diff options
| author |   gilles <gilles@openbsd.org> | 2018-12-28 07:29:49 +0000 |
|---|---|---|
| committer | gilles <gilles@openbsd.org> | 2018-12-28 07:29:49 +0000 |
| commit | a9213e5faba3106d6299e54dd7cff9d9cbf5e5dc (patch) | |
| tree | ae352e7c397569f48fad4b3c98bebc9355f76d7c | |
| parent | add some notes about using col and ul to process the ascii markup (diff) | |
| download | wireguard-openbsd-a9213e5faba3106d6299e54dd7cff9d9cbf5e5dc.tar.xz wireguard-openbsd-a9213e5faba3106d6299e54dd7cff9d9cbf5e5dc.zip | |
move the smtp_mailaddr() calls _before_ filters indirection as filters MUST
only receive valid MAIL FROM and RCPT TO parameters.
| -rw-r--r-- | usr.sbin/smtpd/smtp_session.c | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c index f3dba8c430d..5368a5c4814 100644 --- a/usr.sbin/smtpd/smtp_session.c +++ b/usr.sbin/smtpd/smtp_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtp_session.c,v 1.381 2018/12/26 11:29:13 gilles Exp $ */ +/* $OpenBSD: smtp_session.c,v 1.382 2018/12/28 07:29:49 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> @@ -1457,6 +1457,12 @@ smtp_check_starttls(struct smtp_session *s, const char *args) static int smtp_check_mail_from(struct smtp_session *s, const char *args) { + char *copy; + char tmp[SMTP_LINE_MAX]; + + (void)strlcpy(tmp, args, sizeof tmp); + copy = tmp; + if (s->helo[0] == '\0' || s->tx) { smtp_reply(s, "503 %s %s: Command not allowed at this point.", esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), @@ -1497,12 +1503,26 @@ smtp_check_mail_from(struct smtp_session *s, const char *args) return 0; } + if (smtp_mailaddr(&s->tx->evp.sender, copy, 1, ©, + s->tx->session->smtpname) == 0) { + smtp_reply(s, "553 %s: Sender address syntax error", + esc_code(ESC_STATUS_PERMFAIL, ESC_OTHER_ADDRESS_STATUS)); + smtp_tx_free(s->tx); + return 0; + } + return 1; } static int smtp_check_rcpt_to(struct smtp_session *s, const char *args) { + char *copy; + char tmp[SMTP_LINE_MAX]; + + (void)strlcpy(tmp, args, sizeof tmp); + copy = tmp; + if (s->tx == NULL) { smtp_reply(s, "503 %s %s: Command not allowed at this point.", esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), @@ -1510,6 +1530,22 @@ smtp_check_rcpt_to(struct smtp_session *s, const char *args) return 0; } + if (s->tx->rcptcount >= env->sc_session_max_rcpt) { + smtp_reply(s->tx->session, "451 %s %s: Too many recipients", + esc_code(ESC_STATUS_TEMPFAIL, ESC_TOO_MANY_RECIPIENTS), + esc_description(ESC_TOO_MANY_RECIPIENTS)); + return 0; + } + + if (smtp_mailaddr(&s->tx->evp.rcpt, copy, 0, ©, + s->tx->session->smtpname) == 0) { + smtp_reply(s->tx->session, + "501 %s: Recipient address syntax error", + esc_code(ESC_STATUS_PERMFAIL, + ESC_BAD_DESTINATION_MAILBOX_ADDRESS_SYNTAX)); + return 0; + } + return 1; } |