Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Lots of additional error checking on the "fossil smtpd" input. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | smtp |
Files: | files | file ages | folders |
SHA3-256: |
cf1c84299ff071c85a5e40357c96c88e |
User & Date: | drh 2018-06-29 21:37:04.644 |
Context
2018-06-29
| ||
22:54 | Populate the esubject column of the emailbox table based on the subject in the email header. ... (check-in: dbb1ce5f user: drh tags: smtp) | |
21:37 | Lots of additional error checking on the "fossil smtpd" input. ... (check-in: cf1c8429 user: drh tags: smtp) | |
19:54 | The "fossil smtpd" command stores incoming messages in the database and routes them according to the emailroute table. ... (check-in: e4144ced user: drh tags: smtp) | |
Changes
Changes to src/smtp.c.
︙ | ︙ | |||
686 687 688 689 690 691 692 693 694 695 696 697 698 699 | Blob transcript; /* Session transcript */ }; #define SMTPSRV_CLEAR_MSG 1 /* smtp_server_clear() last message only */ #define SMTPSRV_CLEAR_ALL 2 /* smtp_server_clear() everything */ #define SMTPSRV_LOG 0x001 /* Record a transcript of the interaction */ #define SMTPSRV_STDERR 0x002 /* Transcription written to stderr */ #endif /* LOCAL_INTERFACE */ /* ** Clear the SmtpServer object. Deallocate resources. ** How much to clear depends on eHowMuch */ | > | 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 | Blob transcript; /* Session transcript */ }; #define SMTPSRV_CLEAR_MSG 1 /* smtp_server_clear() last message only */ #define SMTPSRV_CLEAR_ALL 2 /* smtp_server_clear() everything */ #define SMTPSRV_LOG 0x001 /* Record a transcript of the interaction */ #define SMTPSRV_STDERR 0x002 /* Transcription written to stderr */ #define SMTPSRV_DRYRUN 0x004 /* Do not record anything in database */ #endif /* LOCAL_INTERFACE */ /* ** Clear the SmtpServer object. Deallocate resources. ** How much to clear depends on eHowMuch */ |
︙ | ︙ | |||
871 872 873 874 875 876 877 | /* ** The SmtpServer object contains a complete incoming email. ** Add this email to the database. */ static void smtp_server_route_incoming(SmtpServer *p, int bFinish){ Stmt s; int i, j; | | > > > > | 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 | /* ** The SmtpServer object contains a complete incoming email. ** Add this email to the database. */ static void smtp_server_route_incoming(SmtpServer *p, int bFinish){ Stmt s; int i, j; if( p->zFrom && p->nTo && blob_size(&p->msg) && (p->srvrFlags & SMTPSRV_DRYRUN)==0 ){ db_begin_transaction(); if( p->idTranscript==0 ) smtp_server_schema(0); db_prepare(&s, "INSERT INTO emailblob(ets,etime,etxt)" " VALUES(:ets,now(),:etxt)" ); if( !bFinish && p->idTranscript==0 ){ |
︙ | ︙ | |||
918 919 920 921 922 923 924 925 926 927 | } smtp_server_clear(p, SMTPSRV_CLEAR_MSG); } /* ** Make a copy of the input string up to but not including the ** first ">" character. */ static char *extractEmail(const char *z){ int i; | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | > | > > > > > > > | | > > > | > > > > > > | > > > > | > > > > | > < | 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 | } smtp_server_clear(p, SMTPSRV_CLEAR_MSG); } /* ** Make a copy of the input string up to but not including the ** first ">" character. ** ** Verify that the string really that is to be copied really is a ** valid email address. If it is not, then return NULL. ** ** This routine is more restrictive than necessary. It does not ** allow comments, IP address, quoted strings, or certain uncommon ** characters. The only non-alphanumerics allowed in the local ** part are "_", "+", "-" and "+". */ static char *extractEmail(const char *z){ int i; int nAt = 0; int nDot = 0; char c; if( z[0]=='.' ) return 0; /* Local part cannot begin with "." */ for(i=0; (c = z[i])!=0 && c!='>'; i++){ if( fossil_isalnum(c) ){ /* Alphanumerics are always ok */ }else if( c=='@' ){ if( nAt ) return 0; /* Only a single "@" allowed */ if( i>64 ) return 0; /* Local part too big */ nAt = 1; nDot = 0; if( i==0 ) return 0; /* Disallow empty local part */ if( z[i-1]=='.' ) return 0; /* Last char of local cannot be "." */ if( z[i+1]=='.' || z[i+1]=='-' ){ return 0; /* Domain cannot begin with "." or "-" */ } }else if( c=='-' ){ if( z[i+1]=='>' ) return 0; /* Last character cannot be "-" */ }else if( c=='.' ){ if( z[i+1]=='.' ) return 0; /* Do not allow ".." */ if( z[i+1]=='>' ) return 0; /* Domain may not end with . */ nDot++; }else if( (c=='_' || c=='+') && nAt==0 ){ /* _ and + are ok in the local part */ }else{ return 0; /* Anything else is an error */ } } if( c!='>' ) return 0; /* Missing final ">" */ if( nAt==0 ) return 0; /* No "@" found anywhere */ if( nDot==0 ) return 0; /* No "." in the domain */ /* If we reach this point, the email address is valid */ return mprintf("%.*s", i, z); } /* ** COMMAND: smtpd ** ** Usage: %fossil smtpd [OPTIONS] REPOSITORY ** ** Begin a SMTP conversation with a client using stdin/stdout. The ** received email is stored in REPOSITORY. ** ** Options: ** ** --dryrun Do not record any emails in the database ** ** --trace Print a transcript of the conversation on stderr ** for debugging and analysis */ void smtp_server(void){ char *zDbName; const char *zDomain; SmtpServer x; char z[5000]; smtp_server_init(&x); zDomain = find_option("domain",0,1); if( zDomain==0 ) zDomain = ""; x.srvrFlags = SMTPSRV_LOG; if( find_option("trace",0,0)!=0 ) x.srvrFlags |= SMTPSRV_STDERR; if( find_option("dryrun",0,0)!=0 ) x.srvrFlags |= SMTPSRV_DRYRUN; verify_all_options(); if( g.argc!=3 ) usage("DBNAME"); zDbName = g.argv[2]; zDbName = enter_chroot_jail(zDbName, 0); db_open_repository(zDbName); smtp_server_send(&x, "220 %s ESMTP https://fossil-scm.org/ %s\r\n", zDomain, MANIFEST_VERSION); while( smtp_server_gets(&x, z, sizeof(z)) ){ if( strncmp(z, "EHLO", 4)==0 && fossil_isspace(z[4]) ){ smtp_server_send(&x, "250 ok\r\n"); }else if( strncmp(z, "HELO", 4)==0 && fossil_isspace(z[4]) ){ smtp_server_send(&x, "250 ok\r\n"); }else if( strncmp(z, "MAIL FROM:<", 11)==0 ){ smtp_server_route_incoming(&x, 0); smtp_server_clear(&x, SMTPSRV_CLEAR_MSG); x.zFrom = extractEmail(z+11); if( x.zFrom==0 ){ smtp_server_send(&x, "500 unacceptable email address\r\n"); }else{ smtp_server_send(&x, "250 ok\r\n"); } }else if( strncmp(z, "RCPT TO:<", 9)==0 ){ char *zAddr; if( x.zFrom==0 ){ smtp_server_send(&x, "500 missing MAIL FROM\r\n"); continue; } zAddr = extractEmail(z+9); if( zAddr==0 ){ smtp_server_send(&x, "505 no such user\r\n"); continue; } smtp_append_to(&x, zAddr, 0); if( x.nTo>=100 ){ smtp_server_send(&x, "452 too many recipients\r\n"); continue; } smtp_server_send(&x, "250 ok\r\n"); }else if( strncmp(z, "DATA", 4)==0 && fossil_isspace(z[4]) ){ if( x.zFrom==0 || x.nTo==0 ){ smtp_server_send(&x, "500 missing RCPT TO\r\n"); continue; } smtp_server_send(&x, "354 ready\r\n"); smtp_server_capture_data(&x, z, sizeof(z)); smtp_server_send(&x, "250 ok\r\n"); }else if( strncmp(z, "QUIT", 4)==0 && fossil_isspace(z[4]) ){ smtp_server_send(&x, "221 closing connection\r\n"); smtp_server_route_incoming(&x, 1); break; }else { smtp_server_send(&x, "500 unknown command\r\n"); } } smtp_server_clear(&x, SMTPSRV_CLEAR_ALL); } |