Date: Sun, 16 Aug 2015 21:54:16 +0000 (UTC) From: Ashish SHUKLA <ashish@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r394424 - in head/mail/opensmtpd: . files Message-ID: <201508162154.t7GLsG2t087786@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ashish Date: Sun Aug 16 21:54:15 2015 New Revision: 394424 URL: https://svnweb.freebsd.org/changeset/ports/394424 Log: - Add a patch to handle long usernames during SMTP authentication, e.g. often username exceeds the limit when it contains @host.name part. Reported by: gahr (via private email) Obtained from: Philipp Takacs <philipp@bureaucracy.de> (via IRC) Added: head/mail/opensmtpd/files/patch-usernamelen (contents, props changed) Modified: head/mail/opensmtpd/Makefile Modified: head/mail/opensmtpd/Makefile ============================================================================== --- head/mail/opensmtpd/Makefile Sun Aug 16 21:52:20 2015 (r394423) +++ head/mail/opensmtpd/Makefile Sun Aug 16 21:54:15 2015 (r394424) @@ -3,6 +3,7 @@ PORTNAME= opensmtpd PORTVERSION= 5.7.1 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= mail MASTER_SITES= http://www.opensmtpd.org/archives/ \ Added: head/mail/opensmtpd/files/patch-usernamelen ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/mail/opensmtpd/files/patch-usernamelen Sun Aug 16 21:54:15 2015 (r394424) @@ -0,0 +1,61 @@ +diff --git a/smtpd/smtp_session.c b/smtpd/smtp_session.c +index 3a0ca2a..404ee50 100644 +--- smtpd/smtp_session.c ++++ smtpd/smtp_session.c +@@ -84,6 +84,7 @@ enum session_flags { + SF_BADINPUT = 0x0080, + SF_FILTERCONN = 0x0100, + SF_FILTERDATA = 0x0200, ++ SF_USERTOLONG = 0x0400, + }; + + enum message_flags { +@@ -133,7 +134,7 @@ struct smtp_session { + + char helo[LINE_MAX]; + char cmd[LINE_MAX]; +- char username[LOGIN_NAME_MAX]; ++ char username[LOGIN_NAME_MAX+HOST_NAME_MAX+1]; + + struct envelope evp; + +@@ -990,6 +991,15 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg) + + s = tree_xpop(&wait_parent_auth, reqid); + strnvis(user, s->username, sizeof user, VIS_WHITE | VIS_SAFE); ++ ++ if (s->flags & SF_USERTOLONG) { ++ log_info("smtp-in: sesson %016"PRIx64 ++ ": auth failed because username to long", ++ s->id); ++ s->flags &= (~SF_USERTOLONG); ++ success = LKA_PERMFAIL; ++ } ++ + if (success == LKA_OK) { + log_info("smtp-in: session %016"PRIx64 + ": authentication successful for user %s ", +@@ -1929,7 +1939,7 @@ smtp_rfc4954_auth_plain(struct smtp_session *s, char *arg) + user++; /* skip NUL */ + if (strlcpy(s->username, user, sizeof(s->username)) + >= sizeof(s->username)) +- goto abort; ++ s->flags |= SF_USERTOLONG; + + pass = memchr(user, '\0', len - (user - buf)); + if (pass == NULL || pass >= buf + len - 2) +@@ -1969,9 +1979,12 @@ smtp_rfc4954_auth_login(struct smtp_session *s, char *arg) + + case STATE_AUTH_USERNAME: + memset(s->username, 0, sizeof(s->username)); +- if (base64_decode(arg, (unsigned char *)s->username, +- sizeof(s->username) - 1) == -1) ++ if (base64_decode(arg, (unsigned char *)buf, ++ sizeof(buf) - 1) == -1) + goto abort; ++ if (strlcpy(s->username, buf, sizeof(s->username)) ++ >= sizeof(s->username)) ++ s->flags |= SF_USERTOLONG; + + smtp_enter_state(s, STATE_AUTH_PASSWORD); + smtp_reply(s, "334 UGFzc3dvcmQ6");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201508162154.t7GLsG2t087786>