63 #define FILEDATA_CONTENT_LIMIT 100000
65 #define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
67 #define FILEDATA_CONTENT_INSPECT_WINDOW 4096
70 #define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
71 #define SMTP_MAX_REQUEST_AND_REPLY_LINE_LENGTH 510
73 #define SMTP_COMMAND_BUFFER_STEPS 5
77 #define SMTP_PARSER_STATE_COMMAND_MODE 0x00
80 #define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
84 #define SMTP_PARSER_STATE_PARSING_SERVER_RESPONSE 0x02
86 #define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04
88 #define SMTP_PARSER_STATE_PARSING_MULTILINE_REPLY 0x08
90 #define SMTP_PARSER_STATE_PIPELINING_SERVER 0x10
96 #define SMTP_COMMAND_STARTTLS 1
97 #define SMTP_COMMAND_DATA 2
98 #define SMTP_COMMAND_BDAT 3
103 #define SMTP_COMMAND_DATA_MODE 4
105 #define SMTP_COMMAND_OTHER_CMD 5
106 #define SMTP_COMMAND_RSET 6
109 #define SMTP_EHLO_EXTENSION_PIPELINING
110 #define SMTP_EHLO_EXTENSION_SIZE
111 #define SMTP_EHLO_EXTENSION_DSN
112 #define SMTP_EHLO_EXTENSION_STARTTLS
113 #define SMTP_EHLO_EXTENSION_8BITMIME
115 #define SMTP_LINE_BUFFER_LIMIT 4096
173 #define SMTP_MPM mpm_default_matcher
175 static MpmCtx *smtp_mpm_ctx = NULL;
245 SMTPConfig smtp_config = {
false, {
false,
false,
false, NULL,
false,
false, 0 }, 0, 0, 0,
false,
256 static void SMTPConfigure(
void) {
260 uint32_t content_limit = 0;
261 uint32_t content_inspect_min_size = 0;
262 uint32_t content_inspect_window = 0;
265 if (config != NULL) {
266 ConfNode *extract_urls_schemes = NULL;
298 if (extract_urls_schemes) {
303 size_t new_val_len = strlen(scheme->
val) + 3 + 1;
304 if (new_val_len > UINT16_MAX) {
305 FatalError(
"Too long value for extract-urls-schemes");
307 char *new_val =
SCMalloc(new_val_len);
312 int r = snprintf(new_val, new_val_len,
"%s://", scheme->
val);
313 if (r < 0 || r >= (
int)new_val_len) {
320 scheme->
val = new_val;
375 if (strcasecmp(
"content-limit", p->
name) == 0) {
383 if (strcasecmp(
"content-inspect-min-size", p->
name) == 0) {
391 if (strcasecmp(
"content-inspect-window", p->
name) == 0) {
403 if (
ConfGetBool(
"app-layer.protocols.smtp.raw-extraction",
408 SCLogError(
"\"decode-mime\" and \"raw-extraction\" "
409 "options can't be enabled at the same time, "
410 "disabling raw extraction");
417 static void SMTPSetEvent(
SMTPState *s, uint8_t e)
438 tx->
tx_data.file_tx = STREAM_TOSERVER;
444 if (tx && tx->
tx_data.de_state) {
445 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW set");
447 }
else if (tx == NULL) {
448 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX");
449 }
else if (tx->
tx_data.de_state == NULL) {
450 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX DESTATE");
460 if (tx == NULL || file == NULL) {
465 FlagDetectStateNewFile(tx);
510 if (files->head != NULL && (files->head->flags &
FILE_STORE)) {
515 (smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp);
516 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %"PRIu32, depth);
529 SMTPNewFile(tx, files->tail);
540 SCLogDebug(
"FileCloseFile() failed: %d", ret);
546 depth = smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp;
549 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u",
561 SCLogDebug(
"FileCloseFile() failed: %d", ret);
567 uint32_t depth = smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp;
569 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u",
572 STREAM_TOSERVER, depth);
580 SCLogDebug(
"FileAppendData() - file no longer being extracted");
581 }
else if (ret < 0) {
582 SCLogDebug(
"FileAppendData() failed: %d", ret);
586 if (files->tail && files->tail->content_inspected == 0 &&
589 (smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp);
591 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u",
594 STREAM_TOSERVER, depth);
597 }
else if (files->tail && files->tail->content_inspected > 0) {
605 (smtp_state->toserver_data_count - smtp_state->toserver_last_data_stamp);
606 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %"PRIu32,
609 STREAM_TOSERVER, depth);
614 SCLogDebug(
"Successfully processed file data!");
640 uint8_t *lf_idx = memchr(input->
buf + input->
consumed, 0x0a, input->
len);
642 if (lf_idx == NULL) {
651 uint32_t o_consumed = input->
consumed;
663 line->
buf = input->
buf + o_consumed;
675 static int SMTPInsertCommandIntoCommandBuffer(uint8_t command,
SMTPState *state,
Flow *f)
708 if ((
int)(state->
cmds_cnt + 1) > (
int)USHRT_MAX) {
719 static int SMTPProcessCommandBDAT(
737 static void SetMimeEvents(
SMTPState *state)
774 static inline void SMTPTransactionComplete(
SMTPState *state)
796 if (line->
len == 1 && line->
buf[0] ==
'.') {
811 SCLogDebug(
"MimeDecParseComplete() function failed");
815 SetMimeEvents(state);
817 SMTPTransactionComplete(state);
834 SetMimeEvents(state);
836 SCLogDebug(
"MimeDecParseLine() function returned an error code: %d", ret);
848 static int SMTPProcessCommandSTARTTLS(
SMTPState *state,
Flow *f,
854 static inline bool IsReplyToCommand(
const SMTPState *state,
const uint8_t cmd)
878 if (line->
len >= 4) {
880 if (line->
buf[3] !=
'-') {
884 if (line->
buf[3] ==
'-') {
906 SCLogDebug(
"REPLY: reply_code %u / %s", reply_code,
925 SCLogDebug(
"unable to match reply with request");
940 SMTPTransactionComplete(state);
957 SMTPTransactionComplete(state);
971 SCMemcmpLowercase(
"pipelining", line->
buf + 4, 10) == 0) {
990 while (i < line->
len) {
991 if (line->
buf[i] !=
' ') {
1000 if (i == line->
len) {
1004 char *endptr = NULL;
1008 if (line->
len - i <
len) {
1011 memcpy(strbuf, line->
buf + i,
len);
1013 state->
bdat_chunk_len = strtoul((
const char *)strbuf, (
char **)&endptr, 10);
1014 if ((uint8_t *)endptr == line->
buf + i) {
1022 static int SMTPParseCommandWithParam(
SMTPState *state,
const SMTPLine *line, uint8_t prefix_len,
1023 uint8_t **target, uint16_t *target_len)
1025 int i = prefix_len + 1;
1027 while (i < line->
len) {
1028 if (line->
buf[i] !=
' ') {
1037 while (spc_i < line->
len) {
1038 if (line->
buf[spc_i] ==
' ') {
1045 if (*target == NULL)
1047 memcpy(*target, line->
buf + i, spc_i - i);
1048 (*target)[spc_i - i] =
'\0';
1049 if (spc_i - i > UINT16_MAX) {
1050 *target_len = UINT16_MAX;
1053 *target_len = (uint16_t)(spc_i - i);
1065 return SMTPParseCommandWithParam(state, line, 4, &state->
helo, &state->
helo_len);
1074 return SMTPParseCommandWithParam(
1081 uint16_t rcptto_len;
1083 if (SMTPParseCommandWithParam(state, line, 7, &rcptto, &rcptto_len) == 0) {
1086 rcptto_str->
str = rcptto;
1087 rcptto_str->
len = rcptto_len;
1103 if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1105 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"quit", line->
buf, 4) == 0) {
1113 #define rawmsgname "rawmsg"
1122 tx = SMTPTransactionCreate();
1146 if (line->
len >= 8 && SCMemcmpLowercase(
"starttls", line->
buf, 8) == 0) {
1148 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"data", line->
buf, 4) == 0) {
1155 tx = SMTPTransactionCreate();
1173 tx = SMTPTransactionCreate();
1199 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"bdat", line->
buf, 4) == 0) {
1200 r = SMTPParseCommandBDAT(state, line);
1206 }
else if (line->
len >= 4 && ((SCMemcmpLowercase(
"helo", line->
buf, 4) == 0) ||
1207 SCMemcmpLowercase(
"ehlo", line->
buf, 4) == 0)) {
1208 r = SMTPParseCommandHELO(state, line);
1213 }
else if (line->
len >= 9 && SCMemcmpLowercase(
"mail from", line->
buf, 9) == 0) {
1214 r = SMTPParseCommandMAILFROM(state, line);
1219 }
else if (line->
len >= 7 && SCMemcmpLowercase(
"rcpt to", line->
buf, 7) == 0) {
1220 r = SMTPParseCommandRCPTTO(state, line);
1225 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1245 return SMTPProcessCommandSTARTTLS(state, f, pstate);
1248 return SMTPProcessCommandDATA(state, tx, f, pstate, line);
1251 return SMTPProcessCommandBDAT(state, f, pstate, line);
1260 static int SMTPPreProcessCommands(
1270 bool line_complete =
false;
1271 const int32_t input_len = input->
len;
1272 for (int32_t i = 0; i < input_len; i++) {
1273 if (input->
buf[i] == 0x0d) {
1274 if (i < input_len - 1 && input->buf[i + 1] == 0x0a) {
1280 line_complete =
true;
1281 }
else if (input->
buf[i] == 0x0a) {
1284 line_complete =
true;
1287 if (line_complete || (i == input_len - 1)) {
1294 SCLogDebug(
"Possible boundary, yield to GetLine");
1297 int32_t total_consumed = i + 1;
1298 int32_t current_line_consumed = total_consumed - input->
consumed;
1302 input->
len -= current_line_consumed;
1304 if (SMTPProcessRequest(state, f, pstate, input, line) == -1) {
1307 line_complete =
false;
1320 static AppLayerResult SMTPParse(uint8_t direction,
Flow *f,
SMTPState *state,
1325 const uint8_t *input_buf = StreamSliceGetData(&stream_slice);
1326 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
1328 if (input_buf == NULL &&
1333 }
else if (input_buf == NULL || input_len == 0) {
1337 SMTPInput input = { .
buf = input_buf, .len = input_len, .orig_len = input_len, .consumed = 0 };
1341 if (direction == 0) {
1345 int ret = SMTPPreProcessCommands(state, f, pstate, &input, &line);
1350 AppLayerResult res = SMTPGetLine(state, &input, &line);
1351 while (res.status == 0) {
1355 (SMTPProcessRequest(state, f, pstate, &input, &line) == -1))
1363 res = SMTPGetLine(state, &input, &line);
1366 if (res.status == 1)
1370 AppLayerResult res = SMTPGetLine(state, &input, &line);
1371 while (res.status == 0) {
1375 (SMTPProcessReply(state, f, pstate, thread_data, &input, &line) == -1))
1383 res = SMTPGetLine(state, &input, &line);
1386 if (res.status == 1)
1394 StreamSlice stream_slice,
void *local_data)
1399 return SMTPParse(0, f, alstate, pstate, stream_slice, local_data);
1403 StreamSlice stream_slice,
void *local_data)
1408 return SMTPParse(1, f, alstate, pstate, stream_slice, local_data);
1420 memset(smtp_state, 0,
sizeof(
SMTPState));
1424 if (smtp_state->
cmds == NULL) {
1454 static void *SMTPLocalStorageAlloc(
void)
1463 if (td->
pmq == NULL) {
1476 static void SMTPLocalStorageFree(
void *ptr)
1480 if (td->
pmq != NULL) {
1504 if (tx->
tx_data.events != NULL)
1507 if (tx->
tx_data.de_state != NULL)
1516 SMTPStringFree(
str);
1527 static void SMTPStateFree(
void *p)
1531 if (smtp_state->
cmds != NULL) {
1535 if (smtp_state->
helo) {
1540 while ((tx =
TAILQ_FIRST(&smtp_state->tx_list))) {
1542 SMTPTransactionFree(tx, smtp_state);
1550 static void SMTPSetMpmState(
void)
1553 if (
unlikely(smtp_mpm_ctx == NULL)) {
1556 memset(smtp_mpm_ctx, 0,
sizeof(
MpmCtx));
1572 static void SMTPFreeMpmState(
void)
1574 if (smtp_mpm_ctx != NULL) {
1577 smtp_mpm_ctx = NULL;
1581 static int SMTPStateGetEventInfo(
const char *event_name,
1585 if (*event_id == -1) {
1587 "smtp's enum map table.",
1598 static int SMTPStateGetEventInfoById(
int event_id,
const char **event_name,
1602 if (*event_name == NULL) {
1604 "smtp's enum map table.",
1615 static int SMTPRegisterPatternsForProtocolDetection(
void)
1618 "EHLO", 4, 0, STREAM_TOSERVER) < 0)
1623 "HELO", 4, 0, STREAM_TOSERVER) < 0)
1628 "QUIT", 4, 0, STREAM_TOSERVER) < 0)
1636 static void SMTPStateTransactionFree (
void *state, uint64_t tx_id)
1641 if (tx_id < tx->tx_id)
1643 else if (tx_id > tx->
tx_id)
1646 if (tx == smtp_state->
curr_tx)
1649 SMTPTransactionFree(tx, state);
1657 static uint64_t SMTPStateGetTxCnt(
void *state)
1662 cnt = smtp_state->
tx_cnt;
1668 static void *SMTPStateGetTx(
void *state, uint64_t
id)
1674 if (smtp_state->
curr_tx == NULL)
1680 if (tx->
tx_id ==
id)
1688 static int SMTPStateGetAlstateProgress(
void *vtx, uint8_t direction)
1694 static AppLayerGetFileState SMTPGetTxFiles(
void *state,
void *txv, uint8_t direction)
1699 if (direction & STREAM_TOSERVER) {
1711 static AppLayerStateData *SMTPGetStateData(
void *vstate)
1722 const char *proto_name =
"smtp";
1726 if (SMTPRegisterPatternsForProtocolDetection() < 0 )
1729 SCLogInfo(
"Protocol detection and parser disabled for %s protocol.",
1738 SMTPParseClientRecord);
1740 SMTPParseServerRecord);
1746 SMTPLocalStorageFree);
1757 SCLogInfo(
"Parsed disabled for %s protocol. Protocol detection"
1758 "still on.", proto_name);
1784 static void SMTPTestInitConfig(
void)
1798 static int SMTPParserTest01(
void)
1805 uint8_t welcome_reply[] = {
1806 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
1807 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1808 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
1809 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
1810 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
1813 uint32_t welcome_reply_len =
sizeof(welcome_reply);
1816 uint8_t request1[] = {
1817 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x5b, 0x31, 0x39,
1818 0x32, 0x2e, 0x31, 0x36, 0x38, 0x2e, 0x30, 0x2e,
1819 0x31, 0x35, 0x38, 0x5d, 0x0d, 0x0a
1821 uint32_t request1_len =
sizeof(request1);
1828 uint8_t reply1[] = {
1829 0x32, 0x35, 0x30, 0x2d, 0x6d, 0x78, 0x2e, 0x67,
1830 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1831 0x6d, 0x20, 0x61, 0x74, 0x20, 0x79, 0x6f, 0x75,
1832 0x72, 0x20, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
1833 0x65, 0x2c, 0x20, 0x5b, 0x31, 0x31, 0x37, 0x2e,
1834 0x31, 0x39, 0x38, 0x2e, 0x31, 0x31, 0x35, 0x2e,
1835 0x35, 0x30, 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30,
1836 0x2d, 0x53, 0x49, 0x5a, 0x45, 0x20, 0x33, 0x35,
1837 0x38, 0x38, 0x32, 0x35, 0x37, 0x37, 0x0d, 0x0a,
1838 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49, 0x54,
1839 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35,
1840 0x30, 0x2d, 0x53, 0x54, 0x41, 0x52, 0x54, 0x54,
1841 0x4c, 0x53, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20,
1842 0x45, 0x4e, 0x48, 0x41, 0x4e, 0x43, 0x45, 0x44,
1843 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x43, 0x4f,
1844 0x44, 0x45, 0x53, 0x0d, 0x0a
1846 uint32_t reply1_len =
sizeof(reply1);
1849 uint8_t request2[] = {
1850 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
1853 uint32_t request2_len =
sizeof(request2);
1855 uint8_t reply2[] = {
1856 0x32, 0x32, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
1857 0x30, 0x20, 0x52, 0x65, 0x61, 0x64, 0x79, 0x20,
1858 0x74, 0x6f, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74,
1859 0x20, 0x54, 0x4c, 0x53, 0x0d, 0x0a
1861 uint32_t reply2_len =
sizeof(reply2);
1866 memset(&f, 0,
sizeof(f));
1867 memset(&ssn, 0,
sizeof(ssn));
1871 f.
proto = IPPROTO_TCP;
1875 SMTPTestInitConfig();
1878 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
1880 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
1884 if (smtp_state == NULL) {
1885 printf(
"no smtp state: ");
1890 printf(
"smtp parser in inconsistent state\n");
1895 STREAM_TOSERVER, request1, request1_len);
1897 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
1903 printf(
"smtp parser in inconsistent state\n");
1908 STREAM_TOCLIENT, reply1, reply1_len);
1910 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
1915 printf(
"smtp parser in inconsistent state\n");
1920 STREAM_TOSERVER, request2, request2_len);
1922 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
1928 printf(
"smtp parser in inconsistent state\n");
1933 STREAM_TOCLIENT, reply2, reply2_len);
1935 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
1941 printf(
"smtp parser in inconsistent state\n");
1961 static int SMTPParserTest02(
void)
1968 uint8_t welcome_reply[] = {
1969 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
1970 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1971 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
1972 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
1973 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
1976 uint32_t welcome_reply_len =
sizeof(welcome_reply);
1979 uint8_t request1[] = {
1980 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
1981 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
1983 uint32_t request1_len =
sizeof(request1);
1990 uint8_t reply1[] = {
1991 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
1992 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
1993 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
1994 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
1995 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
1996 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
1997 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
1998 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
1999 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2000 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2001 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2002 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2003 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2004 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2005 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2007 uint32_t reply1_len =
sizeof(reply1);
2010 uint8_t request2[] = {
2011 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2012 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
2013 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2016 uint32_t request2_len =
sizeof(request2);
2018 uint8_t reply2[] = {
2019 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2020 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2022 uint32_t reply2_len =
sizeof(reply2);
2025 uint8_t request3[] = {
2026 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2027 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2028 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2031 uint32_t request3_len =
sizeof(request3);
2033 uint8_t reply3[] = {
2034 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2035 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2037 uint32_t reply3_len =
sizeof(reply3);
2040 uint8_t request4[] = {
2041 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2043 uint32_t request4_len =
sizeof(request4);
2045 uint8_t reply4[] = {
2046 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2047 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2048 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2049 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2050 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2052 uint32_t reply4_len =
sizeof(reply4);
2055 uint8_t request5_1[] = {
2056 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2057 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
2058 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2060 uint32_t request5_1_len =
sizeof(request5_1);
2062 uint8_t request5_2[] = {
2063 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2064 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2065 0x6f, 0x6d, 0x0d, 0x0a
2067 uint32_t request5_2_len =
sizeof(request5_2);
2069 uint8_t request5_3[] = {
2072 uint32_t request5_3_len =
sizeof(request5_3);
2074 uint8_t request5_4[] = {
2075 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2076 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2077 0x6c, 0x31, 0x0d, 0x0a
2079 uint32_t request5_4_len =
sizeof(request5_4);
2081 uint8_t request5_5[] = {
2084 uint32_t request5_5_len =
sizeof(request5_5);
2086 uint8_t reply5[] = {
2087 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2088 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2089 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2090 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
2091 0x46, 0x32, 0x0d, 0x0a
2093 uint32_t reply5_len =
sizeof(reply5);
2096 uint8_t request6[] = {
2097 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2098 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x67, 0x40,
2099 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2102 uint32_t request6_len =
sizeof(request6);
2104 uint8_t reply6[] = {
2105 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2106 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2108 uint32_t reply6_len =
sizeof(reply6);
2111 uint8_t request7[] = {
2112 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2113 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2114 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2117 uint32_t request7_len =
sizeof(request7);
2119 uint8_t reply7[] = {
2120 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2121 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2123 uint32_t reply7_len =
sizeof(reply7);
2126 uint8_t request8[] = {
2127 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2129 uint32_t request8_len =
sizeof(request8);
2131 uint8_t reply8[] = {
2132 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2133 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2134 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2135 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2136 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2138 uint32_t reply8_len =
sizeof(reply8);
2141 uint8_t request9_1[] = {
2142 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2143 0x66, 0x67, 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c,
2144 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2146 uint32_t request9_1_len =
sizeof(request9_1);
2148 uint8_t request9_2[] = {
2149 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2150 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2151 0x6f, 0x6d, 0x0d, 0x0a
2153 uint32_t request9_2_len =
sizeof(request9_2);
2155 uint8_t request9_3[] = {
2158 uint32_t request9_3_len =
sizeof(request9_3);
2160 uint8_t request9_4[] = {
2161 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2162 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2163 0x6c, 0x32, 0x0d, 0x0a
2165 uint32_t request9_4_len =
sizeof(request9_4);
2167 uint8_t request9_5[] = {
2170 uint32_t request9_5_len =
sizeof(request9_5);
2172 uint8_t reply9[] = {
2173 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2174 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2175 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2176 0x32, 0x38, 0x43, 0x46, 0x46, 0x32, 0x30, 0x42,
2177 0x46, 0x32, 0x0d, 0x0a
2179 uint32_t reply9_len =
sizeof(reply9);
2182 uint8_t request10[] = {
2183 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
2185 uint32_t request10_len =
sizeof(request10);
2187 uint8_t reply10[] = {
2188 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2189 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
2191 uint32_t reply10_len =
sizeof(reply10);
2196 memset(&f, 0,
sizeof(f));
2197 memset(&ssn, 0,
sizeof(ssn));
2201 f.
proto = IPPROTO_TCP;
2205 SMTPTestInitConfig();
2208 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2210 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2214 if (smtp_state == NULL) {
2215 printf(
"no smtp state: ");
2220 printf(
"smtp parser in inconsistent state\n");
2225 STREAM_TOSERVER, request1, request1_len);
2227 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2233 printf(
"smtp parser in inconsistent state\n");
2238 STREAM_TOCLIENT, reply1, reply1_len);
2240 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2245 printf(
"smtp parser in inconsistent state\n");
2250 STREAM_TOSERVER, request2, request2_len);
2252 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2258 printf(
"smtp parser in inconsistent state\n");
2263 STREAM_TOCLIENT, reply2, reply2_len);
2265 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2270 printf(
"smtp parser in inconsistent state\n");
2275 STREAM_TOSERVER, request3, request3_len);
2277 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2283 printf(
"smtp parser in inconsistent state\n");
2288 STREAM_TOCLIENT, reply3, reply3_len);
2290 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2295 printf(
"smtp parser in inconsistent state\n");
2300 STREAM_TOSERVER, request4, request4_len);
2302 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2308 printf(
"smtp parser in inconsistent state\n");
2313 STREAM_TOCLIENT, reply4, reply4_len);
2315 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2321 printf(
"smtp parser in inconsistent state\n");
2326 STREAM_TOSERVER, request5_1, request5_1_len);
2328 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2335 printf(
"smtp parser in inconsistent state\n");
2340 STREAM_TOSERVER, request5_2, request5_2_len);
2342 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2349 printf(
"smtp parser in inconsistent state\n");
2354 STREAM_TOSERVER, request5_3, request5_3_len);
2356 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2363 printf(
"smtp parser in inconsistent state\n");
2368 STREAM_TOSERVER, request5_4, request5_4_len);
2370 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2377 printf(
"smtp parser in inconsistent state\n");
2382 STREAM_TOSERVER, request5_5, request5_5_len);
2384 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2390 printf(
"smtp parser in inconsistent state\n");
2395 STREAM_TOCLIENT, reply5, reply5_len);
2397 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2402 printf(
"smtp parser in inconsistent state\n");
2407 STREAM_TOSERVER, request6, request6_len);
2409 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2415 printf(
"smtp parser in inconsistent state\n");
2420 STREAM_TOCLIENT, reply6, reply6_len);
2422 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2427 printf(
"smtp parser in inconsistent state\n");
2432 STREAM_TOSERVER, request7, request7_len);
2434 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2440 printf(
"smtp parser in inconsistent state\n");
2445 STREAM_TOCLIENT, reply7, reply7_len);
2447 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2452 printf(
"smtp parser in inconsistent state\n");
2457 STREAM_TOSERVER, request8, request8_len);
2459 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2465 printf(
"smtp parser in inconsistent state\n");
2470 STREAM_TOCLIENT, reply8, reply8_len);
2472 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2478 printf(
"smtp parser in inconsistent state\n");
2483 STREAM_TOSERVER, request9_1, request9_1_len);
2485 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2492 printf(
"smtp parser in inconsistent state\n");
2497 STREAM_TOSERVER, request9_2, request9_2_len);
2499 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2506 printf(
"smtp parser in inconsistent state\n");
2511 STREAM_TOSERVER, request9_3, request9_3_len);
2513 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2520 printf(
"smtp parser in inconsistent state\n");
2525 STREAM_TOSERVER, request9_4, request9_4_len);
2527 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2534 printf(
"smtp parser in inconsistent state\n");
2539 STREAM_TOSERVER, request9_5, request9_5_len);
2541 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2547 printf(
"smtp parser in inconsistent state\n");
2552 STREAM_TOCLIENT, reply9, reply9_len);
2554 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2559 printf(
"smtp parser in inconsistent state\n");
2564 STREAM_TOSERVER, request10, request10_len);
2566 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2572 printf(
"smtp parser in inconsistent state\n");
2577 STREAM_TOCLIENT, reply10, reply10_len);
2579 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2584 printf(
"smtp parser in inconsistent state\n");
2600 static int SMTPParserTest03(
void)
2607 uint8_t welcome_reply[] = {
2608 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2609 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2610 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2611 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2612 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2613 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2615 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2618 uint8_t request1[] = {
2619 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2620 0x2e, 0x63, 0x6f, 0x6d, 0x0a
2622 uint32_t request1_len =
sizeof(request1);
2632 uint8_t reply1[] = {
2633 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2634 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2635 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2636 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2637 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
2638 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
2639 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2640 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2641 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2642 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2643 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2644 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2645 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2646 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2647 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2648 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2649 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2651 uint32_t reply1_len =
sizeof(reply1);
2658 uint8_t request2[] = {
2659 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2660 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2661 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2662 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
2663 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2664 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2665 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
2666 0x49, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74,
2667 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x0d, 0x0a,
2669 uint32_t request2_len =
sizeof(request2);
2674 uint8_t reply2[] = {
2675 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2676 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a, 0x32, 0x35,
2677 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e, 0x35, 0x20,
2678 0x4f, 0x6b, 0x0d, 0x0a, 0x33, 0x35, 0x34, 0x20,
2679 0x45, 0x6e, 0x64, 0x20, 0x64, 0x61, 0x74, 0x61,
2680 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x3c, 0x43,
2681 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x2e, 0x3c,
2682 0x43, 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x0d,
2685 uint32_t reply2_len =
sizeof(reply2);
2690 memset(&f, 0,
sizeof(f));
2691 memset(&ssn, 0,
sizeof(ssn));
2695 f.
proto = IPPROTO_TCP;
2699 SMTPTestInitConfig();
2702 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2704 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2708 if (smtp_state == NULL) {
2709 printf(
"no smtp state: ");
2714 printf(
"smtp parser in inconsistent state\n");
2719 STREAM_TOSERVER, request1, request1_len);
2721 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2727 printf(
"smtp parser in inconsistent state\n");
2732 STREAM_TOCLIENT, reply1, reply1_len);
2734 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2740 printf(
"smtp parser in inconsistent state\n");
2745 STREAM_TOSERVER, request2, request2_len);
2747 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2757 printf(
"smtp parser in inconsistent state\n");
2762 STREAM_TOCLIENT, reply2, reply2_len);
2764 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2771 printf(
"smtp parser in inconsistent state\n");
2787 static int SMTPParserTest04(
void)
2794 uint8_t welcome_reply[] = {
2795 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2796 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2797 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2798 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2799 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2800 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2802 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2805 uint8_t request1[] = {
2806 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2807 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2808 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2809 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2810 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2811 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2813 uint32_t request1_len =
sizeof(request1);
2818 memset(&f, 0,
sizeof(f));
2819 memset(&ssn, 0,
sizeof(ssn));
2823 f.
proto = IPPROTO_TCP;
2827 SMTPTestInitConfig();
2830 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2832 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2836 if (smtp_state == NULL) {
2837 printf(
"no smtp state: ");
2842 printf(
"smtp parser in inconsistent state\n");
2847 STREAM_TOSERVER, request1, request1_len);
2849 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2855 printf(
"smtp parser in inconsistent state\n");
2871 static int SMTPParserTest05(
void)
2878 uint8_t welcome_reply[] = {
2879 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2880 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2881 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2882 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2883 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2884 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2886 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2889 uint8_t request1[] = {
2890 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2891 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2893 uint32_t request1_len =
sizeof(request1);
2903 uint8_t reply1[] = {
2904 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2905 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2906 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2907 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2908 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
2909 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
2910 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2911 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2912 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2913 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2914 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2915 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2916 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2917 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2918 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2919 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2920 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2922 uint32_t reply1_len =
sizeof(reply1);
2925 uint8_t request2[] = {
2926 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
2929 uint32_t request2_len =
sizeof(request2);
2931 uint8_t reply2[] = {
2932 0x35, 0x30, 0x32, 0x20, 0x35, 0x2e, 0x35, 0x2e,
2933 0x32, 0x20, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x3a,
2934 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64,
2935 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x63,
2936 0x6f, 0x67, 0x6e, 0x69, 0x7a, 0x65, 0x64, 0x0d,
2939 uint32_t reply2_len =
sizeof(reply2);
2942 uint8_t request3[] = {
2943 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
2946 uint32_t request3_len =
sizeof(request3);
2948 uint8_t reply3[] = {
2949 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2950 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
2952 uint32_t reply3_len =
sizeof(reply3);
2957 memset(&f, 0,
sizeof(f));
2958 memset(&ssn, 0,
sizeof(ssn));
2962 f.
proto = IPPROTO_TCP;
2966 SMTPTestInitConfig();
2969 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2971 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2975 if (smtp_state == NULL) {
2976 printf(
"no smtp state: ");
2981 printf(
"smtp parser in inconsistent state\n");
2986 STREAM_TOSERVER, request1, request1_len);
2988 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2994 printf(
"smtp parser in inconsistent state\n");
2999 STREAM_TOCLIENT, reply1, reply1_len);
3001 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3007 printf(
"smtp parser in inconsistent state\n");
3012 STREAM_TOSERVER, request2, request2_len);
3014 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3021 printf(
"smtp parser in inconsistent state\n");
3026 STREAM_TOCLIENT, reply2, reply2_len);
3028 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3034 printf(
"smtp parser in inconsistent state\n");
3046 STREAM_TOSERVER, request3, request3_len);
3048 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3055 printf(
"smtp parser in inconsistent state\n");
3060 STREAM_TOCLIENT, reply3, reply3_len);
3062 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3068 printf(
"smtp parser in inconsistent state\n");
3084 static int SMTPParserTest06(
void)
3090 uint8_t welcome_reply[] = {
3091 0x32, 0x32, 0x30, 0x20, 0x62, 0x61, 0x79, 0x30,
3092 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3093 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3094 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3095 0x6d, 0x20, 0x53, 0x65, 0x6e, 0x64, 0x69, 0x6e,
3096 0x67, 0x20, 0x75, 0x6e, 0x73, 0x6f, 0x6c, 0x69,
3097 0x63, 0x69, 0x74, 0x65, 0x64, 0x20, 0x63, 0x6f,
3098 0x6d, 0x6d, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6c,
3099 0x20, 0x6f, 0x72, 0x20, 0x62, 0x75, 0x6c, 0x6b,
3100 0x20, 0x65, 0x2d, 0x6d, 0x61, 0x69, 0x6c, 0x20,
3101 0x74, 0x6f, 0x20, 0x4d, 0x69, 0x63, 0x72, 0x6f,
3102 0x73, 0x6f, 0x66, 0x74, 0x27, 0x73, 0x20, 0x63,
3103 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72, 0x20,
3104 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x20,
3105 0x69, 0x73, 0x20, 0x70, 0x72, 0x6f, 0x68, 0x69,
3106 0x62, 0x69, 0x74, 0x65, 0x64, 0x2e, 0x20, 0x4f,
3107 0x74, 0x68, 0x65, 0x72, 0x20, 0x72, 0x65, 0x73,
3108 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e,
3109 0x73, 0x20, 0x61, 0x72, 0x65, 0x20, 0x66, 0x6f,
3110 0x75, 0x6e, 0x64, 0x20, 0x61, 0x74, 0x20, 0x68,
3111 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x70, 0x72,
3112 0x69, 0x76, 0x61, 0x63, 0x79, 0x2e, 0x6d, 0x73,
3113 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x6e,
3114 0x74, 0x69, 0x2d, 0x73, 0x70, 0x61, 0x6d, 0x2f,
3115 0x2e, 0x20, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74,
3116 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x77, 0x69, 0x6c,
3117 0x6c, 0x20, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74,
3118 0x20, 0x69, 0x6e, 0x20, 0x75, 0x73, 0x65, 0x20,
3119 0x6f, 0x66, 0x20, 0x65, 0x71, 0x75, 0x69, 0x70,
3120 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6c, 0x6f, 0x63,
3121 0x61, 0x74, 0x65, 0x64, 0x20, 0x69, 0x6e, 0x20,
3122 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e,
3123 0x69, 0x61, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x6f,
3124 0x74, 0x68, 0x65, 0x72, 0x20, 0x73, 0x74, 0x61,
3125 0x74, 0x65, 0x73, 0x2e, 0x20, 0x46, 0x72, 0x69,
3126 0x2c, 0x20, 0x31, 0x36, 0x20, 0x46, 0x65, 0x62,
3127 0x20, 0x32, 0x30, 0x30, 0x37, 0x20, 0x30, 0x35,
3128 0x3a, 0x30, 0x33, 0x3a, 0x32, 0x33, 0x20, 0x2d,
3129 0x30, 0x38, 0x30, 0x30, 0x20, 0x0d, 0x0a
3131 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3133 uint8_t request1[] = {
3134 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x45, 0x58, 0x43,
3135 0x48, 0x41, 0x4e, 0x47, 0x45, 0x32, 0x2e, 0x63,
3136 0x67, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x6d, 0x69,
3137 0x61, 0x6d, 0x69, 0x2e, 0x65, 0x64, 0x75, 0x0d,
3140 uint32_t request1_len =
sizeof(request1);
3142 uint8_t reply1[] = {
3143 0x32, 0x35, 0x30, 0x2d, 0x62, 0x61, 0x79, 0x30,
3144 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3145 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3146 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3147 0x6d, 0x20, 0x28, 0x33, 0x2e, 0x33, 0x2e, 0x31,
3148 0x2e, 0x34, 0x29, 0x20, 0x48, 0x65, 0x6c, 0x6c,
3149 0x6f, 0x20, 0x5b, 0x31, 0x32, 0x39, 0x2e, 0x31,
3150 0x37, 0x31, 0x2e, 0x33, 0x32, 0x2e, 0x35, 0x39,
3151 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53,
3152 0x49, 0x5a, 0x45, 0x20, 0x32, 0x39, 0x36, 0x39,
3153 0x36, 0x30, 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35,
3154 0x30, 0x2d, 0x38, 0x62, 0x69, 0x74, 0x6d, 0x69,
3155 0x6d, 0x65, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3156 0x42, 0x49, 0x4e, 0x41, 0x52, 0x59, 0x4d, 0x49,
3157 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3158 0x43, 0x48, 0x55, 0x4e, 0x4b, 0x49, 0x4e, 0x47,
3159 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3160 0x54, 0x48, 0x20, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3161 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3162 0x54, 0x48, 0x3d, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3163 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20, 0x4f, 0x4b,
3166 uint32_t reply1_len =
sizeof(reply1);
3169 uint8_t request2[] = {
3170 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3171 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3172 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3175 uint32_t request2_len =
sizeof(request2);
3177 uint8_t reply2[] = {
3178 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3179 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3181 uint32_t reply2_len =
sizeof(reply2);
3184 uint8_t request3[] = {
3185 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3186 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3187 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3190 uint32_t request3_len =
sizeof(request3);
3192 uint8_t reply3[] = {
3193 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3194 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3196 uint32_t reply3_len =
sizeof(reply3);
3199 uint8_t request4[] = {
3200 0x42, 0x44, 0x41, 0x54, 0x20, 0x35, 0x31, 0x0d,
3203 uint32_t request4_len =
sizeof(request4);
3205 uint8_t request5[] = {
3206 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3207 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3208 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3209 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x0d, 0x0a,
3211 uint32_t request5_len =
sizeof(request5);
3213 uint8_t request6[] = {
3214 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3215 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3218 uint32_t request6_len =
sizeof(request6);
3223 memset(&f, 0,
sizeof(f));
3224 memset(&ssn, 0,
sizeof(ssn));
3228 f.
proto = IPPROTO_TCP;
3232 SMTPTestInitConfig();
3235 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3237 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3241 if (smtp_state == NULL) {
3242 printf(
"no smtp state: ");
3247 printf(
"smtp parser in inconsistent state\n");
3252 STREAM_TOSERVER, request1, request1_len);
3254 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3260 printf(
"smtp parser in inconsistent state\n");
3265 STREAM_TOCLIENT, reply1, reply1_len);
3267 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3272 printf(
"smtp parser in inconsistent state\n");
3277 STREAM_TOSERVER, request2, request2_len);
3279 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3285 printf(
"smtp parser in inconsistent state\n");
3290 STREAM_TOCLIENT, reply2, reply2_len);
3292 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3297 printf(
"smtp parser in inconsistent state\n");
3302 STREAM_TOSERVER, request3, request3_len);
3304 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3310 printf(
"smtp parser in inconsistent state\n");
3315 STREAM_TOCLIENT, reply3, reply3_len);
3317 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3322 printf(
"smtp parser in inconsistent state\n");
3327 STREAM_TOSERVER, request4, request4_len);
3329 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3337 printf(
"smtp parser in inconsistent state\n");
3342 STREAM_TOSERVER, request5, request5_len);
3344 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3351 printf(
"smtp parser in inconsistent state\n");
3356 STREAM_TOSERVER, request6, request6_len);
3358 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3364 printf(
"smtp parser in inconsistent state\n");
3377 static int SMTPParserTest12(
void)
3391 uint8_t request1[] = {
3392 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3393 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3395 int32_t request1_len =
sizeof(request1);
3399 uint8_t reply1[] = {
3400 0x31, 0x38, 0x38, 0x0d, 0x0a,
3402 uint32_t reply1_len =
sizeof(reply1);
3406 memset(&th_v, 0,
sizeof(th_v));
3407 memset(&f, 0,
sizeof(f));
3408 memset(&ssn, 0,
sizeof(ssn));
3414 f.
proto = IPPROTO_TCP;
3423 SMTPTestInitConfig();
3432 "(msg:\"SMTP event handling\"; "
3433 "app-layer-event: smtp.invalid_reply; "
3442 STREAM_TOSERVER | STREAM_START, request1,
3445 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3450 if (smtp_state == NULL) {
3451 printf(
"no smtp state: ");
3459 printf(
"sid 1 matched. It shouldn't match: ");
3464 STREAM_TOCLIENT | STREAM_TOCLIENT, reply1,
3467 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3475 printf(
"sid 1 didn't match. Should have matched: ");
3496 static int SMTPParserTest13(
void)
3510 uint8_t request1[] = {
3511 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3512 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3514 int32_t request1_len =
sizeof(request1);
3518 uint8_t reply1[] = {
3519 0x32, 0x35, 0x30, 0x0d, 0x0a,
3521 uint32_t reply1_len =
sizeof(reply1);
3528 uint8_t request2[] = {
3529 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3530 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3531 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3532 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
3533 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3534 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3535 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
3536 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3539 uint32_t request2_len =
sizeof(request2);
3543 memset(&th_v, 0,
sizeof(th_v));
3544 memset(&f, 0,
sizeof(f));
3545 memset(&ssn, 0,
sizeof(ssn));
3551 f.
proto = IPPROTO_TCP;
3560 SMTPTestInitConfig();
3569 "(msg:\"SMTP event handling\"; "
3571 "smtp.invalid_pipelined_sequence; "
3580 STREAM_TOSERVER | STREAM_START, request1,
3583 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3588 if (smtp_state == NULL) {
3589 printf(
"no smtp state: ");
3597 printf(
"sid 1 matched. It shouldn't match: ");
3602 STREAM_TOCLIENT, reply1, reply1_len);
3604 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3612 printf(
"sid 1 matched. It shouldn't match: ");
3617 STREAM_TOSERVER, request2, request2_len);
3619 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3627 printf(
"sid 1 didn't match. Should have matched: ");
3651 static int SMTPParserTest14(
void)
3658 static uint8_t welcome_reply[] = {
3659 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
3660 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
3661 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
3662 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
3663 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
3666 static uint32_t welcome_reply_len =
sizeof(welcome_reply);
3669 static uint8_t request1[] = {
3670 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3671 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3673 static uint32_t request1_len =
sizeof(request1);
3680 static uint8_t reply1[] = {
3681 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3682 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3683 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3684 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3685 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3686 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3687 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3688 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3689 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3690 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3691 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3692 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3693 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3694 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3695 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3697 static uint32_t reply1_len =
sizeof(reply1);
3700 static uint8_t request2[] = {
3701 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3702 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3703 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3706 static uint32_t request2_len =
sizeof(request2);
3708 static uint8_t reply2[] = {
3709 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3710 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3712 static uint32_t reply2_len =
sizeof(reply2);
3715 static uint8_t request3[] = {
3716 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3717 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3718 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3721 static uint32_t request3_len =
sizeof(request3);
3723 static uint8_t reply3[] = {
3724 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3725 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3727 static uint32_t reply3_len =
sizeof(reply3);
3730 static uint8_t request4[] = {
3731 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
3733 static uint32_t request4_len =
sizeof(request4);
3735 static uint8_t reply4[] = {
3736 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
3737 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
3738 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
3739 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
3740 0x4c, 0x46, 0x3e, 0x0d, 0x0a
3742 static uint32_t reply4_len =
sizeof(reply4);
3745 static uint64_t filesize = 133;
3746 static uint8_t request4_msg[] = {
3747 0x4D, 0x49, 0x4D, 0x45, 0x2D, 0x56, 0x65, 0x72,
3748 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20, 0x31, 0x2E,
3749 0x30, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3750 0x6E, 0x74, 0x2D, 0x54, 0x79, 0x70, 0x65, 0x3A,
3751 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61,
3752 0x74, 0x69, 0x6F, 0x6E, 0x2F, 0x6F, 0x63, 0x74,
3753 0x65, 0x74, 0x2D, 0x73, 0x74, 0x72, 0x65, 0x61,
3754 0x6D, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3755 0x6E, 0x74, 0x2D, 0x54, 0x72, 0x61, 0x6E, 0x73,
3756 0x66, 0x65, 0x72, 0x2D, 0x45, 0x6E, 0x63, 0x6F,
3757 0x64, 0x69, 0x6E, 0x67, 0x3A, 0x20, 0x62, 0x61,
3758 0x73, 0x65, 0x36, 0x34, 0x0D, 0x0A, 0x43, 0x6F,
3759 0x6E, 0x74, 0x65, 0x6E, 0x74, 0x2D, 0x44, 0x69,
3760 0x73, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x69, 0x6F,
3761 0x6E, 0x3A, 0x20, 0x61, 0x74, 0x74, 0x61, 0x63,
3762 0x68, 0x6D, 0x65, 0x6E, 0x74, 0x3B, 0x20, 0x66,
3763 0x69, 0x6C, 0x65, 0x6E, 0x61, 0x6D, 0x65, 0x3D,
3764 0x22, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x65, 0x78,
3765 0x65, 0x22, 0x3B, 0x0D, 0x0A, 0x0D, 0x0A, 0x54,
3766 0x56, 0x6F, 0x41, 0x41, 0x46, 0x42, 0x46, 0x41,
3767 0x41, 0x42, 0x4D, 0x41, 0x51, 0x45, 0x41, 0x61,
3768 0x69, 0x70, 0x59, 0x77, 0x77, 0x41, 0x41, 0x41,
3769 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3770 0x41, 0x41, 0x44, 0x41, 0x51, 0x73, 0x42, 0x43,
3771 0x41, 0x41, 0x42, 0x41, 0x41, 0x43, 0x41, 0x41,
3772 0x41, 0x41, 0x41, 0x41, 0x48, 0x6B, 0x41, 0x41,
3773 0x41, 0x41, 0x4D, 0x41, 0x41, 0x41, 0x41, 0x65,
3774 0x51, 0x41, 0x41, 0x41, 0x41, 0x77, 0x41, 0x41,
3775 0x41, 0x41, 0x41, 0x41, 0x45, 0x41, 0x41, 0x42,
3776 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3777 0x41, 0x42, 0x30, 0x41, 0x41, 0x41, 0x41, 0x49,
3778 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3779 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3780 0x41, 0x45, 0x41, 0x41, 0x49, 0x67, 0x41, 0x41,
3781 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3782 0x67, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3783 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3784 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3785 0x41, 0x42, 0x63, 0x58, 0x44, 0x59, 0x32, 0x4C,
3786 0x6A, 0x6B, 0x7A, 0x4C, 0x6A, 0x59, 0x34, 0x4C,
3787 0x6A, 0x5A, 0x63, 0x65, 0x67, 0x41, 0x41, 0x4F,
3788 0x41, 0x3D, 0x3D, 0x0D,0x0A };
3789 static uint32_t request4_msg_len =
sizeof(request4_msg);
3792 static uint8_t request4_end[] = {
3793 0x0d, 0x0a, 0x2e, 0x0d, 0x0a
3795 static uint32_t request4_end_len =
sizeof(request4_end);
3797 static uint8_t reply4_end[] = {
3798 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3799 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
3800 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
3801 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
3802 0x46, 0x32, 0x0d, 0x0a
3804 static uint32_t reply4_end_len =
sizeof(reply4_end);
3807 static uint8_t request5[] = {
3808 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3810 static uint32_t request5_len =
sizeof(request5);
3812 static uint8_t reply5[] = {
3813 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3814 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3816 static uint32_t reply5_len =
sizeof(reply5);
3821 memset(&f, 0,
sizeof(f));
3822 memset(&ssn, 0,
sizeof(ssn));
3826 f.
proto = IPPROTO_TCP;
3830 SMTPTestInitConfig();
3834 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3836 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3840 if (smtp_state == NULL) {
3841 printf(
"no smtp state: ");
3846 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3851 STREAM_TOSERVER, request1, request1_len);
3853 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3859 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3865 STREAM_TOCLIENT, reply1, reply1_len);
3867 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3871 if ((smtp_state->
helo_len != 7) || strncmp(
"boo.com", (
char *)smtp_state->
helo, 7)) {
3872 printf(
"incorrect parsing of HELO field '%s' (%d)\n", smtp_state->
helo, smtp_state->
helo_len);
3878 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3884 STREAM_TOSERVER, request2, request2_len);
3886 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3892 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3898 STREAM_TOCLIENT, reply2, reply2_len);
3900 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3906 printf(
"incorrect parsing of MAIL FROM field '%s' (%d)\n",
3914 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3920 STREAM_TOSERVER, request3, request3_len);
3922 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3928 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3934 STREAM_TOCLIENT, reply3, reply3_len);
3936 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3941 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3953 STREAM_TOSERVER, request4, request4_len);
3955 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3962 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3968 STREAM_TOCLIENT, reply4, reply4_len);
3970 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3976 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3982 STREAM_TOSERVER, request4_msg, request4_msg_len);
3984 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3993 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3999 STREAM_TOSERVER, request4_end, request4_end_len);
4001 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4010 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4019 if (files != NULL && files->
head != NULL) {
4022 if(strncmp((
const char *)file->
name,
"test.exe", 8) != 0){
4023 printf(
"smtp-mime file name is incorrect");
4027 printf(
"smtp-mime file size %"PRIu64
" is incorrect",
FileDataSize(file));
4030 static uint8_t org_binary[] = {
4031 0x4D, 0x5A, 0x00, 0x00, 0x50, 0x45, 0x00, 0x00,
4032 0x4C, 0x01, 0x01, 0x00, 0x6A, 0x2A, 0x58, 0xC3,
4033 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4034 0x04, 0x00, 0x03, 0x01, 0x0B, 0x01, 0x08, 0x00,
4035 0x01, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
4036 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4037 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4038 0x00, 0x00, 0x40, 0x00, 0x04, 0x00, 0x00, 0x00,
4039 0x04, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00,
4040 0x20, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
4041 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4042 0x88, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4043 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4044 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4045 0x00, 0x00, 0x00, 0x00, 0x5C, 0x5C, 0x36, 0x36,
4046 0x2E, 0x39, 0x33, 0x2E, 0x36, 0x38, 0x2E, 0x36,
4047 0x5C, 0x7A, 0x00, 0x00, 0x38,};
4050 org_binary,
sizeof(org_binary)) != 1)
4052 printf(
"smtp-mime file data incorrect\n");
4059 STREAM_TOCLIENT, reply4_end, reply4_end_len);
4061 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4066 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4072 STREAM_TOSERVER, request5, request5_len);
4074 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4080 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4086 STREAM_TOCLIENT, reply5, reply5_len);
4088 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4093 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);