xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

smtpd: cleanup hello() domain check code

Browse source 
theres no point in doing domain checks on literal ip addresses,
so handle that case early.
This commit is contained in:
cinap_lenrek 2014-11-08 09:00:04 +01:00
parent 4908ea43d7
commit e4af9bc392
1 changed files with 74 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

70
sys/src/cmd/upas/smtp/smtpd.c
View file

@ -335,6 +335,7 @@ hello(String *himp, int extended)
{ {
char **mynames; char **mynames;
char *ldot, *rdot; char *ldot, *rdot;
char *p;
him = s_to_c(himp); him = s_to_c(himp);
syslog(0, "smtpd", "%s from %s as %s", extended? "ehlo": "helo", syslog(0, "smtpd", "%s from %s as %s", extended? "ehlo": "helo",
@ -342,30 +343,39 @@ hello(String *himp, int extended)
if(rejectcheck()) if(rejectcheck())
return; return;
if (strchr(him, '.') && nci && !trusted && fflag && if (him[0] == '[') {
strcmp(nci->rsys, nci->lsys) != 0){ /*
* reject literal ip addresses when not trusted.
*/
if (!trusted)
goto Liarliar;
him = nci->rsys;
} else {
if (!trusted && fflag && nci && strcmp(nci->rsys, nci->lsys) != 0){
/* /*
* We don't care if he lies about who he is, but it is * We don't care if he lies about who he is, but it is
* not okay to pretend to be us. Many viruses do this, * not okay to pretend to be us. Many viruses do this,
* just parroting back what we say in the greeting. * just parroting back what we say in the greeting.
*/ */
if(strcmp(him, dom) == 0) if(cistrcmp(him, dom) == 0)
goto Liarliar;
for(mynames = sysnames_read(); mynames && *mynames; mynames++)
if(cistrcmp(*mynames, him) == 0)
goto Liarliar; goto Liarliar;
for(mynames = sysnames_read(); mynames && *mynames; mynames++){
if(cistrcmp(*mynames, him) == 0){
Liarliar:
syslog(0, "smtpd",
"Hung up on %s; claimed to be %s",
nci->rsys, him);
if(Dflag)
sleep(delaysecs()*1000);
reply("554 5.7.0 Liar!\r\n");
exits("client pretended to be us");
return;
}
}
} }
/*
* require at least one letter, which there will be in
* at least the last component (e.g., .com, .net) if it's real.
* this rejects non-address-literal IP addresses,
* among other bogosities.
*/
for (p = him; *p != '\0'; p++)
if (isascii(*p) && isalpha(*p))
break;
if (*p == '\0')
goto Liarliar;
/* /*
* it is unacceptable to claim any string that doesn't look like * it is unacceptable to claim any string that doesn't look like
* a domain name (e.g., has at least one dot in it), but * a domain name (e.g., has at least one dot in it), but
@ -379,6 +389,7 @@ Liarliar:
} }
if (!trusted && rdot == nil) if (!trusted && rdot == nil)
goto Liarliar; goto Liarliar;
/* /*
* Reject obviously bogus domains and those reserved by RFC 2606. * Reject obviously bogus domains and those reserved by RFC 2606.
*/ */
@ -406,25 +417,7 @@ Liarliar:
cistrcmp(ldot, "example.net") == 0 || cistrcmp(ldot, "example.net") == 0 ||
cistrcmp(ldot, "example.org") == 0) cistrcmp(ldot, "example.org") == 0)
goto Liarliar; goto Liarliar;
/*
* similarly, if the claimed domain is not an address-literal,
* require at least one letter, which there will be in
* at least the last component (e.g., .com, .net) if it's real.
* this rejects non-address-literal IP addresses,
* among other bogosities.
*/
if (!trusted && him[0] != '[') {
char *p;
for (p = him; *p != '\0'; p++)
if (isascii(*p) && isalpha(*p))
break;
if (*p == '\0')
goto Liarliar;
} }
if(strchr(him, '.') == 0 && nci != nil && strchr(nci->rsys, '.') != nil)
him = nci->rsys;
if(Dflag) if(Dflag)
sleep(delaysecs()*1000); sleep(delaysecs()*1000);
@ -438,6 +431,15 @@ Liarliar:
else else
reply("250 AUTH CRAM-MD5\r\n"); reply("250 AUTH CRAM-MD5\r\n");
} }
return;
Liarliar:
syslog(0, "smtpd", "Hung up on %s; claimed to be %s",
nci->rsys, him);
if(Dflag)
sleep(delaysecs()*1000);
reply("554 5.7.0 Liar!\r\n");
exits("client pretended to be us");
} }
void void