rpms/dovecot
7
0
Fork 0
Code Issues Pull Requests Releases Activity
552325dc66
dovecot/SOURCES/dovecot-2.3.10-CVE_2020_10957p6.patch
CentOS Sources e53206ba8d import dovecot-2.3.8-2.el8_2.1
2021-09-09 16:10:28 +00:00

341 lines
7.7 KiB
Diff
Raw Blame History

From f206dc478d1b22183f645ea8c98ffe3712e106b2 Mon Sep 17 00:00:00 2001
From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Tue, 24 Mar 2020 22:33:45 +0100
Subject: [PATCH] lib-smtp: test-smtp-server-errors - Add tests for VRFY and
NOOP commands with invalid parameters.
---
src/lib-smtp/test-smtp-server-errors.c | 312 +++++++++++++++++++++++++
1 file changed, 312 insertions(+)
diff --git a/src/lib-smtp/test-smtp-server-errors.c b/src/lib-smtp/test-smtp-server-errors.c
index 759c332d88..13d3b97def 100644
--- a/src/lib-smtp/test-smtp-server-errors.c
+++ b/src/lib-smtp/test-smtp-server-errors.c
@@ -1273,6 +1273,316 @@ static void test_bad_rcpt(void)
test_end();
}
+/*
+ * Bad VRFY
+ */
+
+/* client */
+
+struct _bad_vrfy_client {
+ struct smtp_reply_parser *parser;
+ unsigned int reply;
+
+ bool replied:1;
+};
+
+static void
+test_bad_vrfy_client_input(struct client_connection *conn)
+{
+ struct _bad_vrfy_client *ctx = conn->context;
+ struct smtp_reply *reply;
+ const char *error;
+ int ret;
+
+ while ((ret = smtp_reply_parse_next(ctx->parser, FALSE,
+ &reply, &error)) > 0) {
+ if (debug)
+ i_debug("REPLY: %s", smtp_reply_log(reply));
+
+ switch (ctx->reply++) {
+ case 0: /* greeting */
+ i_assert(reply->status == 220);
+ break;
+ case 1: /* bad command reply */
+ switch (client_index) {
+ case 0: case 1: case 2:
+ i_assert(reply->status == 501);
+ break;
+ case 3:
+ i_assert(smtp_reply_is_success(reply));
+ break;
+ default:
+ i_unreached();
+ }
+ ctx->replied = TRUE;
+ io_loop_stop(ioloop);
+ connection_disconnect(&conn->conn);
+ return;
+ default:
+ i_unreached();
+ }
+ }
+
+ i_assert(ret == 0);
+}
+
+static void
+test_bad_vrfy_client_connected(struct client_connection *conn)
+{
+ struct _bad_vrfy_client *ctx;
+
+ ctx = p_new(conn->pool, struct _bad_vrfy_client, 1);
+ ctx->parser = smtp_reply_parser_init(conn->conn.input, (size_t)-1);
+ conn->context = ctx;
+
+ switch (client_index) {
+ case 0:
+ o_stream_nsend_str(conn->conn.output,
+ "VRFY\r\n");
+ break;
+ case 1:
+ o_stream_nsend_str(conn->conn.output,
+ "VRFY \"hendrik\r\n");
+ break;
+ case 2:
+ o_stream_nsend_str(conn->conn.output,
+ "VRFY hen\"drik\r\n");
+ break;
+ case 3:
+ o_stream_nsend_str(conn->conn.output,
+ "VRFY \"hendrik\"\r\n");
+ break;
+ default:
+ i_unreached();
+ }
+}
+
+static void
+test_bad_vrfy_client_deinit(struct client_connection *conn)
+{
+ struct _bad_vrfy_client *ctx = conn->context;
+
+ i_assert(ctx->replied);
+ smtp_reply_parser_deinit(&ctx->parser);
+}
+
+static void test_client_bad_vrfy(unsigned int index)
+{
+ test_client_input = test_bad_vrfy_client_input;
+ test_client_connected = test_bad_vrfy_client_connected;
+ test_client_deinit = test_bad_vrfy_client_deinit;
+ test_client_run(index);
+}
+
+/* server */
+
+static void
+test_server_bad_vrfy_disconnect(void *context ATTR_UNUSED, const char *reason)
+{
+ if (debug)
+ i_debug("Disconnect: %s", reason);
+}
+
+static int
+test_server_bad_vrfy_rcpt(void *conn_ctx ATTR_UNUSED,
+ struct smtp_server_cmd_ctx *cmd ATTR_UNUSED,
+ struct smtp_server_recipient *rcpt ATTR_UNUSED)
+{
+ test_assert(FALSE);
+ return 1;
+}
+
+static int
+test_server_bad_vrfy_data_begin(
+ void *conn_ctx ATTR_UNUSED, struct smtp_server_cmd_ctx *cmd ATTR_UNUSED,
+ struct smtp_server_transaction *trans ATTR_UNUSED,
+ struct istream *data_input ATTR_UNUSED)
+{
+ test_assert(FALSE);
+ return 1;
+}
+
+static void
+test_server_bad_vrfy(const struct smtp_server_settings *server_set)
+{
+ server_callbacks.conn_disconnect = test_server_bad_vrfy_disconnect;
+
+ server_callbacks.conn_cmd_rcpt = test_server_bad_vrfy_rcpt;
+ server_callbacks.conn_cmd_data_begin = test_server_bad_vrfy_data_begin;
+ test_server_run(server_set);
+}
+
+/* test */
+
+static void test_bad_vrfy(void)
+{
+ struct smtp_server_settings smtp_server_set;
+
+ test_server_defaults(&smtp_server_set);
+ smtp_server_set.max_client_idle_time_msecs = 1000;
+
+ test_begin("bad VRFY");
+ test_run_client_server(&smtp_server_set,
+ test_server_bad_vrfy,
+ test_client_bad_vrfy, 4);
+ test_end();
+}
+
+/*
+ * Bad NOOP
+ */
+
+/* client */
+
+struct _bad_noop_client {
+ struct smtp_reply_parser *parser;
+ unsigned int reply;
+
+ bool replied:1;
+};
+
+static void
+test_bad_noop_client_input(struct client_connection *conn)
+{
+ struct _bad_noop_client *ctx = conn->context;
+ struct smtp_reply *reply;
+ const char *error;
+ int ret;
+
+ while ((ret = smtp_reply_parse_next(ctx->parser, FALSE,
+ &reply, &error)) > 0) {
+ if (debug)
+ i_debug("REPLY: %s", smtp_reply_log(reply));
+
+ switch (ctx->reply++) {
+ case 0: /* greeting */
+ i_assert(reply->status == 220);
+ break;
+ case 1: /* bad command reply */
+ switch (client_index) {
+ case 1: case 2:
+ i_assert(reply->status == 501);
+ break;
+ case 0: case 3:
+ i_assert(smtp_reply_is_success(reply));
+ break;
+ default:
+ i_unreached();
+ }
+ ctx->replied = TRUE;
+ io_loop_stop(ioloop);
+ connection_disconnect(&conn->conn);
+ return;
+ default:
+ i_unreached();
+ }
+ }
+
+ i_assert(ret == 0);
+}
+
+static void
+test_bad_noop_client_connected(struct client_connection *conn)
+{
+ struct _bad_noop_client *ctx;
+
+ ctx = p_new(conn->pool, struct _bad_noop_client, 1);
+ ctx->parser = smtp_reply_parser_init(conn->conn.input, (size_t)-1);
+ conn->context = ctx;
+
+ switch (client_index) {
+ case 0:
+ o_stream_nsend_str(conn->conn.output,
+ "NOOP\r\n");
+ break;
+ case 1:
+ o_stream_nsend_str(conn->conn.output,
+ "NOOP \"frop\r\n");
+ break;
+ case 2:
+ o_stream_nsend_str(conn->conn.output,
+ "NOOP fr\"op\r\n");
+ break;
+ case 3:
+ o_stream_nsend_str(conn->conn.output,
+ "NOOP \"frop\"\r\n");
+ break;
+ default:
+ i_unreached();
+ }
+}
+
+static void
+test_bad_noop_client_deinit(struct client_connection *conn)
+{
+ struct _bad_noop_client *ctx = conn->context;
+
+ i_assert(ctx->replied);
+ smtp_reply_parser_deinit(&ctx->parser);
+}
+
+static void test_client_bad_noop(unsigned int index)
+{
+ test_client_input = test_bad_noop_client_input;
+ test_client_connected = test_bad_noop_client_connected;
+ test_client_deinit = test_bad_noop_client_deinit;
+ test_client_run(index);
+}
+
+/* server */
+
+static void
+test_server_bad_noop_disconnect(void *context ATTR_UNUSED, const char *reason)
+{
+ if (debug)
+ i_debug("Disconnect: %s", reason);
+}
+
+static int
+test_server_bad_noop_rcpt(void *conn_ctx ATTR_UNUSED,
+ struct smtp_server_cmd_ctx *cmd ATTR_UNUSED,
+ struct smtp_server_recipient *rcpt ATTR_UNUSED)
+{
+ test_assert(FALSE);
+ return 1;
+}
+
+static int
+test_server_bad_noop_data_begin(
+ void *conn_ctx ATTR_UNUSED, struct smtp_server_cmd_ctx *cmd ATTR_UNUSED,
+ struct smtp_server_transaction *trans ATTR_UNUSED,
+ struct istream *data_input ATTR_UNUSED)
+{
+ test_assert(FALSE);
+ return 1;
+}
+
+static void
+test_server_bad_noop(const struct smtp_server_settings *server_set)
+{
+ server_callbacks.conn_disconnect = test_server_bad_noop_disconnect;
+
+ server_callbacks.conn_cmd_rcpt = test_server_bad_noop_rcpt;
+ server_callbacks.conn_cmd_data_begin = test_server_bad_noop_data_begin;
+ test_server_run(server_set);
+}
+
+/* test */
+
+static void test_bad_noop(void)
+{
+ struct smtp_server_settings smtp_server_set;
+
+ test_server_defaults(&smtp_server_set);
+ smtp_server_set.max_client_idle_time_msecs = 1000;
+
+ test_begin("bad NOOP");
+ test_run_client_server(&smtp_server_set,
+ test_server_bad_noop,
+ test_client_bad_noop, 4);
+ test_end();
+}
+
/*
* MAIL workarounds
*/
@@ -2246,6 +2556,8 @@ static void (*const test_functions[])(void) = {
test_bad_ehlo,
test_bad_mail,
test_bad_rcpt,
+ test_bad_vrfy,
+ test_bad_noop,
test_mail_workarounds,
test_rcpt_workarounds,
test_too_many_recipients,
Reference in New Issue View Git Blame Copy Permalink