fix a logic bug in ruleset matching that makes `from socket` rules possibly

crash depending on how the ruleset is crafted.

2 files changed, 8 insertions, 5 deletions

diff --git a/usr.sbin/smtpd/ruleset.c b/usr.sbin/smtpd/ruleset.c
index 0468ddb3dc7..db9d1aa57fe 100644
--- a/usr.sbin/smtpd/ruleset.c
+++ b/usr.sbin/smtpd/ruleset.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ruleset.c,v 1.45 2019/11/04 00:05:38 gilles Exp $ */
+/*	$OpenBSD: ruleset.c,v 1.46 2019/11/12 20:21:46 gilles Exp $ */
 
 /*
  * Copyright (c) 2009 Gilles Chehade <gilles@poolp.org>
@@ -84,9 +84,12 @@ ruleset_match_from(struct rule *r, const struct envelope *evp)
 	}
 	else {
 		key = ss_to_text(&evp->ss);
-		if (strcmp(key, "local") == 0)
-			if (r->flag_from_socket)
+		if (r->flag_from_socket) {
+			if (strcmp(key, "local") == 0)
 				return MATCH_RESULT(1, r->flag_from);
+			else
+				return r->flag_from < 0 ? 1 : 0;
+		}
 	}
 	if (r->flag_from_regex)
 		service = K_REGEX;
diff --git a/usr.sbin/smtpd/to.c b/usr.sbin/smtpd/to.c
index addeda1c0a1..052a2354c2c 100644
--- a/usr.sbin/smtpd/to.c
+++ b/usr.sbin/smtpd/to.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: to.c,v 1.43 2019/09/19 16:00:59 gilles Exp $	*/
+/*	$OpenBSD: to.c,v 1.44 2019/11/12 20:21:46 gilles Exp $	*/
 
 /*
  * Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net>
@@ -474,7 +474,7 @@ rule_to_text(struct rule *r)
 			(void)strlcat(buf, " !", sizeof buf);
 		if (r->flag_from_socket)
 			(void)strlcat(buf, " from socket", sizeof buf);
-		if (r->flag_from_rdns) {
+		else if (r->flag_from_rdns) {
 			(void)strlcat(buf, " from rdns", sizeof buf);
 			if (r->table_from) {
 				(void)strlcat(buf, " ", sizeof buf);