summaryrefslogtreecommitdiffstats
path: root/src/postscreen
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-13 08:41:51 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-13 08:41:51 +0000
commit3e160e27e4686620d16477a9ea9cf00141e52ce7 (patch)
tree884561d26afa36d7653aa4dc43410e1ae479d43e /src/postscreen
parentAdding upstream version 3.8.6. (diff)
downloadpostfix-upstream/3.9.0.tar.xz
postfix-upstream/3.9.0.zip
Adding upstream version 3.9.0.upstream/3.9.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/postscreen/postscreen.c32
-rw-r--r--src/postscreen/postscreen_smtpd.c16
2 files changed, 27 insertions, 21 deletions
diff --git a/src/postscreen/postscreen.c b/src/postscreen/postscreen.c
index 192c2e9..ebb680c 100644
--- a/src/postscreen/postscreen.c
+++ b/src/postscreen/postscreen.c
@@ -291,25 +291,29 @@
/* The amount of time that \fBpostscreen\fR(8) will cache an expired
/* temporary allowlist entry before it is removed.
/* .IP "\fBpostscreen_bare_newline_ttl (30d)\fR"
-/* The amount of time that \fBpostscreen\fR(8) will use the result from
-/* a successful "bare newline" SMTP protocol test.
+/* The amount of time that \fBpostscreen\fR(8) remembers that a client
+/* IP address passed a "bare newline" SMTP protocol test, before it
+/* address is required to pass that test again.
/* .IP "\fBpostscreen_dnsbl_max_ttl (${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h)\fR"
-/* The maximum amount of time that \fBpostscreen\fR(8) will use the
-/* result from a successful DNS-based reputation test before a
-/* client IP address is required to pass that test again.
+/* The maximum amount of time that \fBpostscreen\fR(8) remembers that a
+/* client IP address passed a DNS-based reputation test, before it is
+/* required to pass that test again.
/* .IP "\fBpostscreen_dnsbl_min_ttl (60s)\fR"
-/* The minimum amount of time that \fBpostscreen\fR(8) will use the
-/* result from a successful DNS-based reputation test before a
-/* client IP address is required to pass that test again.
+/* The minimum amount of time that \fBpostscreen\fR(8) remembers that a
+/* client IP address passed a DNS-based reputation test, before it
+/* is required to pass that test again.
/* .IP "\fBpostscreen_greet_ttl (1d)\fR"
-/* The amount of time that \fBpostscreen\fR(8) will use the result from
-/* a successful PREGREET test.
+/* The amount of time that \fBpostscreen\fR(8) remembers that a client
+/* IP address passed a PREGREET test, before it is required to pass
+/* that test again.
/* .IP "\fBpostscreen_non_smtp_command_ttl (30d)\fR"
-/* The amount of time that \fBpostscreen\fR(8) will use the result from
-/* a successful "non_smtp_command" SMTP protocol test.
+/* The amount of time that \fBpostscreen\fR(8) remembers that a client
+/* IP address passed a "non_smtp_command" SMTP protocol test, before
+/* it is required to pass that test again.
/* .IP "\fBpostscreen_pipelining_ttl (30d)\fR"
-/* The amount of time that \fBpostscreen\fR(8) will use the result from
-/* a successful "pipelining" SMTP protocol test.
+/* The amount of time that \fBpostscreen\fR(8) remembers that a client
+/* IP address passed a "pipelining" SMTP protocol test, before it is
+/* required to pass that test again.
/* RESOURCE CONTROLS
/* .ad
/* .fi
diff --git a/src/postscreen/postscreen_smtpd.c b/src/postscreen/postscreen_smtpd.c
index dfc5d54..6b72626 100644
--- a/src/postscreen/postscreen_smtpd.c
+++ b/src/postscreen/postscreen_smtpd.c
@@ -874,7 +874,8 @@ static void psc_smtpd_read_event(int event, void *context)
}
/*
- * Bare newline test.
+ * Bare newline test. Note: at this point, state->cmd_buffer is
+ * not null-terminated and may contain embedded null bytes.
*/
if (ch == '\n') {
if ((state->flags & PSC_STATE_MASK_BARLF_TODO_SKIP)
@@ -929,18 +930,19 @@ static void psc_smtpd_read_event(int event, void *context)
}
/*
- * Avoid complaints from Postfix maps about malformed content.
+ * Avoid complaints from Postfix maps about malformed content. Note:
+ * this will stop at the first null byte, just like the code that
+ * parses the command name or command arguments.
*/
-#define PSC_BAD_UTF8(str, len) \
- (var_smtputf8_enable && !valid_utf8_string((str), (len)))
+#define PSC_BAD_UTF8(str) \
+ (var_smtputf8_enable && !valid_utf8_stringz(str))
/*
* Terminate the command buffer, and apply the last-resort command
* editing workaround.
*/
VSTRING_TERMINATE(state->cmd_buffer);
- if (psc_cmd_filter != 0 && !PSC_BAD_UTF8(STR(state->cmd_buffer),
- LEN(state->cmd_buffer))) {
+ if (psc_cmd_filter != 0 && !PSC_BAD_UTF8(STR(state->cmd_buffer))) {
const char *cp;
for (cp = STR(state->cmd_buffer); *cp && IS_SPACE_TAB(*cp); cp++)
@@ -1007,7 +1009,7 @@ static void psc_smtpd_read_event(int event, void *context)
if ((state->flags & PSC_STATE_MASK_NSMTP_TODO_SKIP)
== PSC_STATE_FLAG_NSMTP_TODO && cmdp->name == 0
&& (is_header(command)
- || PSC_BAD_UTF8(command, strlen(command))
+ || PSC_BAD_UTF8(command)
/* Ignore forbid_cmds lookup errors. Non-critical feature. */
|| (*var_psc_forbid_cmds
&& string_list_match(psc_forbid_cmds, command)))) {