OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: PATCH(2) - smtpd_check_size() delayed so recipient(s) can be seen
From: Wietse Venema (wietseporcupine.org)
Date: Fri Feb 04 2000 - 13:04:57 CST


I have merged in the patch with he following change:

- Do not postpone the size test when running in stand-alone mode
(sendmail -bs) because RCPT TO restrictions are applied only in
daemon mode. This is an architectural problem: UCE checks should
not mix with regular checks like they do now.

        Wietse

Simon J Mudd:
> Wietse,
>
> Second attempt at the patch. This delays the smtpd_check_size() call if
> smtpd_delay_reject = yes
> thus allowing us to see the recipient address.
>
> Regards,
>
> Simon
> --
> Simon J Mudd, Madrid SPAIN Tel: +34-91-408 4878 email: sjmuddpobox.com
>
> diff -uNr postfix-19991231-pl04.orig/smtpd/smtpd.c postfix-19991231-pl04/smtpd/smtpd.c
> --- postfix-19991231-pl04.orig/smtpd/smtpd.c Thu Jan 6 15:55:48 2000
> +++ postfix-19991231-pl04/smtpd/smtpd.c Tue Feb 1 19:56:00 2000
> -550,9 +550,10
> {
> char *err;
> int narg;
> - off_t size = 0;
> char *arg;
>
> + state->msg_size = 0;
> +
> /*
> * Sanity checks. XXX Ignore bad SIZE= values until we can reliably and
> * portably detect overflows while converting from string to off_t.
> -589,8 +590,8
> || strcasecmp(arg, "BODY=7BIT") == 0) {
> /* void */ ;
> } else if (strncasecmp(arg, "SIZE=", 5) == 0) {
> - if ((size = off_cvt_string(arg + 5)) < 0)
> - size = 0;
> + if ((state->msg_size = off_cvt_string(arg + 5)) < 0)
> + state->msg_size = 0;
> } else {
> state->error_mask |= MAIL_ERROR_PROTOCOL;
> smtpd_chat_reply(state, "555 Unsupported option: %s", arg);
> -604,7 +605,9
> smtpd_chat_reply(state, "%s", err);
> return (-1);
> }
> - if ((err = smtpd_check_size(state, size)) != 0) {
> + if (SMTPD_STAND_ALONE(state) == 0
> + && var_smtpd_delay_reject == 0
> + && (err = smtpd_check_size(state, state->msg_size)) != 0) {
> smtpd_chat_reply(state, "%s", err);
> return (-1);
> }
> diff -uNr postfix-19991231-pl04.orig/smtpd/smtpd.h postfix-19991231-pl04/smtpd/smtpd.h
> --- postfix-19991231-pl04.orig/smtpd/smtpd.h Sun Nov 21 01:41:44 1999
> +++ postfix-19991231-pl04/smtpd/smtpd.h Tue Feb 1 19:25:21 2000
> -52,6 +52,7
> char *protocol;
> char *where;
> int recursion;
> + off_t msg_size;
> } SMTPD_STATE;
>
> extern void smtpd_state_init(SMTPD_STATE *, VSTREAM *);
> diff -uNr postfix-19991231-pl04.orig/smtpd/smtpd_check.c postfix-19991231-pl04/smtpd/smtpd_check.c
> --- postfix-19991231-pl04.orig/smtpd/smtpd_check.c Thu Jan 6 15:56:16 2000
> +++ postfix-19991231-pl04/smtpd/smtpd_check.c Tue Feb 1 20:00:53 2000
> -1849,7 +1849,8
> if (var_smtpd_delay_reject)
> if ((err = smtpd_check_client(state)) != 0
> || (err = smtpd_check_helo(state, state->helo_name)) != 0
> - || (err = smtpd_check_mail(state, state->sender)) != 0)
> + || (err = smtpd_check_mail(state, state->sender)) != 0
> + || (err = smtpd_check_size(state, state->msg_size)) != 0)
> SMTPD_CHECK_RCPT_RETURN(err);
>
> /*
> diff -uNr postfix-19991231-pl04.orig/smtpd/smtpd_state.c postfix-19991231-pl04/smtpd/smtpd_state.c
> --- postfix-19991231-pl04.orig/smtpd/smtpd_state.c Sun Nov 21 01:42:33 1999
> +++ postfix-19991231-pl04/smtpd/smtpd_state.c Tue Feb 1 19:25:35 2000
> -86,6 +86,7
> state->protocol = "SMTP";
> state->where = SMTPD_AFTER_CONNECT;
> state->recursion = 0;
> + state->msg_size = 0;
>
> /*
> * Initialize peer information.
>
>
>
>