diff options
Diffstat (limited to 'mail/opensmtpd/files/patch-usernamelen')
| -rw-r--r-- | mail/opensmtpd/files/patch-usernamelen | 61 |
1 files changed, 0 insertions, 61 deletions
diff --git a/mail/opensmtpd/files/patch-usernamelen b/mail/opensmtpd/files/patch-usernamelen deleted file mode 100644 index 18341f1d0919..000000000000 --- a/mail/opensmtpd/files/patch-usernamelen +++ /dev/null @@ -1,61 +0,0 @@ -diff --git a/smtpd/smtp_session.c b/smtpd/smtp_session.c -index 3a0ca2a..404ee50 100644 ---- smtpd/smtp_session.c -+++ smtpd/smtp_session.c -@@ -84,6 +84,7 @@ enum session_flags { - SF_BADINPUT = 0x0080, - SF_FILTERCONN = 0x0100, - SF_FILTERDATA = 0x0200, -+ SF_USERTOOLONG = 0x0400, - }; - - enum message_flags { -@@ -133,7 +134,7 @@ struct smtp_session { - - char helo[LINE_MAX]; - char cmd[LINE_MAX]; -- char username[LOGIN_NAME_MAX]; -+ char username[LOGIN_NAME_MAX+HOST_NAME_MAX+1]; - - struct envelope evp; - -@@ -990,6 +991,15 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg) - - s = tree_xpop(&wait_parent_auth, reqid); - strnvis(user, s->username, sizeof user, VIS_WHITE | VIS_SAFE); -+ -+ if (s->flags & SF_USERTOOLONG) { -+ log_info("smtp-in: sesson %016"PRIx64 -+ ": auth failed because username too long", -+ s->id); -+ s->flags &= (~SF_USERTOOLONG); -+ success = LKA_PERMFAIL; -+ } -+ - if (success == LKA_OK) { - log_info("smtp-in: session %016"PRIx64 - ": authentication successful for user %s ", -@@ -1929,7 +1939,7 @@ smtp_rfc4954_auth_plain(struct smtp_session *s, char *arg) - user++; /* skip NUL */ - if (strlcpy(s->username, user, sizeof(s->username)) - >= sizeof(s->username)) -- goto abort; -+ s->flags |= SF_USERTOOLONG; - - pass = memchr(user, '\0', len - (user - buf)); - if (pass == NULL || pass >= buf + len - 2) -@@ -1969,9 +1979,12 @@ smtp_rfc4954_auth_login(struct smtp_session *s, char *arg) - - case STATE_AUTH_USERNAME: - memset(s->username, 0, sizeof(s->username)); -- if (base64_decode(arg, (unsigned char *)s->username, -- sizeof(s->username) - 1) == -1) -+ if (base64_decode(arg, (unsigned char *)buf, -+ sizeof(buf) - 1) == -1) - goto abort; -+ if (strlcpy(s->username, buf, sizeof(s->username)) -+ >= sizeof(s->username)) -+ s->flags |= SF_USERTOOLONG; - - smtp_enter_state(s, STATE_AUTH_PASSWORD); - smtp_reply(s, "334 UGFzc3dvcmQ6"); |