59 #define FILEDATA_CONTENT_LIMIT 100000
61 #define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
63 #define FILEDATA_CONTENT_INSPECT_WINDOW 4096
66 #define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
68 #define SMTP_COMMAND_BUFFER_STEPS 5
75 #define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
77 #define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04
79 #define SMTP_PARSER_STATE_PARSING_MULTILINE_REPLY 0x08
81 #define SMTP_PARSER_STATE_PIPELINING_SERVER 0x10
87 #define SMTP_COMMAND_STARTTLS 1
88 #define SMTP_COMMAND_DATA 2
89 #define SMTP_COMMAND_BDAT 3
94 #define SMTP_COMMAND_DATA_MODE 4
96 #define SMTP_COMMAND_OTHER_CMD 5
97 #define SMTP_COMMAND_RSET 6
99 #define SMTP_DEFAULT_MAX_TX 256
174 static int SMTPGetFrameIdByName(
const char *frame_name)
183 static const char *SMTPGetFrameNameById(
const uint8_t frame_id)
194 #define SMTP_MPM mpm_default_matcher
196 static MpmCtx *smtp_mpm_ctx = NULL;
304 #define SCHEME_SUFFIX_LEN 3
312 static void SMTPConfigure(
void) {
316 uint32_t content_limit = 0;
317 uint32_t content_inspect_min_size = 0;
318 uint32_t content_inspect_window = 0;
321 if (config != NULL) {
332 SCMimeSmtpConfigDecodeBase64(val);
337 SCMimeSmtpConfigDecodeQuoted(val);
342 if (imval < 0 || imval > UINT32_MAX) {
343 FatalError(
"Invalid value for header-value-depth");
345 SCMimeSmtpConfigHeaderValueDepth((uint32_t)imval);
350 SCMimeSmtpConfigExtractUrls(val);
357 if (extract_urls_schemes) {
361 size_t scheme_len = strlen(scheme->
val);
363 FatalError(
"extract-urls-schemes entry '%s' is too long", scheme->
val);
365 if (scheme->
val[scheme_len - 1] !=
'/') {
368 int r = snprintf(tmp,
sizeof(tmp),
"%s://", scheme->
val);
369 if (r != (
int)scheme_len) {
370 FatalError(
"snprintf failure for SMTP url extraction scheme.");
374 FatalError(
"extract-urls-schemes entry SCStrdup failure.");
377 scheme->
val = new_val;
379 int r = SCMimeSmtpConfigExtractUrlsSchemeAdd(scheme->
val);
381 FatalError(
"Failed to add smtp extract url scheme");
387 SCMimeSmtpConfigExtractUrlsSchemeAdd(
"http://");
392 SCMimeSmtpConfigLogUrlScheme(val);
399 SCMimeSmtpConfigBodyMd5(
false);
401 SCMimeSmtpConfigBodyMd5(
true);
402 }
else if (strcmp(strval,
"auto") != 0) {
413 if (strcasecmp(
"content-limit", p->
name) == 0) {
421 if (strcasecmp(
"content-inspect-min-size", p->
name) == 0) {
429 if (strcasecmp(
"content-inspect-window", p->
name) == 0) {
446 SCLogError(
"\"decode-mime\" and \"raw-extraction\" "
447 "options can't be enabled at the same time, "
448 "disabling raw extraction");
454 const char *
str = NULL;
455 if (
SCConfGet(
"app-layer.protocols.smtp.max-tx", &
str) == 1) {
467 static void SMTPSetEvent(
SMTPState *s, uint8_t e)
490 tx->
tx_data.file_tx = STREAM_TOSERVER;
496 if (tx && tx->
tx_data.de_state) {
497 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW set");
499 }
else if (tx == NULL) {
500 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX");
501 }
else if (tx->
tx_data.de_state == NULL) {
502 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX DESTATE");
512 if (tx == NULL || file == NULL) {
517 FlagDetectStateNewFile(tx);
549 if (direction == 0 &&
556 }
else if (direction == 1) {
559 if (frame != NULL && state->
curr_tx) {
566 uint8_t *lf_idx = memchr(input->
buf + input->
consumed, 0x0a, input->
len);
569 if (lf_idx == NULL) {
582 uint32_t o_consumed = input->
consumed;
583 input->
consumed = (uint32_t)(lf_idx - input->
buf + 1);
591 line->
buf = input->
buf + o_consumed;
594 frame->
len = (int64_t)line->
len;
602 if (discard_till_lf) {
604 if (direction == 0) {
624 static int SMTPInsertCommandIntoCommandBuffer(uint8_t command,
SMTPState *state)
657 if ((
int)(state->
cmds_cnt + 1) > (
int)USHRT_MAX) {
685 static void SetMimeEvents(
SMTPState *state, uint32_t events)
691 if (events & MIME_ANOM_INVALID_BASE64) {
694 if (events & MIME_ANOM_INVALID_QP) {
697 if (events & MIME_ANOM_LONG_LINE) {
700 if (events & MIME_ANOM_LONG_ENC_LINE) {
703 if (events & MIME_ANOM_LONG_HEADER_NAME) {
706 if (events & MIME_ANOM_LONG_HEADER_VALUE) {
709 if (events & MIME_ANOM_LONG_BOUNDARY) {
712 if (events & MIME_ANOM_LONG_FILENAME) {
717 static inline void SMTPTransactionComplete(
SMTPState *state)
728 static int SMTPProcessCommandDATA(
740 if (line->
len == 1 && line->
buf[0] ==
'.') {
758 SMTPTransactionComplete(state);
773 const uint8_t *filename = NULL;
774 uint16_t filename_len = 0;
779 MimeSmtpParserResult ret = SCSmtpMimeParseLine(
781 SetMimeEvents(state, events);
783 case MimeSmtpFileOpen:
787 if (filename_len == 0) {
794 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
809 case MimeSmtpFileChunk:
818 "StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
829 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
834 case MimeSmtpFileClose:
837 SCLogDebug(
"FileCloseFile() failed: %d", ret);
845 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
854 static inline bool IsReplyToCommand(
const SMTPState *state,
const uint8_t cmd)
860 static int SMTPProcessReply(
881 if (line->
len >= 4) {
883 if (line->
buf[3] !=
'-') {
887 if (line->
buf[3] ==
'-') {
909 SCLogDebug(
"REPLY: reply_code %u / %s", reply_code,
928 SCLogDebug(
"unable to match reply with request");
943 SMTPTransactionComplete(state);
964 SMTPTransactionComplete(state);
978 SCMemcmpLowercase(
"pipelining", line->
buf + 4, 10) == 0) {
998 while (i < line->
len) {
999 if (line->
buf[i] !=
' ') {
1008 if (i == line->
len) {
1015 if (line->
len - i <
len) {
1018 memcpy(strbuf, line->
buf + i,
len);
1028 static int SMTPParseCommandWithParam(
SMTPState *state,
const SMTPLine *line, uint8_t prefix_len,
1029 uint8_t **target, uint16_t *target_len)
1031 int i = prefix_len + 1;
1033 while (i < line->
len) {
1034 if (line->
buf[i] !=
' ') {
1043 while (spc_i < line->
len) {
1044 if (line->
buf[spc_i] ==
' ') {
1051 if (*target == NULL)
1053 memcpy(*target, line->
buf + i, spc_i - i);
1054 (*target)[spc_i - i] =
'\0';
1055 if (spc_i - i > UINT16_MAX) {
1056 *target_len = UINT16_MAX;
1059 *target_len = (uint16_t)(spc_i - i);
1071 return SMTPParseCommandWithParam(state, line, 4, &state->
helo, &state->
helo_len);
1080 return SMTPParseCommandWithParam(
1087 uint16_t rcptto_len;
1089 if (SMTPParseCommandWithParam(state, line, 7, &rcptto, &rcptto_len) == 0) {
1092 rcptto_str->
str = rcptto;
1093 rcptto_str->
len = rcptto_len;
1109 if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1111 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"quit", line->
buf, 4) == 0) {
1119 #define rawmsgname "rawmsg"
1138 static int SMTPProcessRequest(
1146 frame->
len = (int64_t)line->
len;
1163 tx = SMTPTransactionCreate(state);
1175 if (frame != NULL && state->
curr_tx) {
1178 tx->
tx_data.updated_ts =
true;
1192 if (line->
len >= 8 && SCMemcmpLowercase(
"starttls", line->
buf, 8) == 0) {
1194 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"data", line->
buf, 4) == 0) {
1220 if (data_frame == NULL) {
1221 SCLogDebug(
"data_frame %p - no data frame set up", data_frame);
1230 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"bdat", line->
buf, 4) == 0) {
1231 r = SMTPParseCommandBDAT(state, line);
1237 }
else if (line->
len >= 4 && ((SCMemcmpLowercase(
"helo", line->
buf, 4) == 0) ||
1238 SCMemcmpLowercase(
"ehlo", line->
buf, 4) == 0)) {
1239 r = SMTPParseCommandHELO(state, line);
1244 }
else if (line->
len >= 9 && SCMemcmpLowercase(
"mail from", line->
buf, 9) == 0) {
1245 r = SMTPParseCommandMAILFROM(state, line);
1250 }
else if (line->
len >= 7 && SCMemcmpLowercase(
"rcpt to", line->
buf, 7) == 0) {
1251 r = SMTPParseCommandRCPTTO(state, line);
1256 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1266 if (SMTPInsertCommandIntoCommandBuffer(state->
current_command, state) == -1) {
1275 return SMTPProcessCommandDATA(state, tx, f, line);
1278 return SMTPProcessCommandBDAT(state, line);
1287 static inline void ResetLine(
SMTPLine *line)
1316 static int SMTPPreProcessCommands(
1328 bool line_complete =
false;
1329 const int32_t input_len = input->
len;
1331 for (int32_t i = 0; i < input_len; i++) {
1333 if (i < input_len - 1 && input->buf[
offset + i + 1] == 0x0a) {
1339 line_complete =
true;
1340 }
else if (input->
buf[
offset + i] == 0x0a) {
1343 line_complete =
true;
1346 if (line_complete || (i == input_len - 1)) {
1353 SCLogDebug(
"Possible boundary, yield to GetLine");
1357 int32_t total_consumed =
offset + i + 1;
1358 int32_t current_line_consumed = total_consumed - input->
consumed;
1363 if (line->
len < 0) {
1368 input->
len -= current_line_consumed;
1370 if (SMTPProcessRequest(state, f, input, line, slice) == -1) {
1373 line_complete =
false;
1396 const uint8_t *input_buf = StreamSliceGetData(&stream_slice);
1397 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
1399 if (input_buf == NULL &&
1404 }
else if (input_buf == NULL || input_len == 0) {
1408 SMTPInput input = { .
buf = input_buf, .len = input_len, .orig_len = input_len, .consumed = 0 };
1409 SMTPLine line = { NULL, 0, 0,
false };
1412 if (direction == 0) {
1416 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1420 }
else if (ret < 0) {
1424 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1425 while (res.status == 0) {
1426 int retval = SMTPProcessRequest(state, f, &input, &line, &stream_slice);
1447 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1451 }
else if (ret < 0) {
1455 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1457 if (res.status == 1)
1461 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1462 while (res.status == 0) {
1463 if (SMTPProcessReply(state, f, thread_data, &input, &line) != 0)
1473 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1475 if (res.status == 1)
1488 return SMTPParse(0, f, alstate, pstate, stream_slice, local_data);
1497 return SMTPParse(1, f, alstate, pstate, stream_slice, local_data);
1512 if (smtp_state->
cmds == NULL) {
1541 static void *SMTPLocalStorageAlloc(
void)
1550 if (td->
pmq == NULL) {
1563 static void SMTPLocalStorageFree(
void *ptr)
1567 if (td->
pmq != NULL) {
1587 SCAppLayerTxDataCleanup(&tx->
tx_data);
1595 SMTPStringFree(
str);
1606 static void SMTPStateFree(
void *p)
1610 if (smtp_state->
cmds != NULL) {
1614 if (smtp_state->
helo) {
1619 while ((tx =
TAILQ_FIRST(&smtp_state->tx_list))) {
1621 SMTPTransactionFree(tx, smtp_state);
1627 static void SMTPSetMpmState(
void)
1630 if (
unlikely(smtp_mpm_ctx == NULL)) {
1646 static void SMTPFreeMpmState(
void)
1648 if (smtp_mpm_ctx != NULL) {
1651 smtp_mpm_ctx = NULL;
1655 static int SMTPStateGetEventInfo(
1659 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1665 static int SMTPStateGetEventInfoById(
1669 if (*event_name == NULL) {
1671 "smtp's enum map table.",
1677 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1682 static AppProto SMTPServerProbingParser(
1683 const Flow *f, uint8_t direction,
const uint8_t *input, uint32_t
len, uint8_t *rdir)
1690 if (input[0] !=
'2' || input[1] !=
'2' || input[2] !=
'0') {
1694 if (input[3] !=
' ' && input[3] !=
'-') {
1700 if (memchr(input + 4,
'\n',
len - 4) != NULL) {
1711 uint32_t
offset = SCValidateDomain(input + 4,
len - 4);
1722 static int SMTPRegisterPatternsForProtocolDetection(
void)
1725 IPPROTO_TCP,
ALPROTO_SMTP,
"EHLO", 4, 0, STREAM_TOSERVER) < 0) {
1729 IPPROTO_TCP,
ALPROTO_SMTP,
"HELO", 4, 0, STREAM_TOSERVER) < 0) {
1733 IPPROTO_TCP,
ALPROTO_SMTP,
"QUIT", 4, 0, STREAM_TOSERVER) < 0) {
1737 "tcp", IPPROTO_TCP,
"smtp",
ALPROTO_SMTP, 0, 5, NULL, SMTPServerProbingParser)) {
1740 NULL, SMTPServerProbingParser);
1746 static void SMTPStateTransactionFree (
void *state, uint64_t tx_id)
1751 if (tx_id < tx->tx_id)
1753 else if (tx_id > tx->
tx_id)
1756 if (tx == smtp_state->
curr_tx)
1759 SMTPTransactionFree(tx, state);
1767 static uint64_t SMTPStateGetTxCnt(
void *state)
1778 static void *SMTPStateGetTx(
void *state, uint64_t
id)
1784 if (smtp_state->
curr_tx == NULL)
1790 if (tx->
tx_id ==
id)
1797 static int SMTPStateGetAlstateProgress(
void *vtx, uint8_t direction)
1808 if (direction & STREAM_TOSERVER) {
1837 if (state->
un.
ptr == NULL) {
1843 while (tx_ptr->
tx_id < min_tx_id) {
1849 if (tx_ptr->
tx_id >= max_tx_id) {
1856 .has_next = (state->
un.
ptr != NULL),
1869 const char *proto_name =
"smtp";
1873 if (SMTPRegisterPatternsForProtocolDetection() < 0 )
1876 SCLogInfo(
"Protocol detection and parser disabled for %s protocol.",
1885 SMTPParseClientRecord);
1887 SMTPParseServerRecord);
1893 SMTPLocalStorageFree);
1905 IPPROTO_TCP,
ALPROTO_SMTP, SMTPGetFrameIdByName, SMTPGetFrameNameById);
1907 SCLogInfo(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);
1932 static void SMTPTestInitConfig(
void)
1946 static int SMTPParserTest01(
void)
1953 uint8_t welcome_reply[] = {
1954 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
1955 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1956 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
1957 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
1958 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
1961 uint32_t welcome_reply_len =
sizeof(welcome_reply);
1964 uint8_t request1[] = {
1965 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x5b, 0x31, 0x39,
1966 0x32, 0x2e, 0x31, 0x36, 0x38, 0x2e, 0x30, 0x2e,
1967 0x31, 0x35, 0x38, 0x5d, 0x0d, 0x0a
1969 uint32_t request1_len =
sizeof(request1);
1976 uint8_t reply1[] = {
1977 0x32, 0x35, 0x30, 0x2d, 0x6d, 0x78, 0x2e, 0x67,
1978 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1979 0x6d, 0x20, 0x61, 0x74, 0x20, 0x79, 0x6f, 0x75,
1980 0x72, 0x20, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
1981 0x65, 0x2c, 0x20, 0x5b, 0x31, 0x31, 0x37, 0x2e,
1982 0x31, 0x39, 0x38, 0x2e, 0x31, 0x31, 0x35, 0x2e,
1983 0x35, 0x30, 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30,
1984 0x2d, 0x53, 0x49, 0x5a, 0x45, 0x20, 0x33, 0x35,
1985 0x38, 0x38, 0x32, 0x35, 0x37, 0x37, 0x0d, 0x0a,
1986 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49, 0x54,
1987 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35,
1988 0x30, 0x2d, 0x53, 0x54, 0x41, 0x52, 0x54, 0x54,
1989 0x4c, 0x53, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20,
1990 0x45, 0x4e, 0x48, 0x41, 0x4e, 0x43, 0x45, 0x44,
1991 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x43, 0x4f,
1992 0x44, 0x45, 0x53, 0x0d, 0x0a
1994 uint32_t reply1_len =
sizeof(reply1);
1997 uint8_t request2[] = {
1998 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
2001 uint32_t request2_len =
sizeof(request2);
2003 uint8_t reply2[] = {
2004 0x32, 0x32, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2005 0x30, 0x20, 0x52, 0x65, 0x61, 0x64, 0x79, 0x20,
2006 0x74, 0x6f, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74,
2007 0x20, 0x54, 0x4c, 0x53, 0x0d, 0x0a
2009 uint32_t reply2_len =
sizeof(reply2);
2014 memset(&f, 0,
sizeof(f));
2015 memset(&ssn, 0,
sizeof(ssn));
2019 f.
proto = IPPROTO_TCP;
2023 SMTPTestInitConfig();
2026 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2028 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2032 if (smtp_state == NULL) {
2033 printf(
"no smtp state: ");
2038 printf(
"smtp parser in inconsistent state\n");
2043 STREAM_TOSERVER, request1, request1_len);
2045 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2051 printf(
"smtp parser in inconsistent state\n");
2056 STREAM_TOCLIENT, reply1, reply1_len);
2058 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2063 printf(
"smtp parser in inconsistent state\n");
2068 STREAM_TOSERVER, request2, request2_len);
2070 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2076 printf(
"smtp parser in inconsistent state\n");
2081 STREAM_TOCLIENT, reply2, reply2_len);
2083 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2089 printf(
"smtp parser in inconsistent state\n");
2109 static int SMTPParserTest02(
void)
2116 uint8_t welcome_reply[] = {
2117 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
2118 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
2119 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
2120 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
2121 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
2124 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2127 uint8_t request1[] = {
2128 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2129 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2131 uint32_t request1_len =
sizeof(request1);
2138 uint8_t reply1[] = {
2139 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2140 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2141 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2142 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2143 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2144 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2145 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2146 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2147 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2148 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2149 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2150 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2151 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2152 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2153 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2155 uint32_t reply1_len =
sizeof(reply1);
2158 uint8_t request2[] = {
2159 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2160 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
2161 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2164 uint32_t request2_len =
sizeof(request2);
2166 uint8_t reply2[] = {
2167 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2168 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2170 uint32_t reply2_len =
sizeof(reply2);
2173 uint8_t request3[] = {
2174 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2175 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2176 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2179 uint32_t request3_len =
sizeof(request3);
2181 uint8_t reply3[] = {
2182 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2183 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2185 uint32_t reply3_len =
sizeof(reply3);
2188 uint8_t request4[] = {
2189 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2191 uint32_t request4_len =
sizeof(request4);
2193 uint8_t reply4[] = {
2194 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2195 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2196 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2197 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2198 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2200 uint32_t reply4_len =
sizeof(reply4);
2203 uint8_t request5_1[] = {
2204 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2205 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
2206 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2208 uint32_t request5_1_len =
sizeof(request5_1);
2210 uint8_t request5_2[] = {
2211 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2212 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2213 0x6f, 0x6d, 0x0d, 0x0a
2215 uint32_t request5_2_len =
sizeof(request5_2);
2217 uint8_t request5_3[] = {
2220 uint32_t request5_3_len =
sizeof(request5_3);
2222 uint8_t request5_4[] = {
2223 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2224 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2225 0x6c, 0x31, 0x0d, 0x0a
2227 uint32_t request5_4_len =
sizeof(request5_4);
2229 uint8_t request5_5[] = {
2232 uint32_t request5_5_len =
sizeof(request5_5);
2234 uint8_t reply5[] = {
2235 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2236 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2237 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2238 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
2239 0x46, 0x32, 0x0d, 0x0a
2241 uint32_t reply5_len =
sizeof(reply5);
2244 uint8_t request6[] = {
2245 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2246 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x67, 0x40,
2247 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2250 uint32_t request6_len =
sizeof(request6);
2252 uint8_t reply6[] = {
2253 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2254 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2256 uint32_t reply6_len =
sizeof(reply6);
2259 uint8_t request7[] = {
2260 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2261 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2262 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2265 uint32_t request7_len =
sizeof(request7);
2267 uint8_t reply7[] = {
2268 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2269 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2271 uint32_t reply7_len =
sizeof(reply7);
2274 uint8_t request8[] = {
2275 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2277 uint32_t request8_len =
sizeof(request8);
2279 uint8_t reply8[] = {
2280 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2281 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2282 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2283 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2284 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2286 uint32_t reply8_len =
sizeof(reply8);
2289 uint8_t request9_1[] = {
2290 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2291 0x66, 0x67, 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c,
2292 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2294 uint32_t request9_1_len =
sizeof(request9_1);
2296 uint8_t request9_2[] = {
2297 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2298 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2299 0x6f, 0x6d, 0x0d, 0x0a
2301 uint32_t request9_2_len =
sizeof(request9_2);
2303 uint8_t request9_3[] = {
2306 uint32_t request9_3_len =
sizeof(request9_3);
2308 uint8_t request9_4[] = {
2309 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2310 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2311 0x6c, 0x32, 0x0d, 0x0a
2313 uint32_t request9_4_len =
sizeof(request9_4);
2315 uint8_t request9_5[] = {
2318 uint32_t request9_5_len =
sizeof(request9_5);
2320 uint8_t reply9[] = {
2321 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2322 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2323 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2324 0x32, 0x38, 0x43, 0x46, 0x46, 0x32, 0x30, 0x42,
2325 0x46, 0x32, 0x0d, 0x0a
2327 uint32_t reply9_len =
sizeof(reply9);
2330 uint8_t request10[] = {
2331 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
2333 uint32_t request10_len =
sizeof(request10);
2335 uint8_t reply10[] = {
2336 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2337 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
2339 uint32_t reply10_len =
sizeof(reply10);
2344 memset(&f, 0,
sizeof(f));
2345 memset(&ssn, 0,
sizeof(ssn));
2349 f.
proto = IPPROTO_TCP;
2353 SMTPTestInitConfig();
2356 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2358 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2362 if (smtp_state == NULL) {
2363 printf(
"no smtp state: ");
2368 printf(
"smtp parser in inconsistent state\n");
2373 STREAM_TOSERVER, request1, request1_len);
2375 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2381 printf(
"smtp parser in inconsistent state\n");
2386 STREAM_TOCLIENT, reply1, reply1_len);
2388 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2393 printf(
"smtp parser in inconsistent state\n");
2398 STREAM_TOSERVER, request2, request2_len);
2400 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2406 printf(
"smtp parser in inconsistent state\n");
2411 STREAM_TOCLIENT, reply2, reply2_len);
2413 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2418 printf(
"smtp parser in inconsistent state\n");
2423 STREAM_TOSERVER, request3, request3_len);
2425 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2431 printf(
"smtp parser in inconsistent state\n");
2436 STREAM_TOCLIENT, reply3, reply3_len);
2438 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2443 printf(
"smtp parser in inconsistent state\n");
2448 STREAM_TOSERVER, request4, request4_len);
2450 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2456 printf(
"smtp parser in inconsistent state\n");
2461 STREAM_TOCLIENT, reply4, reply4_len);
2463 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2469 printf(
"smtp parser in inconsistent state\n");
2474 STREAM_TOSERVER, request5_1, request5_1_len);
2476 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2483 printf(
"smtp parser in inconsistent state\n");
2488 STREAM_TOSERVER, request5_2, request5_2_len);
2490 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2497 printf(
"smtp parser in inconsistent state\n");
2502 STREAM_TOSERVER, request5_3, request5_3_len);
2504 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2511 printf(
"smtp parser in inconsistent state\n");
2516 STREAM_TOSERVER, request5_4, request5_4_len);
2518 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2525 printf(
"smtp parser in inconsistent state\n");
2530 STREAM_TOSERVER, request5_5, request5_5_len);
2532 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2538 printf(
"smtp parser in inconsistent state\n");
2543 STREAM_TOCLIENT, reply5, reply5_len);
2545 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2550 printf(
"smtp parser in inconsistent state\n");
2555 STREAM_TOSERVER, request6, request6_len);
2557 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2563 printf(
"smtp parser in inconsistent state\n");
2568 STREAM_TOCLIENT, reply6, reply6_len);
2570 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2575 printf(
"smtp parser in inconsistent state\n");
2580 STREAM_TOSERVER, request7, request7_len);
2582 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2588 printf(
"smtp parser in inconsistent state\n");
2593 STREAM_TOCLIENT, reply7, reply7_len);
2595 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2600 printf(
"smtp parser in inconsistent state\n");
2605 STREAM_TOSERVER, request8, request8_len);
2607 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2613 printf(
"smtp parser in inconsistent state\n");
2618 STREAM_TOCLIENT, reply8, reply8_len);
2620 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2626 printf(
"smtp parser in inconsistent state\n");
2631 STREAM_TOSERVER, request9_1, request9_1_len);
2633 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2640 printf(
"smtp parser in inconsistent state\n");
2645 STREAM_TOSERVER, request9_2, request9_2_len);
2647 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2654 printf(
"smtp parser in inconsistent state\n");
2659 STREAM_TOSERVER, request9_3, request9_3_len);
2661 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2668 printf(
"smtp parser in inconsistent state\n");
2673 STREAM_TOSERVER, request9_4, request9_4_len);
2675 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2682 printf(
"smtp parser in inconsistent state\n");
2687 STREAM_TOSERVER, request9_5, request9_5_len);
2689 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2695 printf(
"smtp parser in inconsistent state\n");
2700 STREAM_TOCLIENT, reply9, reply9_len);
2702 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2707 printf(
"smtp parser in inconsistent state\n");
2712 STREAM_TOSERVER, request10, request10_len);
2714 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2720 printf(
"smtp parser in inconsistent state\n");
2725 STREAM_TOCLIENT, reply10, reply10_len);
2727 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2732 printf(
"smtp parser in inconsistent state\n");
2748 static int SMTPParserTest03(
void)
2755 uint8_t welcome_reply[] = {
2756 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2757 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2758 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2759 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2760 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2761 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2763 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2766 uint8_t request1[] = {
2767 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2768 0x2e, 0x63, 0x6f, 0x6d, 0x0a
2770 uint32_t request1_len =
sizeof(request1);
2780 uint8_t reply1[] = {
2781 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2782 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2783 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2784 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2785 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
2786 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
2787 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2788 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2789 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2790 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2791 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2792 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2793 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2794 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2795 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2796 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2797 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2799 uint32_t reply1_len =
sizeof(reply1);
2806 uint8_t request2[] = {
2807 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2808 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2809 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2810 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
2811 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2812 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2813 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
2814 0x49, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74,
2815 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x0d, 0x0a,
2817 uint32_t request2_len =
sizeof(request2);
2822 uint8_t reply2[] = {
2823 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2824 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a, 0x32, 0x35,
2825 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e, 0x35, 0x20,
2826 0x4f, 0x6b, 0x0d, 0x0a, 0x33, 0x35, 0x34, 0x20,
2827 0x45, 0x6e, 0x64, 0x20, 0x64, 0x61, 0x74, 0x61,
2828 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x3c, 0x43,
2829 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x2e, 0x3c,
2830 0x43, 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x0d,
2833 uint32_t reply2_len =
sizeof(reply2);
2838 memset(&f, 0,
sizeof(f));
2839 memset(&ssn, 0,
sizeof(ssn));
2843 f.
proto = IPPROTO_TCP;
2847 SMTPTestInitConfig();
2850 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2852 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2856 if (smtp_state == NULL) {
2857 printf(
"no smtp state: ");
2862 printf(
"smtp parser in inconsistent state\n");
2867 STREAM_TOSERVER, request1, request1_len);
2869 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2875 printf(
"smtp parser in inconsistent state\n");
2880 STREAM_TOCLIENT, reply1, reply1_len);
2882 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2888 printf(
"smtp parser in inconsistent state\n");
2893 STREAM_TOSERVER, request2, request2_len);
2895 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2905 printf(
"smtp parser in inconsistent state\n");
2910 STREAM_TOCLIENT, reply2, reply2_len);
2912 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2919 printf(
"smtp parser in inconsistent state\n");
2935 static int SMTPParserTest04(
void)
2942 uint8_t welcome_reply[] = {
2943 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2944 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2945 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2946 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2947 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2948 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2950 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2953 uint8_t request1[] = {
2954 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2955 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2956 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2957 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2958 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2959 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2961 uint32_t request1_len =
sizeof(request1);
2966 memset(&f, 0,
sizeof(f));
2967 memset(&ssn, 0,
sizeof(ssn));
2971 f.
proto = IPPROTO_TCP;
2975 SMTPTestInitConfig();
2978 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2980 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2984 if (smtp_state == NULL) {
2985 printf(
"no smtp state: ");
2990 printf(
"smtp parser in inconsistent state\n");
2995 STREAM_TOSERVER, request1, request1_len);
2997 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3003 printf(
"smtp parser in inconsistent state\n");
3019 static int SMTPParserTest05(
void)
3026 uint8_t welcome_reply[] = {
3027 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
3028 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3029 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3030 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
3031 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
3032 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
3034 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3037 uint8_t request1[] = {
3038 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3039 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3041 uint32_t request1_len =
sizeof(request1);
3051 uint8_t reply1[] = {
3052 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3053 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3054 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3055 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3056 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
3057 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
3058 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3059 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3060 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3061 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3062 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3063 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3064 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3065 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3066 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3067 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3068 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3070 uint32_t reply1_len =
sizeof(reply1);
3073 uint8_t request2[] = {
3074 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3077 uint32_t request2_len =
sizeof(request2);
3079 uint8_t reply2[] = {
3080 0x35, 0x30, 0x32, 0x20, 0x35, 0x2e, 0x35, 0x2e,
3081 0x32, 0x20, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x3a,
3082 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64,
3083 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x63,
3084 0x6f, 0x67, 0x6e, 0x69, 0x7a, 0x65, 0x64, 0x0d,
3087 uint32_t reply2_len =
sizeof(reply2);
3090 uint8_t request3[] = {
3091 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3094 uint32_t request3_len =
sizeof(request3);
3096 uint8_t reply3[] = {
3097 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3098 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3100 uint32_t reply3_len =
sizeof(reply3);
3105 memset(&f, 0,
sizeof(f));
3106 memset(&ssn, 0,
sizeof(ssn));
3110 f.
proto = IPPROTO_TCP;
3114 SMTPTestInitConfig();
3117 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3119 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3123 if (smtp_state == NULL) {
3124 printf(
"no smtp state: ");
3129 printf(
"smtp parser in inconsistent state\n");
3134 STREAM_TOSERVER, request1, request1_len);
3136 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3142 printf(
"smtp parser in inconsistent state\n");
3147 STREAM_TOCLIENT, reply1, reply1_len);
3149 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3155 printf(
"smtp parser in inconsistent state\n");
3160 STREAM_TOSERVER, request2, request2_len);
3162 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3169 printf(
"smtp parser in inconsistent state\n");
3174 STREAM_TOCLIENT, reply2, reply2_len);
3176 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3182 printf(
"smtp parser in inconsistent state\n");
3194 STREAM_TOSERVER, request3, request3_len);
3196 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3203 printf(
"smtp parser in inconsistent state\n");
3208 STREAM_TOCLIENT, reply3, reply3_len);
3210 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3216 printf(
"smtp parser in inconsistent state\n");
3232 static int SMTPParserTest06(
void)
3238 uint8_t welcome_reply[] = {
3239 0x32, 0x32, 0x30, 0x20, 0x62, 0x61, 0x79, 0x30,
3240 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3241 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3242 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3243 0x6d, 0x20, 0x53, 0x65, 0x6e, 0x64, 0x69, 0x6e,
3244 0x67, 0x20, 0x75, 0x6e, 0x73, 0x6f, 0x6c, 0x69,
3245 0x63, 0x69, 0x74, 0x65, 0x64, 0x20, 0x63, 0x6f,
3246 0x6d, 0x6d, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6c,
3247 0x20, 0x6f, 0x72, 0x20, 0x62, 0x75, 0x6c, 0x6b,
3248 0x20, 0x65, 0x2d, 0x6d, 0x61, 0x69, 0x6c, 0x20,
3249 0x74, 0x6f, 0x20, 0x4d, 0x69, 0x63, 0x72, 0x6f,
3250 0x73, 0x6f, 0x66, 0x74, 0x27, 0x73, 0x20, 0x63,
3251 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72, 0x20,
3252 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x20,
3253 0x69, 0x73, 0x20, 0x70, 0x72, 0x6f, 0x68, 0x69,
3254 0x62, 0x69, 0x74, 0x65, 0x64, 0x2e, 0x20, 0x4f,
3255 0x74, 0x68, 0x65, 0x72, 0x20, 0x72, 0x65, 0x73,
3256 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e,
3257 0x73, 0x20, 0x61, 0x72, 0x65, 0x20, 0x66, 0x6f,
3258 0x75, 0x6e, 0x64, 0x20, 0x61, 0x74, 0x20, 0x68,
3259 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x70, 0x72,
3260 0x69, 0x76, 0x61, 0x63, 0x79, 0x2e, 0x6d, 0x73,
3261 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x6e,
3262 0x74, 0x69, 0x2d, 0x73, 0x70, 0x61, 0x6d, 0x2f,
3263 0x2e, 0x20, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74,
3264 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x77, 0x69, 0x6c,
3265 0x6c, 0x20, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74,
3266 0x20, 0x69, 0x6e, 0x20, 0x75, 0x73, 0x65, 0x20,
3267 0x6f, 0x66, 0x20, 0x65, 0x71, 0x75, 0x69, 0x70,
3268 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6c, 0x6f, 0x63,
3269 0x61, 0x74, 0x65, 0x64, 0x20, 0x69, 0x6e, 0x20,
3270 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e,
3271 0x69, 0x61, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x6f,
3272 0x74, 0x68, 0x65, 0x72, 0x20, 0x73, 0x74, 0x61,
3273 0x74, 0x65, 0x73, 0x2e, 0x20, 0x46, 0x72, 0x69,
3274 0x2c, 0x20, 0x31, 0x36, 0x20, 0x46, 0x65, 0x62,
3275 0x20, 0x32, 0x30, 0x30, 0x37, 0x20, 0x30, 0x35,
3276 0x3a, 0x30, 0x33, 0x3a, 0x32, 0x33, 0x20, 0x2d,
3277 0x30, 0x38, 0x30, 0x30, 0x20, 0x0d, 0x0a
3279 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3281 uint8_t request1[] = {
3282 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x45, 0x58, 0x43,
3283 0x48, 0x41, 0x4e, 0x47, 0x45, 0x32, 0x2e, 0x63,
3284 0x67, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x6d, 0x69,
3285 0x61, 0x6d, 0x69, 0x2e, 0x65, 0x64, 0x75, 0x0d,
3288 uint32_t request1_len =
sizeof(request1);
3290 uint8_t reply1[] = {
3291 0x32, 0x35, 0x30, 0x2d, 0x62, 0x61, 0x79, 0x30,
3292 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3293 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3294 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3295 0x6d, 0x20, 0x28, 0x33, 0x2e, 0x33, 0x2e, 0x31,
3296 0x2e, 0x34, 0x29, 0x20, 0x48, 0x65, 0x6c, 0x6c,
3297 0x6f, 0x20, 0x5b, 0x31, 0x32, 0x39, 0x2e, 0x31,
3298 0x37, 0x31, 0x2e, 0x33, 0x32, 0x2e, 0x35, 0x39,
3299 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53,
3300 0x49, 0x5a, 0x45, 0x20, 0x32, 0x39, 0x36, 0x39,
3301 0x36, 0x30, 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35,
3302 0x30, 0x2d, 0x38, 0x62, 0x69, 0x74, 0x6d, 0x69,
3303 0x6d, 0x65, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3304 0x42, 0x49, 0x4e, 0x41, 0x52, 0x59, 0x4d, 0x49,
3305 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3306 0x43, 0x48, 0x55, 0x4e, 0x4b, 0x49, 0x4e, 0x47,
3307 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3308 0x54, 0x48, 0x20, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3309 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3310 0x54, 0x48, 0x3d, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3311 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20, 0x4f, 0x4b,
3314 uint32_t reply1_len =
sizeof(reply1);
3317 uint8_t request2[] = {
3318 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3319 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3320 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3323 uint32_t request2_len =
sizeof(request2);
3325 uint8_t reply2[] = {
3326 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3327 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3329 uint32_t reply2_len =
sizeof(reply2);
3332 uint8_t request3[] = {
3333 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3334 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3335 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3338 uint32_t request3_len =
sizeof(request3);
3340 uint8_t reply3[] = {
3341 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3342 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3344 uint32_t reply3_len =
sizeof(reply3);
3347 uint8_t request4[] = {
3348 0x42, 0x44, 0x41, 0x54, 0x20, 0x35, 0x31, 0x0d,
3351 uint32_t request4_len =
sizeof(request4);
3353 uint8_t request5[] = {
3354 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3355 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3356 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3357 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x0d, 0x0a,
3359 uint32_t request5_len =
sizeof(request5);
3361 uint8_t request6[] = {
3362 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3363 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3366 uint32_t request6_len =
sizeof(request6);
3371 memset(&f, 0,
sizeof(f));
3372 memset(&ssn, 0,
sizeof(ssn));
3376 f.
proto = IPPROTO_TCP;
3380 SMTPTestInitConfig();
3383 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3385 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3389 if (smtp_state == NULL) {
3390 printf(
"no smtp state: ");
3395 printf(
"smtp parser in inconsistent state\n");
3400 STREAM_TOSERVER, request1, request1_len);
3402 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3408 printf(
"smtp parser in inconsistent state\n");
3413 STREAM_TOCLIENT, reply1, reply1_len);
3415 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3420 printf(
"smtp parser in inconsistent state\n");
3425 STREAM_TOSERVER, request2, request2_len);
3427 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3433 printf(
"smtp parser in inconsistent state\n");
3438 STREAM_TOCLIENT, reply2, reply2_len);
3440 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3445 printf(
"smtp parser in inconsistent state\n");
3450 STREAM_TOSERVER, request3, request3_len);
3452 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3458 printf(
"smtp parser in inconsistent state\n");
3463 STREAM_TOCLIENT, reply3, reply3_len);
3465 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3470 printf(
"smtp parser in inconsistent state\n");
3475 STREAM_TOSERVER, request4, request4_len);
3477 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3485 printf(
"smtp parser in inconsistent state\n");
3490 STREAM_TOSERVER, request5, request5_len);
3492 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3499 printf(
"smtp parser in inconsistent state\n");
3504 STREAM_TOSERVER, request6, request6_len);
3506 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3512 printf(
"smtp parser in inconsistent state\n");
3525 static int SMTPParserTest12(
void)
3539 uint8_t request1[] = {
3540 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3541 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3543 int32_t request1_len =
sizeof(request1);
3547 uint8_t reply1[] = {
3548 0x31, 0x38, 0x38, 0x0d, 0x0a,
3550 uint32_t reply1_len =
sizeof(reply1);
3554 memset(&th_v, 0,
sizeof(th_v));
3555 memset(&f, 0,
sizeof(f));
3556 memset(&ssn, 0,
sizeof(ssn));
3562 f.
proto = IPPROTO_TCP;
3571 SMTPTestInitConfig();
3580 "(msg:\"SMTP event handling\"; "
3581 "app-layer-event: smtp.invalid_reply; "
3590 STREAM_TOSERVER | STREAM_START, request1,
3593 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3598 if (smtp_state == NULL) {
3599 printf(
"no smtp state: ");
3607 printf(
"sid 1 matched. It shouldn't match: ");
3612 STREAM_TOCLIENT | STREAM_TOCLIENT, reply1,
3615 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3623 printf(
"sid 1 didn't match. Should have matched: ");
3644 static int SMTPParserTest13(
void)
3658 uint8_t request1[] = {
3659 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3660 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3662 int32_t request1_len =
sizeof(request1);
3666 uint8_t reply1[] = {
3667 0x32, 0x35, 0x30, 0x0d, 0x0a,
3669 uint32_t reply1_len =
sizeof(reply1);
3676 uint8_t request2[] = {
3677 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3678 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3679 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3680 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
3681 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3682 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3683 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
3684 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3687 uint32_t request2_len =
sizeof(request2);
3691 memset(&th_v, 0,
sizeof(th_v));
3692 memset(&f, 0,
sizeof(f));
3693 memset(&ssn, 0,
sizeof(ssn));
3699 f.
proto = IPPROTO_TCP;
3708 SMTPTestInitConfig();
3717 "(msg:\"SMTP event handling\"; "
3719 "smtp.invalid_pipelined_sequence; "
3728 STREAM_TOSERVER | STREAM_START, request1,
3731 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3736 if (smtp_state == NULL) {
3737 printf(
"no smtp state: ");
3745 printf(
"sid 1 matched. It shouldn't match: ");
3750 STREAM_TOCLIENT, reply1, reply1_len);
3752 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3760 printf(
"sid 1 matched. It shouldn't match: ");
3765 STREAM_TOSERVER, request2, request2_len);
3767 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3775 printf(
"sid 1 didn't match. Should have matched: ");
3799 static int SMTPParserTest14(
void)
3806 static uint8_t welcome_reply[] = {
3807 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
3808 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
3809 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
3810 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
3811 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
3814 static uint32_t welcome_reply_len =
sizeof(welcome_reply);
3817 static uint8_t request1[] = {
3818 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3819 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3821 static uint32_t request1_len =
sizeof(request1);
3828 static uint8_t reply1[] = {
3829 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3830 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3831 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3832 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3833 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3834 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3835 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3836 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3837 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3838 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3839 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3840 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3841 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3842 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3843 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3845 static uint32_t reply1_len =
sizeof(reply1);
3848 static uint8_t request2[] = {
3849 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3850 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3851 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3854 static uint32_t request2_len =
sizeof(request2);
3856 static uint8_t reply2[] = {
3857 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3858 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3860 static uint32_t reply2_len =
sizeof(reply2);
3863 static uint8_t request3[] = {
3864 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3865 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3866 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3869 static uint32_t request3_len =
sizeof(request3);
3871 static uint8_t reply3[] = {
3872 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3873 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3875 static uint32_t reply3_len =
sizeof(reply3);
3878 static uint8_t request4[] = {
3879 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
3881 static uint32_t request4_len =
sizeof(request4);
3883 static uint8_t reply4[] = {
3884 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
3885 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
3886 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
3887 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
3888 0x4c, 0x46, 0x3e, 0x0d, 0x0a
3890 static uint32_t reply4_len =
sizeof(reply4);
3893 static uint64_t filesize = 133;
3894 static uint8_t request4_msg[] = {
3895 0x4D, 0x49, 0x4D, 0x45, 0x2D, 0x56, 0x65, 0x72,
3896 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20, 0x31, 0x2E,
3897 0x30, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3898 0x6E, 0x74, 0x2D, 0x54, 0x79, 0x70, 0x65, 0x3A,
3899 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61,
3900 0x74, 0x69, 0x6F, 0x6E, 0x2F, 0x6F, 0x63, 0x74,
3901 0x65, 0x74, 0x2D, 0x73, 0x74, 0x72, 0x65, 0x61,
3902 0x6D, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3903 0x6E, 0x74, 0x2D, 0x54, 0x72, 0x61, 0x6E, 0x73,
3904 0x66, 0x65, 0x72, 0x2D, 0x45, 0x6E, 0x63, 0x6F,
3905 0x64, 0x69, 0x6E, 0x67, 0x3A, 0x20, 0x62, 0x61,
3906 0x73, 0x65, 0x36, 0x34, 0x0D, 0x0A, 0x43, 0x6F,
3907 0x6E, 0x74, 0x65, 0x6E, 0x74, 0x2D, 0x44, 0x69,
3908 0x73, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x69, 0x6F,
3909 0x6E, 0x3A, 0x20, 0x61, 0x74, 0x74, 0x61, 0x63,
3910 0x68, 0x6D, 0x65, 0x6E, 0x74, 0x3B, 0x20, 0x66,
3911 0x69, 0x6C, 0x65, 0x6E, 0x61, 0x6D, 0x65, 0x3D,
3912 0x22, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x65, 0x78,
3913 0x65, 0x22, 0x3B, 0x0D, 0x0A, 0x0D, 0x0A, 0x54,
3914 0x56, 0x6F, 0x41, 0x41, 0x46, 0x42, 0x46, 0x41,
3915 0x41, 0x42, 0x4D, 0x41, 0x51, 0x45, 0x41, 0x61,
3916 0x69, 0x70, 0x59, 0x77, 0x77, 0x41, 0x41, 0x41,
3917 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3918 0x41, 0x41, 0x44, 0x41, 0x51, 0x73, 0x42, 0x43,
3919 0x41, 0x41, 0x42, 0x41, 0x41, 0x43, 0x41, 0x41,
3920 0x41, 0x41, 0x41, 0x41, 0x48, 0x6B, 0x41, 0x41,
3921 0x41, 0x41, 0x4D, 0x41, 0x41, 0x41, 0x41, 0x65,
3922 0x51, 0x41, 0x41, 0x41, 0x41, 0x77, 0x41, 0x41,
3923 0x41, 0x41, 0x41, 0x41, 0x45, 0x41, 0x41, 0x42,
3924 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3925 0x41, 0x42, 0x30, 0x41, 0x41, 0x41, 0x41, 0x49,
3926 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3927 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3928 0x41, 0x45, 0x41, 0x41, 0x49, 0x67, 0x41, 0x41,
3929 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3930 0x67, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3931 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3932 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3933 0x41, 0x42, 0x63, 0x58, 0x44, 0x59, 0x32, 0x4C,
3934 0x6A, 0x6B, 0x7A, 0x4C, 0x6A, 0x59, 0x34, 0x4C,
3935 0x6A, 0x5A, 0x63, 0x65, 0x67, 0x41, 0x41, 0x4F,
3936 0x41, 0x3D, 0x3D, 0x0D,0x0A };
3937 static uint32_t request4_msg_len =
sizeof(request4_msg);
3940 static uint8_t request4_end[] = {
3941 0x0d, 0x0a, 0x2e, 0x0d, 0x0a
3943 static uint32_t request4_end_len =
sizeof(request4_end);
3945 static uint8_t reply4_end[] = {
3946 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3947 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
3948 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
3949 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
3950 0x46, 0x32, 0x0d, 0x0a
3952 static uint32_t reply4_end_len =
sizeof(reply4_end);
3955 static uint8_t request5[] = {
3956 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3958 static uint32_t request5_len =
sizeof(request5);
3960 static uint8_t reply5[] = {
3961 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3962 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3964 static uint32_t reply5_len =
sizeof(reply5);
3969 memset(&f, 0,
sizeof(f));
3970 memset(&ssn, 0,
sizeof(ssn));
3974 f.
proto = IPPROTO_TCP;
3978 SMTPTestInitConfig();
3982 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3984 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3988 if (smtp_state == NULL) {
3989 printf(
"no smtp state: ");
3994 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3999 STREAM_TOSERVER, request1, request1_len);
4001 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4007 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4013 STREAM_TOCLIENT, reply1, reply1_len);
4015 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4019 if ((smtp_state->
helo_len != 7) || strncmp(
"boo.com", (
char *)smtp_state->
helo, 7)) {
4020 printf(
"incorrect parsing of HELO field '%s' (%d)\n", smtp_state->
helo, smtp_state->
helo_len);
4026 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4032 STREAM_TOSERVER, request2, request2_len);
4034 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4040 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4046 STREAM_TOCLIENT, reply2, reply2_len);
4048 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4054 printf(
"incorrect parsing of MAIL FROM field '%s' (%d)\n",
4062 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4068 STREAM_TOSERVER, request3, request3_len);
4070 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4076 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4082 STREAM_TOCLIENT, reply3, reply3_len);
4084 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4089 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4095 SCMimeSmtpConfigDecodeBase64(1);
4096 SCMimeSmtpConfigDecodeQuoted(1);
4100 STREAM_TOSERVER, request4, request4_len);
4102 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4109 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4115 STREAM_TOCLIENT, reply4, reply4_len);
4117 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4123 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4129 STREAM_TOSERVER, request4_msg, request4_msg_len);
4131 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4139 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4145 STREAM_TOSERVER, request4_end, request4_end_len);
4147 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4155 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4164 if (files != NULL && files->
head != NULL) {
4167 if(strncmp((
const char *)file->
name,
"test.exe", 8) != 0){
4168 printf(
"smtp-mime file name is incorrect");
4172 printf(
"smtp-mime file size %"PRIu64
" is incorrect",
FileDataSize(file));
4175 static uint8_t org_binary[] = {
4176 0x4D, 0x5A, 0x00, 0x00, 0x50, 0x45, 0x00, 0x00,
4177 0x4C, 0x01, 0x01, 0x00, 0x6A, 0x2A, 0x58, 0xC3,
4178 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4179 0x04, 0x00, 0x03, 0x01, 0x0B, 0x01, 0x08, 0x00,
4180 0x01, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
4181 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4182 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4183 0x00, 0x00, 0x40, 0x00, 0x04, 0x00, 0x00, 0x00,
4184 0x04, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00,
4185 0x20, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
4186 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4187 0x88, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4188 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4189 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4190 0x00, 0x00, 0x00, 0x00, 0x5C, 0x5C, 0x36, 0x36,
4191 0x2E, 0x39, 0x33, 0x2E, 0x36, 0x38, 0x2E, 0x36,
4192 0x5C, 0x7A, 0x00, 0x00, 0x38,};
4195 org_binary,
sizeof(org_binary)) != 1)
4197 printf(
"smtp-mime file data incorrect\n");
4204 STREAM_TOCLIENT, reply4_end, reply4_end_len);
4206 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4211 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4217 STREAM_TOSERVER, request5, request5_len);
4219 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4225 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4231 STREAM_TOCLIENT, reply5, reply5_len);
4233 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4238 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);