diff options
| author | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-09-12 12:24:52 +0000 |
|---|---|---|
| committer | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-09-12 12:24:52 +0000 |
| commit | 016b1a950a660f5e2b4ba12f4baf9f15e1518167 (patch) | |
| tree | d7d81caef080d844b9f62152200eb9e8527df4bc /usr.sbin | |
| parent | 5a18e63fb8a4af8ff08105c36eab6a9bbaba6fca (diff) | |
Simplify line len checking: use one limit for all SMTP exchanges.
This is not as strict as various RFCs want it, but we can make it
more granular later. For now, let all mails flow by using the
maximum of all limits found in the RFCs.
ok gilles@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/smtpd/smtp_session.c | 47 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpctl.c | 4 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpd.h | 10 |
3 files changed, 25 insertions, 36 deletions
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c index ac75eeace68..5af99291733 100644 --- a/usr.sbin/smtpd/smtp_session.c +++ b/usr.sbin/smtpd/smtp_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtp_session.c,v 1.119 2009/09/12 09:50:31 gilles Exp $ */ +/* $OpenBSD: smtp_session.c,v 1.120 2009/09/12 12:24:51 jacekm Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -65,11 +65,11 @@ void session_rfc4954_auth_plain(struct session *, char *); void session_rfc4954_auth_login(struct session *, char *); void session_read(struct bufferevent *, void *); -void session_read_data(struct session *, char *, size_t); +void session_read_data(struct session *, char *); void session_write(struct bufferevent *, void *); void session_error(struct bufferevent *, short event, void *); -void session_command(struct session *, char *, size_t); -char *session_readline(struct session *, size_t *); +void session_command(struct session *, char *); +char *session_readline(struct session *); void session_respond_delayed(int, short, void *); int session_set_path(struct path *, char *); void session_imsg(struct session *, enum smtp_proc_type, @@ -519,17 +519,11 @@ session_rfc5321_help_handler(struct session *s, char *args) } void -session_command(struct session *s, char *cmd, size_t nr) +session_command(struct session *s, char *cmd) { char *ep, *args; unsigned int i; - if (nr > SMTP_CMDLINE_MAX) { - session_respond(s, "500 Line too long"); - s->s_env->stats->smtp.cmdlinetoolong++; - return; - } - if ((ep = strchr(cmd, ':')) == NULL) ep = strchr(cmd, ' '); if (ep != NULL) { @@ -756,10 +750,9 @@ session_read(struct bufferevent *bev, void *p) { struct session *s = p; char *line; - size_t nr; for (;;) { - line = session_readline(s, &nr); + line = session_readline(s); if (line == NULL) return; @@ -783,11 +776,11 @@ session_read(struct bufferevent *bev, void *p) case S_RCPT: if (s->s_msg.status & S_MESSAGE_TEMPFAILURE) goto tempfail; - session_command(s, line, nr); + session_command(s, line); break; case S_DATACONTENT: - session_read_data(s, line, nr); + session_read_data(s, line); break; default: @@ -806,7 +799,7 @@ tempfail: } void -session_read_data(struct session *s, char *line, size_t nread) +session_read_data(struct session *s, char *line) { size_t len; size_t i; @@ -837,12 +830,6 @@ session_read_data(struct session *s, char *line, size_t nread) if (s->s_msg.status & (S_MESSAGE_PERMFAILURE|S_MESSAGE_TEMPFAILURE)) return; - if (nread > SMTP_DATALINE_MAX) { - s->s_msg.status |= S_MESSAGE_PERMFAILURE; - s->s_env->stats->smtp.datalinetoolong++; - return; - } - /* "If the first character is a period and there are other characters * on the line, the first character is deleted." [4.5.2] */ @@ -997,23 +984,32 @@ session_destroy(struct session *s) } char * -session_readline(struct session *s, size_t *nr) +session_readline(struct session *s) { char *line, *line2; + size_t nr; - *nr = 0; + nr = EVBUFFER_LENGTH(s->s_bev->input); line = evbuffer_readline(s->s_bev->input); if (line == NULL) { - if (EVBUFFER_LENGTH(s->s_bev->input) > SMTP_ANYLINE_MAX) { + if (EVBUFFER_LENGTH(s->s_bev->input) > SMTP_LINE_MAX) { session_respond(s, "500 Line too long"); s->s_env->stats->smtp.linetoolong++; s->s_flags |= F_QUIT; } return NULL; } + nr -= EVBUFFER_LENGTH(s->s_bev->input); if (s->s_flags & F_WRITEONLY) fatalx("session_readline: corrupt session"); + + if (nr > SMTP_LINE_MAX) { + session_respond(s, "500 Line too long"); + s->s_env->stats->smtp.linetoolong++; + s->s_flags |= F_QUIT; + return NULL; + } if ((s->s_state != S_DATACONTENT || strcmp(line, ".") == 0) && (line2 = evbuffer_readline(s->s_bev->input)) != NULL) { @@ -1026,7 +1022,6 @@ session_readline(struct session *s, size_t *nr) return NULL; } - *nr = strlen(line); return line; } diff --git a/usr.sbin/smtpd/smtpctl.c b/usr.sbin/smtpd/smtpctl.c index 639debdc42a..9e0fa589524 100644 --- a/usr.sbin/smtpd/smtpctl.c +++ b/usr.sbin/smtpd/smtpctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpctl.c,v 1.37 2009/09/12 09:38:45 gilles Exp $ */ +/* $OpenBSD: smtpctl.c,v 1.38 2009/09/12 12:24:51 jacekm Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -283,8 +283,6 @@ show_stats_output(struct imsg *imsg) printf("smtp.errors.delays=%zd\n", stats->smtp.delays); printf("smtp.errors.linetoolong=%zd\n", stats->smtp.linetoolong); - printf("smtp.errors.cmdlinetoolong=%zd\n", stats->smtp.cmdlinetoolong); - printf("smtp.errors.datalinetoolong=%zd\n", stats->smtp.datalinetoolong); printf("smtp.errors.read_eof=%zd\n", stats->smtp.read_eof); printf("smtp.errors.read_system=%zd\n", stats->smtp.read_error); printf("smtp.errors.read_timeout=%zd\n", stats->smtp.read_timeout); diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h index 61d46925f88..d9c1993a110 100644 --- a/usr.sbin/smtpd/smtpd.h +++ b/usr.sbin/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.141 2009/09/12 09:38:45 gilles Exp $ */ +/* $OpenBSD: smtpd.h,v 1.142 2009/09/12 12:24:51 jacekm Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -87,10 +87,8 @@ /* how many responses per state are undelayed */ #define FAST_RESPONSES 2 -/* rfc5321 limits */ -#define SMTP_DATALINE_MAX 1000 -#define SMTP_CMDLINE_MAX 512 -#define SMTP_ANYLINE_MAX SMTP_DATALINE_MAX +/* max len of any smtp line */ +#define SMTP_LINE_MAX 16384 #define F_STARTTLS 0x01 #define F_SMTPS 0x02 @@ -665,8 +663,6 @@ struct s_session { size_t toofast; size_t tempfail; size_t linetoolong; - size_t cmdlinetoolong; - size_t datalinetoolong; size_t delays; }; |