250 Reset OK 250 OK +550-Verification failed for <"unknown with spaces"@test.ex> +550-Unrouteable address +550 Sender verify failed +250 Reset OK +250 OK 250 Accepted 354 Enter message, ending with "." on a line by itself 550 Administrative prohibition diff --git a/test/stdout/2002 b/test/stdout/2002 index 7b2a47fca..a248be7c0 100644 --- a/test/stdout/2002 +++ b/test/stdout/2002 @@ -36,6 +36,44 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu.barb +??? 250- +<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Succeeded in starting TLS +>>> mail from:<"name with spaces"@test.ex> +??? 250 +<<< 250 OK +>>> rcpt to: +??? 250 +<<< 250 Accepted +>>> DATA +??? 3 +<<< 354 Enter message, ending with "." on a line by itself +>>> This is a test encrypted message. +>>> . +??? 250 +<<< 250 OK id=10HmaY-0005vi-00 +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 @@ -93,7 +131,7 @@ Succeeded in starting TLS >>> This is a test encrypted message from a verified host. >>> . ??? 250 -<<< 250 OK id=10HmaY-0005vi-00 +<<< 250 OK id=10HmaZ-0005vi-00 >>> quit ??? 221 <<< 221 myhost.test.ex closing connection diff --git a/test/stdout/2102 b/test/stdout/2102 index d3c18a8bf..23c39cdf4 100644 --- a/test/stdout/2102 +++ b/test/stdout/2102 @@ -52,6 +52,60 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu.barb +??? 250- +<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +SSL info: before/connect initialization +SSL info: before/connect initialization +SSL info: SSLv2/v3 write client hello A +SSL info: SSLv3 read server hello A +SSL info: SSLv3 read server certificate A +SSL info: SSLv3 read server key exchange A +SSL info: SSLv3 read server done A +SSL info: SSLv3 write client key exchange A +SSL info: SSLv3 write change cipher spec A +SSL info: SSLv3 write finished A +SSL info: SSLv3 flush data +SSL info: SSLv3 read server session ticket A +SSL info: SSLv3 read finished A +SSL info: SSL negotiation finished successfully +SSL info: SSL negotiation finished successfully +SSL connection using AES256-SHA +Succeeded in starting TLS +>>> mail from:<"name with spaces"@test.ex> +??? 250 +<<< 250 OK +>>> rcpt to: +??? 250 +<<< 250 Accepted +>>> DATA +??? 3 +<<< 354 Enter message, ending with "." on a line by itself +>>> This is a test encrypted message. +>>> . +??? 250 +<<< 250 OK id=10HmaY-0005vi-00 +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 @@ -144,7 +198,7 @@ Succeeded in starting TLS >>> This is a test encrypted message from a verified host. >>> . ??? 250 -<<< 250 OK id=10HmaY-0005vi-00 +<<< 250 OK id=10HmaZ-0005vi-00 >>> quit ??? 221 <<< 221 myhost.test.ex closing connection -- 2.30.2