Gitweb:
https://git.exim.org/exim.git/commitdiff/d6870e76cf0b838eab1929e5d5afb486c4e7b448
Commit: d6870e76cf0b838eab1929e5d5afb486c4e7b448
Parent: beb5d85c7d378d48dda18a3ad8fab0599a75edc1
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Sat Feb 6 21:46:15 2021 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Sat Feb 6 21:52:33 2021 +0000
Fix handling of server which follows a RCPT 452 with a 250. Bug 26092
---
doc/doc-txt/ChangeLog | 5 +++
src/src/transports/smtp.c | 17 ++++++----
test/confs/0622 | 79 ++++++++++++++++++++++++++++++++++++++++++++
test/log/0622 | 31 +++++++++++++++++
test/scripts/0000-Basic/0622 | 17 ++++++++++
test/stderr/0143 | 2 +-
test/stderr/0398 | 2 +-
test/stderr/0432 | 2 +-
test/stderr/0476 | 2 +-
test/stderr/2035 | 2 +-
test/stderr/2135 | 2 +-
test/stderr/4052 | 2 +-
test/stderr/5410 | 6 ++--
test/stderr/5420 | 6 ++--
14 files changed, 155 insertions(+), 20 deletions(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 754ae7b..e4c1e9a 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -198,6 +198,11 @@ JH/41 Fix daemon SIGHUP on FreeBSD. Previously, a named socket for IPC was
This affected any platform not supporting "abstract" Unix-domain
sockets (i.e. not Linux).
+JH/42 Bug 2692: Harden against a peer which reneges on a 452 "too many
+ recipients" response to RCPT in a later response, with a 250. The
+ previous coding assumed this would not happen, and under PIPELINING
+ would result in both lost and duplicate recipients for a message.
+
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index 30669d3..33051a5 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -1036,7 +1036,7 @@ if (sx->pending_MAIL)
{
DEBUG(D_transport) debug_printf("%s expect mail\n", __FUNCTION__);
count--;
- sx->pending_MAIL = FALSE;
+ sx->pending_MAIL = sx->RCPT_452 = FALSE;
if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
'2', ob->command_timeout))
{
@@ -1082,7 +1082,7 @@ while (count-- > 0)
/* The address was accepted */
addr->host_used = sx->conn_args.host;
- DEBUG(D_transport) debug_printf("%s expect rcpt\n", __FUNCTION__);
+ DEBUG(D_transport) debug_printf("%s expect rcpt for %s\n", __FUNCTION__, addr->address);
if (smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
'2', ob->command_timeout))
{
@@ -1176,7 +1176,7 @@ while (count-- > 0)
if (addr->more_errno >> 8 == 52 && yield & 3)
{
- if (!sx->RCPT_452)
+ if (!sx->RCPT_452) /* initialised at MAIL-ack above */
{
DEBUG(D_transport)
debug_printf("%s: seen first 452 too-many-rcpts\n", __FUNCTION__);
@@ -1223,6 +1223,8 @@ while (count-- > 0)
}
}
}
+ if (count && !(addr = addr->next))
+ return -2;
} /* Loop for next RCPT response */
/* Update where to start at for the next block of responses, unless we
@@ -3883,15 +3885,16 @@ else
!sx->lmtp
)
{
- const uschar *s = string_printing(sx->buffer);
+ const uschar * s = string_printing(sx->buffer);
/* deconst cast ok here as string_printing was checked to have alloc'n'copied */
- conf = (s == sx->buffer)? US string_copy(s) : US s;
+ conf = s == sx->buffer ? US string_copy(s) : US s;
}
/* Process all transported addresses - for LMTP or PRDR, read a status for
- each one. */
+ each one. We used to drop out at first_addr, until someone returned a 452
+ followed by a 250... and we screwed up the accepted addresses. */
- for (address_item * addr = addrlist; addr != sx->first_addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
{
if (addr->transport_return != PENDING_OK) continue;
diff --git a/test/confs/0622 b/test/confs/0622
new file mode 100644
index 0000000..5dc3e0f
--- /dev/null
+++ b/test/confs/0622
@@ -0,0 +1,79 @@
+# Exim test configuration 0622
+
+SERVER=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+log_selector = +pipelining +received_recipients
+
+
+# ----- Main settings -----
+
+acl_smtp_connect = check_connect
+acl_smtp_rcpt = check_rcpt
+
+begin acl
+
+check_connect:
+ accept
+ logwrite = :main:New connection
+
+check_rcpt:
+ defer
+ condition = ${if eq {$acl_m0}{1}}
+ recipients = B@??? : C@??? : D@??? : E@??? : F@???
+ message = 452 4.5.3 Try again
+
+ defer
+ condition = ${if eq {$acl_m0}{2}}
+ recipients = C@??? : D@???
+ message = 452 4.5.3 Try again
+
+ warn
+ recipients = A@???
+ set acl_m0 = 1
+
+ warn
+ recipients = B@???
+ set acl_m0 = 2
+
+ accept
+
+
+# ----- Routers -----
+
+begin routers
+
+server:
+ driver = redirect
+ condition = ${if eq {SERVER}{server} {yes}{no}}
+ data = :blackhole:
+
+client:
+ driver = accept
+ condition = ${if eq {SERVER}{server} {no}{yes}}
+ retry_use_local_part
+ transport = send_to_server
+
+
+# ----- Transports -----
+
+begin transports
+
+send_to_server:
+ driver = smtp
+ allow_localhost
+ hosts = 127.0.0.1
+ port = PORT_D
+ max_rcpt = 0
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/log/0622 b/test/log/0622
new file mode 100644
index 0000000..7f8edd2
--- /dev/null
+++ b/test/log/0622
@@ -0,0 +1,31 @@
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for A@??? B@??? C@??? D@??? E@??? F@???
+1999-03-02 09:44:33 10HmaX-0005vi-00 => a@??? <A@???> R=client T=send_to_server H=127.0.0.1 [127.0.0.1] L C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => b@??? <B@???> R=client T=send_to_server H=127.0.0.1 [127.0.0.1] L C="250 OK id=10HmaZ-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => c@??? <C@???> R=client T=send_to_server H=127.0.0.1 [127.0.0.1] L C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 -> d@??? <D@???> R=client T=send_to_server H=127.0.0.1 [127.0.0.1] L C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 -> e@??? <E@???> R=client T=send_to_server H=127.0.0.1 [127.0.0.1] L C="250 OK id=10HmaZ-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 -> f@??? <F@???> R=client T=send_to_server H=127.0.0.1 [127.0.0.1] L C="250 OK id=10HmaZ-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 New connection
+1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] F=<CALLER@???> temporarily rejected RCPT <B@???>: 452 4.5.3 Try again
+1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] F=<CALLER@???> temporarily rejected RCPT <C@???>: 452 4.5.3 Try again
+1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] F=<CALLER@???> temporarily rejected RCPT <D@???>: 452 4.5.3 Try again
+1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] F=<CALLER@???> temporarily rejected RCPT <E@???>: 452 4.5.3 Try again
+1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] F=<CALLER@???> temporarily rejected RCPT <F@???>: 452 4.5.3 Try again
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtp L S=sss id=E10HmaX-0005vi-00@??? for A@???
+1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <A@???> R=server
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] F=<CALLER@???> temporarily rejected RCPT <C@???>: 452 4.5.3 Try again
+1999-03-02 09:44:33 H=localhost (myhost.test.ex) [127.0.0.1] F=<CALLER@???> temporarily rejected RCPT <D@???>: 452 4.5.3 Try again
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtp L S=sss id=E10HmaX-0005vi-00@??? for B@??? E@??? F@???
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => :blackhole: <F@???> R=server
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => :blackhole: <E@???> R=server
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => :blackhole: <B@???> R=server
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtp L S=sss id=E10HmaX-0005vi-00@??? for C@??? D@???
+1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: <D@???> R=server
+1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: <C@???> R=server
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
diff --git a/test/scripts/0000-Basic/0622 b/test/scripts/0000-Basic/0622
new file mode 100644
index 0000000..096980b
--- /dev/null
+++ b/test/scripts/0000-Basic/0622
@@ -0,0 +1,17 @@
+# PIPELINING and 250 after 452 in a set of RCPT responses
+need_ipv4
+#
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim -odq -t
+To: A@???,B@???,C@???,D@???,E@???,F@???
+
+Testing
+****
+exim -M $msg1
+****
+#
+#
+killdaemon
+no_msglog_check
+sleep 1
diff --git a/test/stderr/0143 b/test/stderr/0143
index f7f14f6..73ae667 100644
--- a/test/stderr/0143
+++ b/test/stderr/0143
@@ -34,7 +34,7 @@ cmd buf flush ddd bytes
SMTP<< 250 Sender OK
SMTP>> RCPT TO:<userx@???>
cmd buf flush ddd bytes
-sync_responses expect rcpt
+sync_responses expect rcpt for userx@???
SMTP<< 250 Recipient OK
SMTP>> DATA
cmd buf flush ddd bytes
diff --git a/test/stderr/0398 b/test/stderr/0398
index 42893ad..d4f6a1c 100644
--- a/test/stderr/0398
+++ b/test/stderr/0398
@@ -142,7 +142,7 @@ cmd buf flush ddd bytes
SMTP<< 250 OK
SMTP>> RCPT TO:<qq@remote>
cmd buf flush ddd bytes
-sync_responses expect rcpt
+sync_responses expect rcpt for qq@remote
SMTP<< 550 Unknown
SMTP>> QUIT
cmd buf flush ddd bytes
diff --git a/test/stderr/0432 b/test/stderr/0432
index 164a604..da8c0b5 100644
--- a/test/stderr/0432
+++ b/test/stderr/0432
@@ -104,7 +104,7 @@ cmd buf flush ddd bytes
SMTP<< 250 OK
SMTP>> RCPT TO:<x@y>
cmd buf flush ddd bytes
-sync_responses expect rcpt
+sync_responses expect rcpt for x@y
SMTP<< 250 OK
SMTP>> QUIT
cmd buf flush ddd bytes
diff --git a/test/stderr/0476 b/test/stderr/0476
index 2ea100b..391c13b 100644
--- a/test/stderr/0476
+++ b/test/stderr/0476
@@ -33,7 +33,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for userx@???
SMTP<< 550 NO
sync_responses expect data
SMTP(closed)<<
diff --git a/test/stderr/2035 b/test/stderr/2035
index 75c7a82..2c9f064 100644
--- a/test/stderr/2035
+++ b/test/stderr/2035
@@ -30,7 +30,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for userb@???
SMTP<< 250 Accepted
LOG: MAIN
<= CALLER@??? U=CALLER P=local-smtp S=sss
diff --git a/test/stderr/2135 b/test/stderr/2135
index 75c7a82..2c9f064 100644
--- a/test/stderr/2135
+++ b/test/stderr/2135
@@ -30,7 +30,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for userb@???
SMTP<< 250 Accepted
LOG: MAIN
<= CALLER@??? U=CALLER P=local-smtp S=sss
diff --git a/test/stderr/4052 b/test/stderr/4052
index 22f0558..49bee93 100644
--- a/test/stderr/4052
+++ b/test/stderr/4052
@@ -43,7 +43,7 @@ EHLO cleartext extensions changed, 0x0120/0x0000 -> 0x0160/0x0000
writing clr 0160/0000 cry 0000/0000
sync_responses expect mail
SMTP<< 250 mail-from accepted
-sync_responses expect rcpt
+sync_responses expect rcpt for extchange@???
SMTP<< 250 rcpt-to accepted
sync_responses expect data
SMTP<< 354 data go-ahead
diff --git a/test/stderr/5410 b/test/stderr/5410
index 0387662..6e82c6a 100644
--- a/test/stderr/5410
+++ b/test/stderr/5410
@@ -127,7 +127,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for userx@???
SMTP<< 250 Accepted
holding verify callout open for cutthrough delivery
----------- end cutthrough setup ------------
@@ -369,7 +369,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for usery@???
SMTP<< 250 Accepted
holding verify callout open for cutthrough delivery
----------- end cutthrough setup ------------
@@ -611,7 +611,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for usery@???
SMTP<< 250 Accepted
holding verify callout open for cutthrough delivery
----------- end cutthrough setup ------------
diff --git a/test/stderr/5420 b/test/stderr/5420
index 9504cd3..5d70979 100644
--- a/test/stderr/5420
+++ b/test/stderr/5420
@@ -128,7 +128,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for userx@???
SMTP<< 250 Accepted
holding verify callout open for cutthrough delivery
----------- end cutthrough setup ------------
@@ -370,7 +370,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for usery@???
SMTP<< 250 Accepted
holding verify callout open for cutthrough delivery
----------- end cutthrough setup ------------
@@ -612,7 +612,7 @@ not using DSN
cmd buf flush ddd bytes
sync_responses expect mail
SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for usery@???
SMTP<< 250 Accepted
holding verify callout open for cutthrough delivery
----------- end cutthrough setup ------------
