63 #define FILEDATA_CONTENT_LIMIT 100000
65 #define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
67 #define FILEDATA_CONTENT_INSPECT_WINDOW 4096
70 #define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
71 #define SMTP_MAX_REQUEST_AND_REPLY_LINE_LENGTH 510
73 #define SMTP_COMMAND_BUFFER_STEPS 5
77 #define SMTP_PARSER_STATE_COMMAND_MODE 0x00
80 #define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
84 #define SMTP_PARSER_STATE_PARSING_SERVER_RESPONSE 0x02
86 #define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04
88 #define SMTP_PARSER_STATE_PARSING_MULTILINE_REPLY 0x08
90 #define SMTP_PARSER_STATE_PIPELINING_SERVER 0x10
96 #define SMTP_COMMAND_STARTTLS 1
97 #define SMTP_COMMAND_DATA 2
98 #define SMTP_COMMAND_BDAT 3
103 #define SMTP_COMMAND_DATA_MODE 4
105 #define SMTP_COMMAND_OTHER_CMD 5
106 #define SMTP_COMMAND_RSET 6
109 #define SMTP_EHLO_EXTENSION_PIPELINING
110 #define SMTP_EHLO_EXTENSION_SIZE
111 #define SMTP_EHLO_EXTENSION_DSN
112 #define SMTP_EHLO_EXTENSION_STARTTLS
113 #define SMTP_EHLO_EXTENSION_8BITMIME
115 #define SMTP_DEFAULT_MAX_TX 256
174 #define SMTP_MPM mpm_default_matcher
176 static MpmCtx *smtp_mpm_ctx = NULL;
249 .decode_base64 =
true,
250 .decode_quoted_printable =
true,
251 .extract_urls =
true,
252 .extract_urls_schemes = NULL,
253 .log_url_scheme =
false,
255 .header_value_depth = 0,
272 static void SMTPConfigure(
void) {
276 uint32_t content_limit = 0;
277 uint32_t content_inspect_min_size = 0;
278 uint32_t content_inspect_window = 0;
281 if (config != NULL) {
282 ConfNode *extract_urls_schemes = NULL;
314 if (extract_urls_schemes) {
319 size_t new_val_len = strlen(scheme->
val) + 3 + 1;
320 if (new_val_len > UINT16_MAX) {
321 FatalError(
"Too long value for extract-urls-schemes");
323 char *new_val =
SCMalloc(new_val_len);
328 int r = snprintf(new_val, new_val_len,
"%s://", scheme->
val);
329 if (r < 0 || r >= (
int)new_val_len) {
336 scheme->
val = new_val;
391 if (strcasecmp(
"content-limit", p->
name) == 0) {
399 if (strcasecmp(
"content-inspect-min-size", p->
name) == 0) {
407 if (strcasecmp(
"content-inspect-window", p->
name) == 0) {
419 if (
ConfGetBool(
"app-layer.protocols.smtp.raw-extraction",
424 SCLogError(
"\"decode-mime\" and \"raw-extraction\" "
425 "options can't be enabled at the same time, "
426 "disabling raw extraction");
432 const char *
str = NULL;
433 if (
ConfGet(
"app-layer.protocols.smtp.max-tx", &
str) == 1) {
445 static void SMTPSetEvent(
SMTPState *s, uint8_t e)
469 tx->
tx_data.file_tx = STREAM_TOSERVER;
475 if (tx && tx->
tx_data.de_state) {
476 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW set");
478 }
else if (tx == NULL) {
479 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX");
480 }
else if (tx->
tx_data.de_state == NULL) {
481 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX DESTATE");
491 if (tx == NULL || file == NULL) {
496 FlagDetectStateNewFile(tx);
539 if (files->head != NULL && (files->head->flags &
FILE_STORE)) {
544 (smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp);
545 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %"PRIu32, depth);
558 SMTPNewFile(tx, files->tail);
569 SCLogDebug(
"FileCloseFile() failed: %d", ret);
575 depth = smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp;
578 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u",
590 SCLogDebug(
"FileCloseFile() failed: %d", ret);
596 uint32_t depth = smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp;
598 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u",
601 STREAM_TOSERVER, depth);
609 SCLogDebug(
"FileAppendData() - file no longer being extracted");
610 }
else if (ret < 0) {
611 SCLogDebug(
"FileAppendData() failed: %d", ret);
615 if (files->tail && files->tail->content_inspected == 0 &&
618 (smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp);
620 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u",
623 STREAM_TOSERVER, depth);
626 }
else if (files->tail && files->tail->content_inspected > 0) {
634 (smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp);
635 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %"PRIu32,
638 STREAM_TOSERVER, depth);
643 SCLogDebug(
"Successfully processed file data!");
661 static AppLayerResult SMTPGetLine(
670 uint8_t *lf_idx = memchr(input->
buf + input->
consumed, 0x0a, input->
len);
673 if (lf_idx == NULL) {
686 uint32_t o_consumed = input->
consumed;
695 line->
buf = input->
buf + o_consumed;
701 if (discard_till_lf) {
703 if (direction == 0) {
723 static int SMTPInsertCommandIntoCommandBuffer(uint8_t command,
SMTPState *state,
Flow *f)
756 if ((
int)(state->
cmds_cnt + 1) > (
int)USHRT_MAX) {
767 static int SMTPProcessCommandBDAT(
785 static void SetMimeEvents(
SMTPState *state)
822 static inline void SMTPTransactionComplete(
SMTPState *state)
844 if (line->
len == 1 && line->
buf[0] ==
'.') {
859 SCLogDebug(
"MimeDecParseComplete() function failed");
863 SetMimeEvents(state);
865 SMTPTransactionComplete(state);
882 SetMimeEvents(state);
884 SCLogDebug(
"MimeDecParseLine() function returned an error code: %d", ret);
896 static int SMTPProcessCommandSTARTTLS(
SMTPState *state,
Flow *f,
902 static inline bool IsReplyToCommand(
const SMTPState *state,
const uint8_t cmd)
926 if (line->
len >= 4) {
928 if (line->
buf[3] !=
'-') {
932 if (line->
buf[3] ==
'-') {
954 SCLogDebug(
"REPLY: reply_code %u / %s", reply_code,
973 SCLogDebug(
"unable to match reply with request");
988 SMTPTransactionComplete(state);
1005 SMTPTransactionComplete(state);
1019 SCMemcmpLowercase(
"pipelining", line->
buf + 4, 10) == 0) {
1038 while (i < line->
len) {
1039 if (line->
buf[i] !=
' ') {
1048 if (i == line->
len) {
1052 char *endptr = NULL;
1056 if (line->
len - i <
len) {
1059 memcpy(strbuf, line->
buf + i,
len);
1061 state->
bdat_chunk_len = strtoul((
const char *)strbuf, (
char **)&endptr, 10);
1062 if ((uint8_t *)endptr == line->
buf + i) {
1070 static int SMTPParseCommandWithParam(
SMTPState *state,
const SMTPLine *line, uint8_t prefix_len,
1071 uint8_t **target, uint16_t *target_len)
1073 int i = prefix_len + 1;
1075 while (i < line->
len) {
1076 if (line->
buf[i] !=
' ') {
1085 while (spc_i < line->
len) {
1086 if (line->
buf[spc_i] ==
' ') {
1093 if (*target == NULL)
1095 memcpy(*target, line->
buf + i, spc_i - i);
1096 (*target)[spc_i - i] =
'\0';
1097 if (spc_i - i > UINT16_MAX) {
1098 *target_len = UINT16_MAX;
1101 *target_len = (uint16_t)(spc_i - i);
1113 return SMTPParseCommandWithParam(state, line, 4, &state->
helo, &state->
helo_len);
1122 return SMTPParseCommandWithParam(
1129 uint16_t rcptto_len;
1131 if (SMTPParseCommandWithParam(state, line, 7, &rcptto, &rcptto_len) == 0) {
1134 rcptto_str->
str = rcptto;
1135 rcptto_str->
len = rcptto_len;
1151 if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1153 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"quit", line->
buf, 4) == 0) {
1161 #define rawmsgname "rawmsg"
1194 tx = SMTPTransactionCreate(state);
1218 if (line->
len >= 8 && SCMemcmpLowercase(
"starttls", line->
buf, 8) == 0) {
1220 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"data", line->
buf, 4) == 0) {
1255 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"bdat", line->
buf, 4) == 0) {
1256 r = SMTPParseCommandBDAT(state, line);
1262 }
else if (line->
len >= 4 && ((SCMemcmpLowercase(
"helo", line->
buf, 4) == 0) ||
1263 SCMemcmpLowercase(
"ehlo", line->
buf, 4) == 0)) {
1264 r = SMTPParseCommandHELO(state, line);
1269 }
else if (line->
len >= 9 && SCMemcmpLowercase(
"mail from", line->
buf, 9) == 0) {
1270 r = SMTPParseCommandMAILFROM(state, line);
1275 }
else if (line->
len >= 7 && SCMemcmpLowercase(
"rcpt to", line->
buf, 7) == 0) {
1276 r = SMTPParseCommandRCPTTO(state, line);
1281 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1301 return SMTPProcessCommandSTARTTLS(state, f, pstate);
1304 return SMTPProcessCommandDATA(state, tx, f, pstate, line);
1307 return SMTPProcessCommandBDAT(state, f, pstate, line);
1316 static inline void ResetLine(
SMTPLine *line)
1345 static int SMTPPreProcessCommands(
1357 bool line_complete =
false;
1358 const int32_t input_len = input->
len;
1360 for (int32_t i = 0; i < input_len; i++) {
1362 if (i < input_len - 1 && input->buf[
offset + i + 1] == 0x0a) {
1368 line_complete =
true;
1369 }
else if (input->
buf[
offset + i] == 0x0a) {
1372 line_complete =
true;
1375 if (line_complete || (i == input_len - 1)) {
1382 SCLogDebug(
"Possible boundary, yield to GetLine");
1386 int32_t total_consumed =
offset + i + 1;
1387 int32_t current_line_consumed = total_consumed - input->
consumed;
1392 if (line->
len < 0) {
1396 input->
len -= current_line_consumed;
1398 if (SMTPProcessRequest(state, f, pstate, input, line) == -1) {
1401 line_complete =
false;
1414 static AppLayerResult SMTPParse(uint8_t direction,
Flow *f,
SMTPState *state,
1419 const uint8_t *input_buf = StreamSliceGetData(&stream_slice);
1420 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
1422 if (input_buf == NULL &&
1427 }
else if (input_buf == NULL || input_len == 0) {
1431 SMTPInput input = { .
buf = input_buf, .len = input_len, .orig_len = input_len, .consumed = 0 };
1432 SMTPLine line = { NULL, 0, 0,
false };
1435 if (direction == 0) {
1439 int ret = SMTPPreProcessCommands(state, f, pstate, &input, &line);
1443 }
else if (ret < 0) {
1447 AppLayerResult res = SMTPGetLine(state, &input, &line, direction);
1448 while (res.status == 0) {
1449 int retval = SMTPProcessRequest(state, f, pstate, &input, &line);
1470 int ret = SMTPPreProcessCommands(state, f, pstate, &input, &line);
1474 }
else if (ret < 0) {
1478 res = SMTPGetLine(state, &input, &line, direction);
1480 if (res.status == 1)
1484 AppLayerResult res = SMTPGetLine(state, &input, &line, direction);
1485 while (res.status == 0) {
1486 if (SMTPProcessReply(state, f, pstate, thread_data, &input, &line) != 0)
1496 res = SMTPGetLine(state, &input, &line, direction);
1498 if (res.status == 1)
1506 StreamSlice stream_slice,
void *local_data)
1511 return SMTPParse(0, f, alstate, pstate, stream_slice, local_data);
1515 StreamSlice stream_slice,
void *local_data)
1520 return SMTPParse(1, f, alstate, pstate, stream_slice, local_data);
1535 if (smtp_state->
cmds == NULL) {
1564 static void *SMTPLocalStorageAlloc(
void)
1573 if (td->
pmq == NULL) {
1586 static void SMTPLocalStorageFree(
void *ptr)
1590 if (td->
pmq != NULL) {
1614 if (tx->
tx_data.events != NULL)
1617 if (tx->
tx_data.de_state != NULL)
1626 SMTPStringFree(
str);
1637 static void SMTPStateFree(
void *p)
1641 if (smtp_state->
cmds != NULL) {
1645 if (smtp_state->
helo) {
1650 while ((tx =
TAILQ_FIRST(&smtp_state->tx_list))) {
1652 SMTPTransactionFree(tx, smtp_state);
1660 static void SMTPSetMpmState(
void)
1663 if (
unlikely(smtp_mpm_ctx == NULL)) {
1681 static void SMTPFreeMpmState(
void)
1683 if (smtp_mpm_ctx != NULL) {
1686 smtp_mpm_ctx = NULL;
1690 static int SMTPStateGetEventInfo(
const char *event_name,
1691 int *event_id, AppLayerEventType *event_type)
1694 if (*event_id == -1) {
1696 "smtp's enum map table.",
1702 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1707 static int SMTPStateGetEventInfoById(
int event_id,
const char **event_name,
1708 AppLayerEventType *event_type)
1711 if (*event_name == NULL) {
1713 "smtp's enum map table.",
1719 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1724 static int SMTPRegisterPatternsForProtocolDetection(
void)
1727 "EHLO", 4, 0, STREAM_TOSERVER) < 0)
1732 "HELO", 4, 0, STREAM_TOSERVER) < 0)
1737 "QUIT", 4, 0, STREAM_TOSERVER) < 0)
1745 static void SMTPStateTransactionFree (
void *state, uint64_t tx_id)
1750 if (tx_id < tx->tx_id)
1752 else if (tx_id > tx->
tx_id)
1755 if (tx == smtp_state->
curr_tx)
1758 SMTPTransactionFree(tx, state);
1766 static uint64_t SMTPStateGetTxCnt(
void *state)
1777 static void *SMTPStateGetTx(
void *state, uint64_t
id)
1783 if (smtp_state->
curr_tx == NULL)
1789 if (tx->
tx_id ==
id)
1797 static int SMTPStateGetAlstateProgress(
void *vtx, uint8_t direction)
1803 static AppLayerGetFileState SMTPGetTxFiles(
void *state,
void *txv, uint8_t direction)
1808 if (direction & STREAM_TOSERVER) {
1820 static AppLayerStateData *SMTPGetStateData(
void *vstate)
1830 static AppLayerGetTxIterTuple SMTPGetTxIterator(
const uint8_t ipproto,
const AppProto alproto,
1834 AppLayerGetTxIterTuple no_tuple = { NULL, 0,
false };
1837 if (state->
un.
ptr == NULL) {
1843 while (tx_ptr->
tx_id < min_tx_id) {
1849 if (tx_ptr->
tx_id >= max_tx_id) {
1853 AppLayerGetTxIterTuple tuple = {
1856 .has_next = (state->
un.
ptr != NULL),
1869 const char *proto_name =
"smtp";
1873 if (SMTPRegisterPatternsForProtocolDetection() < 0 )
1876 SCLogInfo(
"Protocol detection and parser disabled for %s protocol.",
1885 SMTPParseClientRecord);
1887 SMTPParseServerRecord);
1893 SMTPLocalStorageFree);
1905 SCLogInfo(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);
1931 static void SMTPTestInitConfig(
void)
1947 static int SMTPParserTest01(
void)
1954 uint8_t welcome_reply[] = {
1955 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
1956 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1957 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
1958 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
1959 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
1962 uint32_t welcome_reply_len =
sizeof(welcome_reply);
1965 uint8_t request1[] = {
1966 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x5b, 0x31, 0x39,
1967 0x32, 0x2e, 0x31, 0x36, 0x38, 0x2e, 0x30, 0x2e,
1968 0x31, 0x35, 0x38, 0x5d, 0x0d, 0x0a
1970 uint32_t request1_len =
sizeof(request1);
1977 uint8_t reply1[] = {
1978 0x32, 0x35, 0x30, 0x2d, 0x6d, 0x78, 0x2e, 0x67,
1979 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1980 0x6d, 0x20, 0x61, 0x74, 0x20, 0x79, 0x6f, 0x75,
1981 0x72, 0x20, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
1982 0x65, 0x2c, 0x20, 0x5b, 0x31, 0x31, 0x37, 0x2e,
1983 0x31, 0x39, 0x38, 0x2e, 0x31, 0x31, 0x35, 0x2e,
1984 0x35, 0x30, 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30,
1985 0x2d, 0x53, 0x49, 0x5a, 0x45, 0x20, 0x33, 0x35,
1986 0x38, 0x38, 0x32, 0x35, 0x37, 0x37, 0x0d, 0x0a,
1987 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49, 0x54,
1988 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35,
1989 0x30, 0x2d, 0x53, 0x54, 0x41, 0x52, 0x54, 0x54,
1990 0x4c, 0x53, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20,
1991 0x45, 0x4e, 0x48, 0x41, 0x4e, 0x43, 0x45, 0x44,
1992 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x43, 0x4f,
1993 0x44, 0x45, 0x53, 0x0d, 0x0a
1995 uint32_t reply1_len =
sizeof(reply1);
1998 uint8_t request2[] = {
1999 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
2002 uint32_t request2_len =
sizeof(request2);
2004 uint8_t reply2[] = {
2005 0x32, 0x32, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2006 0x30, 0x20, 0x52, 0x65, 0x61, 0x64, 0x79, 0x20,
2007 0x74, 0x6f, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74,
2008 0x20, 0x54, 0x4c, 0x53, 0x0d, 0x0a
2010 uint32_t reply2_len =
sizeof(reply2);
2015 memset(&f, 0,
sizeof(f));
2016 memset(&ssn, 0,
sizeof(ssn));
2020 f.
proto = IPPROTO_TCP;
2024 SMTPTestInitConfig();
2027 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2029 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2033 if (smtp_state == NULL) {
2034 printf(
"no smtp state: ");
2039 printf(
"smtp parser in inconsistent state\n");
2044 STREAM_TOSERVER, request1, request1_len);
2046 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2052 printf(
"smtp parser in inconsistent state\n");
2057 STREAM_TOCLIENT, reply1, reply1_len);
2059 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2064 printf(
"smtp parser in inconsistent state\n");
2069 STREAM_TOSERVER, request2, request2_len);
2071 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2077 printf(
"smtp parser in inconsistent state\n");
2082 STREAM_TOCLIENT, reply2, reply2_len);
2084 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2090 printf(
"smtp parser in inconsistent state\n");
2110 static int SMTPParserTest02(
void)
2117 uint8_t welcome_reply[] = {
2118 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
2119 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
2120 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
2121 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
2122 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
2125 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2128 uint8_t request1[] = {
2129 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2130 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2132 uint32_t request1_len =
sizeof(request1);
2139 uint8_t reply1[] = {
2140 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2141 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2142 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2143 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2144 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2145 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2146 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2147 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2148 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2149 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2150 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2151 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2152 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2153 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2154 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2156 uint32_t reply1_len =
sizeof(reply1);
2159 uint8_t request2[] = {
2160 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2161 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
2162 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2165 uint32_t request2_len =
sizeof(request2);
2167 uint8_t reply2[] = {
2168 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2169 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2171 uint32_t reply2_len =
sizeof(reply2);
2174 uint8_t request3[] = {
2175 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2176 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2177 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2180 uint32_t request3_len =
sizeof(request3);
2182 uint8_t reply3[] = {
2183 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2184 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2186 uint32_t reply3_len =
sizeof(reply3);
2189 uint8_t request4[] = {
2190 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2192 uint32_t request4_len =
sizeof(request4);
2194 uint8_t reply4[] = {
2195 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2196 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2197 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2198 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2199 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2201 uint32_t reply4_len =
sizeof(reply4);
2204 uint8_t request5_1[] = {
2205 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2206 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
2207 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2209 uint32_t request5_1_len =
sizeof(request5_1);
2211 uint8_t request5_2[] = {
2212 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2213 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2214 0x6f, 0x6d, 0x0d, 0x0a
2216 uint32_t request5_2_len =
sizeof(request5_2);
2218 uint8_t request5_3[] = {
2221 uint32_t request5_3_len =
sizeof(request5_3);
2223 uint8_t request5_4[] = {
2224 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2225 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2226 0x6c, 0x31, 0x0d, 0x0a
2228 uint32_t request5_4_len =
sizeof(request5_4);
2230 uint8_t request5_5[] = {
2233 uint32_t request5_5_len =
sizeof(request5_5);
2235 uint8_t reply5[] = {
2236 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2237 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2238 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2239 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
2240 0x46, 0x32, 0x0d, 0x0a
2242 uint32_t reply5_len =
sizeof(reply5);
2245 uint8_t request6[] = {
2246 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2247 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x67, 0x40,
2248 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2251 uint32_t request6_len =
sizeof(request6);
2253 uint8_t reply6[] = {
2254 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2255 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2257 uint32_t reply6_len =
sizeof(reply6);
2260 uint8_t request7[] = {
2261 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2262 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2263 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2266 uint32_t request7_len =
sizeof(request7);
2268 uint8_t reply7[] = {
2269 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2270 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2272 uint32_t reply7_len =
sizeof(reply7);
2275 uint8_t request8[] = {
2276 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2278 uint32_t request8_len =
sizeof(request8);
2280 uint8_t reply8[] = {
2281 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2282 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2283 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2284 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2285 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2287 uint32_t reply8_len =
sizeof(reply8);
2290 uint8_t request9_1[] = {
2291 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2292 0x66, 0x67, 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c,
2293 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2295 uint32_t request9_1_len =
sizeof(request9_1);
2297 uint8_t request9_2[] = {
2298 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2299 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2300 0x6f, 0x6d, 0x0d, 0x0a
2302 uint32_t request9_2_len =
sizeof(request9_2);
2304 uint8_t request9_3[] = {
2307 uint32_t request9_3_len =
sizeof(request9_3);
2309 uint8_t request9_4[] = {
2310 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2311 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2312 0x6c, 0x32, 0x0d, 0x0a
2314 uint32_t request9_4_len =
sizeof(request9_4);
2316 uint8_t request9_5[] = {
2319 uint32_t request9_5_len =
sizeof(request9_5);
2321 uint8_t reply9[] = {
2322 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2323 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2324 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2325 0x32, 0x38, 0x43, 0x46, 0x46, 0x32, 0x30, 0x42,
2326 0x46, 0x32, 0x0d, 0x0a
2328 uint32_t reply9_len =
sizeof(reply9);
2331 uint8_t request10[] = {
2332 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
2334 uint32_t request10_len =
sizeof(request10);
2336 uint8_t reply10[] = {
2337 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2338 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
2340 uint32_t reply10_len =
sizeof(reply10);
2345 memset(&f, 0,
sizeof(f));
2346 memset(&ssn, 0,
sizeof(ssn));
2350 f.
proto = IPPROTO_TCP;
2354 SMTPTestInitConfig();
2357 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2359 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2363 if (smtp_state == NULL) {
2364 printf(
"no smtp state: ");
2369 printf(
"smtp parser in inconsistent state\n");
2374 STREAM_TOSERVER, request1, request1_len);
2376 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2382 printf(
"smtp parser in inconsistent state\n");
2387 STREAM_TOCLIENT, reply1, reply1_len);
2389 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2394 printf(
"smtp parser in inconsistent state\n");
2399 STREAM_TOSERVER, request2, request2_len);
2401 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2407 printf(
"smtp parser in inconsistent state\n");
2412 STREAM_TOCLIENT, reply2, reply2_len);
2414 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2419 printf(
"smtp parser in inconsistent state\n");
2424 STREAM_TOSERVER, request3, request3_len);
2426 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2432 printf(
"smtp parser in inconsistent state\n");
2437 STREAM_TOCLIENT, reply3, reply3_len);
2439 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2444 printf(
"smtp parser in inconsistent state\n");
2449 STREAM_TOSERVER, request4, request4_len);
2451 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2457 printf(
"smtp parser in inconsistent state\n");
2462 STREAM_TOCLIENT, reply4, reply4_len);
2464 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2470 printf(
"smtp parser in inconsistent state\n");
2475 STREAM_TOSERVER, request5_1, request5_1_len);
2477 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2484 printf(
"smtp parser in inconsistent state\n");
2489 STREAM_TOSERVER, request5_2, request5_2_len);
2491 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2498 printf(
"smtp parser in inconsistent state\n");
2503 STREAM_TOSERVER, request5_3, request5_3_len);
2505 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2512 printf(
"smtp parser in inconsistent state\n");
2517 STREAM_TOSERVER, request5_4, request5_4_len);
2519 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2526 printf(
"smtp parser in inconsistent state\n");
2531 STREAM_TOSERVER, request5_5, request5_5_len);
2533 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2539 printf(
"smtp parser in inconsistent state\n");
2544 STREAM_TOCLIENT, reply5, reply5_len);
2546 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2551 printf(
"smtp parser in inconsistent state\n");
2556 STREAM_TOSERVER, request6, request6_len);
2558 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2564 printf(
"smtp parser in inconsistent state\n");
2569 STREAM_TOCLIENT, reply6, reply6_len);
2571 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2576 printf(
"smtp parser in inconsistent state\n");
2581 STREAM_TOSERVER, request7, request7_len);
2583 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2589 printf(
"smtp parser in inconsistent state\n");
2594 STREAM_TOCLIENT, reply7, reply7_len);
2596 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2601 printf(
"smtp parser in inconsistent state\n");
2606 STREAM_TOSERVER, request8, request8_len);
2608 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2614 printf(
"smtp parser in inconsistent state\n");
2619 STREAM_TOCLIENT, reply8, reply8_len);
2621 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2627 printf(
"smtp parser in inconsistent state\n");
2632 STREAM_TOSERVER, request9_1, request9_1_len);
2634 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2641 printf(
"smtp parser in inconsistent state\n");
2646 STREAM_TOSERVER, request9_2, request9_2_len);
2648 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2655 printf(
"smtp parser in inconsistent state\n");
2660 STREAM_TOSERVER, request9_3, request9_3_len);
2662 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2669 printf(
"smtp parser in inconsistent state\n");
2674 STREAM_TOSERVER, request9_4, request9_4_len);
2676 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2683 printf(
"smtp parser in inconsistent state\n");
2688 STREAM_TOSERVER, request9_5, request9_5_len);
2690 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2696 printf(
"smtp parser in inconsistent state\n");
2701 STREAM_TOCLIENT, reply9, reply9_len);
2703 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2708 printf(
"smtp parser in inconsistent state\n");
2713 STREAM_TOSERVER, request10, request10_len);
2715 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2721 printf(
"smtp parser in inconsistent state\n");
2726 STREAM_TOCLIENT, reply10, reply10_len);
2728 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2733 printf(
"smtp parser in inconsistent state\n");
2749 static int SMTPParserTest03(
void)
2756 uint8_t welcome_reply[] = {
2757 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2758 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2759 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2760 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2761 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2762 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2764 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2767 uint8_t request1[] = {
2768 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2769 0x2e, 0x63, 0x6f, 0x6d, 0x0a
2771 uint32_t request1_len =
sizeof(request1);
2781 uint8_t reply1[] = {
2782 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2783 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2784 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2785 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2786 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
2787 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
2788 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2789 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2790 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2791 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2792 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2793 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2794 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2795 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2796 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2797 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2798 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2800 uint32_t reply1_len =
sizeof(reply1);
2807 uint8_t request2[] = {
2808 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2809 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2810 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2811 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
2812 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2813 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2814 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
2815 0x49, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74,
2816 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x0d, 0x0a,
2818 uint32_t request2_len =
sizeof(request2);
2823 uint8_t reply2[] = {
2824 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2825 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a, 0x32, 0x35,
2826 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e, 0x35, 0x20,
2827 0x4f, 0x6b, 0x0d, 0x0a, 0x33, 0x35, 0x34, 0x20,
2828 0x45, 0x6e, 0x64, 0x20, 0x64, 0x61, 0x74, 0x61,
2829 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x3c, 0x43,
2830 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x2e, 0x3c,
2831 0x43, 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x0d,
2834 uint32_t reply2_len =
sizeof(reply2);
2839 memset(&f, 0,
sizeof(f));
2840 memset(&ssn, 0,
sizeof(ssn));
2844 f.
proto = IPPROTO_TCP;
2848 SMTPTestInitConfig();
2851 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2853 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2857 if (smtp_state == NULL) {
2858 printf(
"no smtp state: ");
2863 printf(
"smtp parser in inconsistent state\n");
2868 STREAM_TOSERVER, request1, request1_len);
2870 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2876 printf(
"smtp parser in inconsistent state\n");
2881 STREAM_TOCLIENT, reply1, reply1_len);
2883 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2889 printf(
"smtp parser in inconsistent state\n");
2894 STREAM_TOSERVER, request2, request2_len);
2896 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2906 printf(
"smtp parser in inconsistent state\n");
2911 STREAM_TOCLIENT, reply2, reply2_len);
2913 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2920 printf(
"smtp parser in inconsistent state\n");
2936 static int SMTPParserTest04(
void)
2943 uint8_t welcome_reply[] = {
2944 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2945 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2946 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2947 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2948 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2949 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2951 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2954 uint8_t request1[] = {
2955 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2956 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2957 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2958 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2959 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2960 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2962 uint32_t request1_len =
sizeof(request1);
2967 memset(&f, 0,
sizeof(f));
2968 memset(&ssn, 0,
sizeof(ssn));
2972 f.
proto = IPPROTO_TCP;
2976 SMTPTestInitConfig();
2979 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2981 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2985 if (smtp_state == NULL) {
2986 printf(
"no smtp state: ");
2991 printf(
"smtp parser in inconsistent state\n");
2996 STREAM_TOSERVER, request1, request1_len);
2998 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3004 printf(
"smtp parser in inconsistent state\n");
3020 static int SMTPParserTest05(
void)
3027 uint8_t welcome_reply[] = {
3028 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
3029 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3030 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3031 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
3032 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
3033 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
3035 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3038 uint8_t request1[] = {
3039 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3040 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3042 uint32_t request1_len =
sizeof(request1);
3052 uint8_t reply1[] = {
3053 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3054 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3055 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3056 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3057 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
3058 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
3059 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3060 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3061 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3062 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3063 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3064 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3065 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3066 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3067 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3068 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3069 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3071 uint32_t reply1_len =
sizeof(reply1);
3074 uint8_t request2[] = {
3075 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3078 uint32_t request2_len =
sizeof(request2);
3080 uint8_t reply2[] = {
3081 0x35, 0x30, 0x32, 0x20, 0x35, 0x2e, 0x35, 0x2e,
3082 0x32, 0x20, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x3a,
3083 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64,
3084 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x63,
3085 0x6f, 0x67, 0x6e, 0x69, 0x7a, 0x65, 0x64, 0x0d,
3088 uint32_t reply2_len =
sizeof(reply2);
3091 uint8_t request3[] = {
3092 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3095 uint32_t request3_len =
sizeof(request3);
3097 uint8_t reply3[] = {
3098 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3099 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3101 uint32_t reply3_len =
sizeof(reply3);
3106 memset(&f, 0,
sizeof(f));
3107 memset(&ssn, 0,
sizeof(ssn));
3111 f.
proto = IPPROTO_TCP;
3115 SMTPTestInitConfig();
3118 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3120 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3124 if (smtp_state == NULL) {
3125 printf(
"no smtp state: ");
3130 printf(
"smtp parser in inconsistent state\n");
3135 STREAM_TOSERVER, request1, request1_len);
3137 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3143 printf(
"smtp parser in inconsistent state\n");
3148 STREAM_TOCLIENT, reply1, reply1_len);
3150 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3156 printf(
"smtp parser in inconsistent state\n");
3161 STREAM_TOSERVER, request2, request2_len);
3163 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3170 printf(
"smtp parser in inconsistent state\n");
3175 STREAM_TOCLIENT, reply2, reply2_len);
3177 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3183 printf(
"smtp parser in inconsistent state\n");
3195 STREAM_TOSERVER, request3, request3_len);
3197 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3204 printf(
"smtp parser in inconsistent state\n");
3209 STREAM_TOCLIENT, reply3, reply3_len);
3211 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3217 printf(
"smtp parser in inconsistent state\n");
3233 static int SMTPParserTest06(
void)
3239 uint8_t welcome_reply[] = {
3240 0x32, 0x32, 0x30, 0x20, 0x62, 0x61, 0x79, 0x30,
3241 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3242 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3243 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3244 0x6d, 0x20, 0x53, 0x65, 0x6e, 0x64, 0x69, 0x6e,
3245 0x67, 0x20, 0x75, 0x6e, 0x73, 0x6f, 0x6c, 0x69,
3246 0x63, 0x69, 0x74, 0x65, 0x64, 0x20, 0x63, 0x6f,
3247 0x6d, 0x6d, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6c,
3248 0x20, 0x6f, 0x72, 0x20, 0x62, 0x75, 0x6c, 0x6b,
3249 0x20, 0x65, 0x2d, 0x6d, 0x61, 0x69, 0x6c, 0x20,
3250 0x74, 0x6f, 0x20, 0x4d, 0x69, 0x63, 0x72, 0x6f,
3251 0x73, 0x6f, 0x66, 0x74, 0x27, 0x73, 0x20, 0x63,
3252 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72, 0x20,
3253 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x20,
3254 0x69, 0x73, 0x20, 0x70, 0x72, 0x6f, 0x68, 0x69,
3255 0x62, 0x69, 0x74, 0x65, 0x64, 0x2e, 0x20, 0x4f,
3256 0x74, 0x68, 0x65, 0x72, 0x20, 0x72, 0x65, 0x73,
3257 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e,
3258 0x73, 0x20, 0x61, 0x72, 0x65, 0x20, 0x66, 0x6f,
3259 0x75, 0x6e, 0x64, 0x20, 0x61, 0x74, 0x20, 0x68,
3260 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x70, 0x72,
3261 0x69, 0x76, 0x61, 0x63, 0x79, 0x2e, 0x6d, 0x73,
3262 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x6e,
3263 0x74, 0x69, 0x2d, 0x73, 0x70, 0x61, 0x6d, 0x2f,
3264 0x2e, 0x20, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74,
3265 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x77, 0x69, 0x6c,
3266 0x6c, 0x20, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74,
3267 0x20, 0x69, 0x6e, 0x20, 0x75, 0x73, 0x65, 0x20,
3268 0x6f, 0x66, 0x20, 0x65, 0x71, 0x75, 0x69, 0x70,
3269 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6c, 0x6f, 0x63,
3270 0x61, 0x74, 0x65, 0x64, 0x20, 0x69, 0x6e, 0x20,
3271 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e,
3272 0x69, 0x61, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x6f,
3273 0x74, 0x68, 0x65, 0x72, 0x20, 0x73, 0x74, 0x61,
3274 0x74, 0x65, 0x73, 0x2e, 0x20, 0x46, 0x72, 0x69,
3275 0x2c, 0x20, 0x31, 0x36, 0x20, 0x46, 0x65, 0x62,
3276 0x20, 0x32, 0x30, 0x30, 0x37, 0x20, 0x30, 0x35,
3277 0x3a, 0x30, 0x33, 0x3a, 0x32, 0x33, 0x20, 0x2d,
3278 0x30, 0x38, 0x30, 0x30, 0x20, 0x0d, 0x0a
3280 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3282 uint8_t request1[] = {
3283 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x45, 0x58, 0x43,
3284 0x48, 0x41, 0x4e, 0x47, 0x45, 0x32, 0x2e, 0x63,
3285 0x67, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x6d, 0x69,
3286 0x61, 0x6d, 0x69, 0x2e, 0x65, 0x64, 0x75, 0x0d,
3289 uint32_t request1_len =
sizeof(request1);
3291 uint8_t reply1[] = {
3292 0x32, 0x35, 0x30, 0x2d, 0x62, 0x61, 0x79, 0x30,
3293 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3294 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3295 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3296 0x6d, 0x20, 0x28, 0x33, 0x2e, 0x33, 0x2e, 0x31,
3297 0x2e, 0x34, 0x29, 0x20, 0x48, 0x65, 0x6c, 0x6c,
3298 0x6f, 0x20, 0x5b, 0x31, 0x32, 0x39, 0x2e, 0x31,
3299 0x37, 0x31, 0x2e, 0x33, 0x32, 0x2e, 0x35, 0x39,
3300 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53,
3301 0x49, 0x5a, 0x45, 0x20, 0x32, 0x39, 0x36, 0x39,
3302 0x36, 0x30, 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35,
3303 0x30, 0x2d, 0x38, 0x62, 0x69, 0x74, 0x6d, 0x69,
3304 0x6d, 0x65, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3305 0x42, 0x49, 0x4e, 0x41, 0x52, 0x59, 0x4d, 0x49,
3306 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3307 0x43, 0x48, 0x55, 0x4e, 0x4b, 0x49, 0x4e, 0x47,
3308 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3309 0x54, 0x48, 0x20, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3310 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3311 0x54, 0x48, 0x3d, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3312 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20, 0x4f, 0x4b,
3315 uint32_t reply1_len =
sizeof(reply1);
3318 uint8_t request2[] = {
3319 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3320 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3321 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3324 uint32_t request2_len =
sizeof(request2);
3326 uint8_t reply2[] = {
3327 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3328 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3330 uint32_t reply2_len =
sizeof(reply2);
3333 uint8_t request3[] = {
3334 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3335 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3336 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3339 uint32_t request3_len =
sizeof(request3);
3341 uint8_t reply3[] = {
3342 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3343 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3345 uint32_t reply3_len =
sizeof(reply3);
3348 uint8_t request4[] = {
3349 0x42, 0x44, 0x41, 0x54, 0x20, 0x35, 0x31, 0x0d,
3352 uint32_t request4_len =
sizeof(request4);
3354 uint8_t request5[] = {
3355 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3356 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3357 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3358 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x0d, 0x0a,
3360 uint32_t request5_len =
sizeof(request5);
3362 uint8_t request6[] = {
3363 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3364 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3367 uint32_t request6_len =
sizeof(request6);
3372 memset(&f, 0,
sizeof(f));
3373 memset(&ssn, 0,
sizeof(ssn));
3377 f.
proto = IPPROTO_TCP;
3381 SMTPTestInitConfig();
3384 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3386 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3390 if (smtp_state == NULL) {
3391 printf(
"no smtp state: ");
3396 printf(
"smtp parser in inconsistent state\n");
3401 STREAM_TOSERVER, request1, request1_len);
3403 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3409 printf(
"smtp parser in inconsistent state\n");
3414 STREAM_TOCLIENT, reply1, reply1_len);
3416 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3421 printf(
"smtp parser in inconsistent state\n");
3426 STREAM_TOSERVER, request2, request2_len);
3428 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3434 printf(
"smtp parser in inconsistent state\n");
3439 STREAM_TOCLIENT, reply2, reply2_len);
3441 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3446 printf(
"smtp parser in inconsistent state\n");
3451 STREAM_TOSERVER, request3, request3_len);
3453 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3459 printf(
"smtp parser in inconsistent state\n");
3464 STREAM_TOCLIENT, reply3, reply3_len);
3466 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3471 printf(
"smtp parser in inconsistent state\n");
3476 STREAM_TOSERVER, request4, request4_len);
3478 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3486 printf(
"smtp parser in inconsistent state\n");
3491 STREAM_TOSERVER, request5, request5_len);
3493 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3500 printf(
"smtp parser in inconsistent state\n");
3505 STREAM_TOSERVER, request6, request6_len);
3507 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3513 printf(
"smtp parser in inconsistent state\n");
3526 static int SMTPParserTest12(
void)
3540 uint8_t request1[] = {
3541 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3542 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3544 int32_t request1_len =
sizeof(request1);
3548 uint8_t reply1[] = {
3549 0x31, 0x38, 0x38, 0x0d, 0x0a,
3551 uint32_t reply1_len =
sizeof(reply1);
3555 memset(&th_v, 0,
sizeof(th_v));
3556 memset(&f, 0,
sizeof(f));
3557 memset(&ssn, 0,
sizeof(ssn));
3563 f.
proto = IPPROTO_TCP;
3572 SMTPTestInitConfig();
3581 "(msg:\"SMTP event handling\"; "
3582 "app-layer-event: smtp.invalid_reply; "
3591 STREAM_TOSERVER | STREAM_START, request1,
3594 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3599 if (smtp_state == NULL) {
3600 printf(
"no smtp state: ");
3608 printf(
"sid 1 matched. It shouldn't match: ");
3613 STREAM_TOCLIENT | STREAM_TOCLIENT, reply1,
3616 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3624 printf(
"sid 1 didn't match. Should have matched: ");
3645 static int SMTPParserTest13(
void)
3659 uint8_t request1[] = {
3660 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3661 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3663 int32_t request1_len =
sizeof(request1);
3667 uint8_t reply1[] = {
3668 0x32, 0x35, 0x30, 0x0d, 0x0a,
3670 uint32_t reply1_len =
sizeof(reply1);
3677 uint8_t request2[] = {
3678 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3679 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3680 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3681 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
3682 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3683 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3684 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
3685 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3688 uint32_t request2_len =
sizeof(request2);
3692 memset(&th_v, 0,
sizeof(th_v));
3693 memset(&f, 0,
sizeof(f));
3694 memset(&ssn, 0,
sizeof(ssn));
3700 f.
proto = IPPROTO_TCP;
3709 SMTPTestInitConfig();
3718 "(msg:\"SMTP event handling\"; "
3720 "smtp.invalid_pipelined_sequence; "
3729 STREAM_TOSERVER | STREAM_START, request1,
3732 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3737 if (smtp_state == NULL) {
3738 printf(
"no smtp state: ");
3746 printf(
"sid 1 matched. It shouldn't match: ");
3751 STREAM_TOCLIENT, reply1, reply1_len);
3753 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3761 printf(
"sid 1 matched. It shouldn't match: ");
3766 STREAM_TOSERVER, request2, request2_len);
3768 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3776 printf(
"sid 1 didn't match. Should have matched: ");
3800 static int SMTPParserTest14(
void)
3807 static uint8_t welcome_reply[] = {
3808 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
3809 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
3810 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
3811 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
3812 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
3815 static uint32_t welcome_reply_len =
sizeof(welcome_reply);
3818 static uint8_t request1[] = {
3819 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3820 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3822 static uint32_t request1_len =
sizeof(request1);
3829 static uint8_t reply1[] = {
3830 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3831 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3832 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3833 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3834 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3835 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3836 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3837 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3838 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3839 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3840 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3841 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3842 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3843 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3844 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3846 static uint32_t reply1_len =
sizeof(reply1);
3849 static uint8_t request2[] = {
3850 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3851 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3852 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3855 static uint32_t request2_len =
sizeof(request2);
3857 static uint8_t reply2[] = {
3858 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3859 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3861 static uint32_t reply2_len =
sizeof(reply2);
3864 static uint8_t request3[] = {
3865 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3866 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3867 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3870 static uint32_t request3_len =
sizeof(request3);
3872 static uint8_t reply3[] = {
3873 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3874 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3876 static uint32_t reply3_len =
sizeof(reply3);
3879 static uint8_t request4[] = {
3880 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
3882 static uint32_t request4_len =
sizeof(request4);
3884 static uint8_t reply4[] = {
3885 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
3886 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
3887 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
3888 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
3889 0x4c, 0x46, 0x3e, 0x0d, 0x0a
3891 static uint32_t reply4_len =
sizeof(reply4);
3894 static uint64_t filesize = 133;
3895 static uint8_t request4_msg[] = {
3896 0x4D, 0x49, 0x4D, 0x45, 0x2D, 0x56, 0x65, 0x72,
3897 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20, 0x31, 0x2E,
3898 0x30, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3899 0x6E, 0x74, 0x2D, 0x54, 0x79, 0x70, 0x65, 0x3A,
3900 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61,
3901 0x74, 0x69, 0x6F, 0x6E, 0x2F, 0x6F, 0x63, 0x74,
3902 0x65, 0x74, 0x2D, 0x73, 0x74, 0x72, 0x65, 0x61,
3903 0x6D, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3904 0x6E, 0x74, 0x2D, 0x54, 0x72, 0x61, 0x6E, 0x73,
3905 0x66, 0x65, 0x72, 0x2D, 0x45, 0x6E, 0x63, 0x6F,
3906 0x64, 0x69, 0x6E, 0x67, 0x3A, 0x20, 0x62, 0x61,
3907 0x73, 0x65, 0x36, 0x34, 0x0D, 0x0A, 0x43, 0x6F,
3908 0x6E, 0x74, 0x65, 0x6E, 0x74, 0x2D, 0x44, 0x69,
3909 0x73, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x69, 0x6F,
3910 0x6E, 0x3A, 0x20, 0x61, 0x74, 0x74, 0x61, 0x63,
3911 0x68, 0x6D, 0x65, 0x6E, 0x74, 0x3B, 0x20, 0x66,
3912 0x69, 0x6C, 0x65, 0x6E, 0x61, 0x6D, 0x65, 0x3D,
3913 0x22, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x65, 0x78,
3914 0x65, 0x22, 0x3B, 0x0D, 0x0A, 0x0D, 0x0A, 0x54,
3915 0x56, 0x6F, 0x41, 0x41, 0x46, 0x42, 0x46, 0x41,
3916 0x41, 0x42, 0x4D, 0x41, 0x51, 0x45, 0x41, 0x61,
3917 0x69, 0x70, 0x59, 0x77, 0x77, 0x41, 0x41, 0x41,
3918 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3919 0x41, 0x41, 0x44, 0x41, 0x51, 0x73, 0x42, 0x43,
3920 0x41, 0x41, 0x42, 0x41, 0x41, 0x43, 0x41, 0x41,
3921 0x41, 0x41, 0x41, 0x41, 0x48, 0x6B, 0x41, 0x41,
3922 0x41, 0x41, 0x4D, 0x41, 0x41, 0x41, 0x41, 0x65,
3923 0x51, 0x41, 0x41, 0x41, 0x41, 0x77, 0x41, 0x41,
3924 0x41, 0x41, 0x41, 0x41, 0x45, 0x41, 0x41, 0x42,
3925 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3926 0x41, 0x42, 0x30, 0x41, 0x41, 0x41, 0x41, 0x49,
3927 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3928 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3929 0x41, 0x45, 0x41, 0x41, 0x49, 0x67, 0x41, 0x41,
3930 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3931 0x67, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3932 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3933 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3934 0x41, 0x42, 0x63, 0x58, 0x44, 0x59, 0x32, 0x4C,
3935 0x6A, 0x6B, 0x7A, 0x4C, 0x6A, 0x59, 0x34, 0x4C,
3936 0x6A, 0x5A, 0x63, 0x65, 0x67, 0x41, 0x41, 0x4F,
3937 0x41, 0x3D, 0x3D, 0x0D,0x0A };
3938 static uint32_t request4_msg_len =
sizeof(request4_msg);
3941 static uint8_t request4_end[] = {
3942 0x0d, 0x0a, 0x2e, 0x0d, 0x0a
3944 static uint32_t request4_end_len =
sizeof(request4_end);
3946 static uint8_t reply4_end[] = {
3947 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3948 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
3949 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
3950 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
3951 0x46, 0x32, 0x0d, 0x0a
3953 static uint32_t reply4_end_len =
sizeof(reply4_end);
3956 static uint8_t request5[] = {
3957 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3959 static uint32_t request5_len =
sizeof(request5);
3961 static uint8_t reply5[] = {
3962 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3963 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3965 static uint32_t reply5_len =
sizeof(reply5);
3970 memset(&f, 0,
sizeof(f));
3971 memset(&ssn, 0,
sizeof(ssn));
3975 f.
proto = IPPROTO_TCP;
3979 SMTPTestInitConfig();
3983 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3985 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3989 if (smtp_state == NULL) {
3990 printf(
"no smtp state: ");
3995 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4000 STREAM_TOSERVER, request1, request1_len);
4002 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4008 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4014 STREAM_TOCLIENT, reply1, reply1_len);
4016 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4020 if ((smtp_state->
helo_len != 7) || strncmp(
"boo.com", (
char *)smtp_state->
helo, 7)) {
4021 printf(
"incorrect parsing of HELO field '%s' (%d)\n", smtp_state->
helo, smtp_state->
helo_len);
4027 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4033 STREAM_TOSERVER, request2, request2_len);
4035 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4041 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4047 STREAM_TOCLIENT, reply2, reply2_len);
4049 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4055 printf(
"incorrect parsing of MAIL FROM field '%s' (%d)\n",
4063 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4069 STREAM_TOSERVER, request3, request3_len);
4071 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4077 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4083 STREAM_TOCLIENT, reply3, reply3_len);
4085 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4090 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4102 STREAM_TOSERVER, request4, request4_len);
4104 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4111 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4117 STREAM_TOCLIENT, reply4, reply4_len);
4119 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4125 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4131 STREAM_TOSERVER, request4_msg, request4_msg_len);
4133 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4142 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4148 STREAM_TOSERVER, request4_end, request4_end_len);
4150 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4159 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4168 if (files != NULL && files->
head != NULL) {
4171 if(strncmp((
const char *)file->
name,
"test.exe", 8) != 0){
4172 printf(
"smtp-mime file name is incorrect");
4176 printf(
"smtp-mime file size %"PRIu64
" is incorrect",
FileDataSize(file));
4179 static uint8_t org_binary[] = {
4180 0x4D, 0x5A, 0x00, 0x00, 0x50, 0x45, 0x00, 0x00,
4181 0x4C, 0x01, 0x01, 0x00, 0x6A, 0x2A, 0x58, 0xC3,
4182 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4183 0x04, 0x00, 0x03, 0x01, 0x0B, 0x01, 0x08, 0x00,
4184 0x01, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
4185 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4186 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4187 0x00, 0x00, 0x40, 0x00, 0x04, 0x00, 0x00, 0x00,
4188 0x04, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00,
4189 0x20, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
4190 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4191 0x88, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4192 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4193 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4194 0x00, 0x00, 0x00, 0x00, 0x5C, 0x5C, 0x36, 0x36,
4195 0x2E, 0x39, 0x33, 0x2E, 0x36, 0x38, 0x2E, 0x36,
4196 0x5C, 0x7A, 0x00, 0x00, 0x38,};
4199 org_binary,
sizeof(org_binary)) != 1)
4201 printf(
"smtp-mime file data incorrect\n");
4208 STREAM_TOCLIENT, reply4_end, reply4_end_len);
4210 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4215 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4221 STREAM_TOSERVER, request5, request5_len);
4223 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4229 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4235 STREAM_TOCLIENT, reply5, reply5_len);
4237 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4242 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);