58 #define FILEDATA_CONTENT_LIMIT 100000
60 #define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
62 #define FILEDATA_CONTENT_INSPECT_WINDOW 4096
65 #define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
67 #define SMTP_COMMAND_BUFFER_STEPS 5
74 #define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
76 #define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04
78 #define SMTP_PARSER_STATE_PARSING_MULTILINE_REPLY 0x08
80 #define SMTP_PARSER_STATE_PIPELINING_SERVER 0x10
86 #define SMTP_COMMAND_STARTTLS 1
87 #define SMTP_COMMAND_DATA 2
88 #define SMTP_COMMAND_BDAT 3
93 #define SMTP_COMMAND_DATA_MODE 4
95 #define SMTP_COMMAND_OTHER_CMD 5
96 #define SMTP_COMMAND_RSET 6
98 #define SMTP_DEFAULT_MAX_TX 256
173 static int SMTPGetFrameIdByName(
const char *frame_name)
182 static const char *SMTPGetFrameNameById(
const uint8_t frame_id)
193 #define SMTP_MPM mpm_default_matcher
195 static MpmCtx *smtp_mpm_ctx = NULL;
303 #define SCHEME_SUFFIX_LEN 3
311 static void SMTPConfigure(
void) {
315 uint32_t content_limit = 0;
316 uint32_t content_inspect_min_size = 0;
317 uint32_t content_inspect_window = 0;
320 if (config != NULL) {
321 ConfNode *extract_urls_schemes = NULL;
331 SCMimeSmtpConfigDecodeBase64(val);
336 SCMimeSmtpConfigDecodeQuoted(val);
341 if (imval < 0 || imval > UINT32_MAX) {
342 FatalError(
"Invalid value for header-value-depth");
344 SCMimeSmtpConfigHeaderValueDepth((uint32_t)imval);
349 SCMimeSmtpConfigExtractUrls(val);
356 if (extract_urls_schemes) {
360 size_t scheme_len = strlen(scheme->
val);
362 FatalError(
"Too long value for extract-urls-schemes");
364 if (scheme->
val[scheme_len - 1] !=
'/') {
366 char *new_val =
SCMalloc(scheme_len + 1);
370 int r = snprintf(new_val, scheme_len + 1,
"%s://", scheme->
val);
371 if (r != (
int)scheme_len) {
372 FatalError(
"snprintf failure for SMTP url extraction scheme.");
375 scheme->
val = new_val;
377 int r = SCMimeSmtpConfigExtractUrlsSchemeAdd(scheme->
val);
379 FatalError(
"Failed to add smtp extract url scheme");
385 SCMimeSmtpConfigExtractUrlsSchemeAdd(
"http://");
390 SCMimeSmtpConfigLogUrlScheme(val);
395 SCMimeSmtpConfigBodyMd5(val);
404 if (strcasecmp(
"content-limit", p->
name) == 0) {
412 if (strcasecmp(
"content-inspect-min-size", p->
name) == 0) {
420 if (strcasecmp(
"content-inspect-window", p->
name) == 0) {
432 if (
ConfGetBool(
"app-layer.protocols.smtp.raw-extraction",
437 SCLogError(
"\"decode-mime\" and \"raw-extraction\" "
438 "options can't be enabled at the same time, "
439 "disabling raw extraction");
445 const char *
str = NULL;
446 if (
ConfGet(
"app-layer.protocols.smtp.max-tx", &
str) == 1) {
458 static void SMTPSetEvent(
SMTPState *s, uint8_t e)
481 tx->
tx_data.file_tx = STREAM_TOSERVER;
487 if (tx && tx->
tx_data.de_state) {
488 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW set");
490 }
else if (tx == NULL) {
491 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX");
492 }
else if (tx->
tx_data.de_state == NULL) {
493 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX DESTATE");
503 if (tx == NULL || file == NULL) {
508 FlagDetectStateNewFile(tx);
540 if (direction == 0 &&
547 }
else if (direction == 1) {
550 if (frame != NULL && state->
curr_tx) {
557 uint8_t *lf_idx = memchr(input->
buf + input->
consumed, 0x0a, input->
len);
560 if (lf_idx == NULL) {
573 uint32_t o_consumed = input->
consumed;
574 input->
consumed = (uint32_t)(lf_idx - input->
buf + 1);
582 line->
buf = input->
buf + o_consumed;
585 frame->
len = (int64_t)line->
len;
593 if (discard_till_lf) {
595 if (direction == 0) {
615 static int SMTPInsertCommandIntoCommandBuffer(uint8_t command,
SMTPState *state)
648 if ((
int)(state->
cmds_cnt + 1) > (
int)USHRT_MAX) {
676 static void SetMimeEvents(
SMTPState *state, uint32_t events)
682 if (events & MIME_ANOM_INVALID_BASE64) {
685 if (events & MIME_ANOM_INVALID_QP) {
688 if (events & MIME_ANOM_LONG_LINE) {
691 if (events & MIME_ANOM_LONG_ENC_LINE) {
694 if (events & MIME_ANOM_LONG_HEADER_NAME) {
697 if (events & MIME_ANOM_LONG_HEADER_VALUE) {
700 if (events & MIME_ANOM_LONG_BOUNDARY) {
703 if (events & MIME_ANOM_LONG_FILENAME) {
708 static inline void SMTPTransactionComplete(
SMTPState *state)
719 static int SMTPProcessCommandDATA(
731 if (line->
len == 1 && line->
buf[0] ==
'.') {
749 SMTPTransactionComplete(state);
764 const uint8_t *filename = NULL;
765 uint16_t filename_len = 0;
770 MimeSmtpParserResult ret = SCSmtpMimeParseLine(
772 SetMimeEvents(state, events);
774 case MimeSmtpFileOpen:
778 if (filename_len == 0) {
785 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
800 case MimeSmtpFileChunk:
809 "StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
820 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
825 case MimeSmtpFileClose:
828 SCLogDebug(
"FileCloseFile() failed: %d", ret);
836 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
845 static inline bool IsReplyToCommand(
const SMTPState *state,
const uint8_t cmd)
851 static int SMTPProcessReply(
872 if (line->
len >= 4) {
874 if (line->
buf[3] !=
'-') {
878 if (line->
buf[3] ==
'-') {
900 SCLogDebug(
"REPLY: reply_code %u / %s", reply_code,
919 SCLogDebug(
"unable to match reply with request");
934 SMTPTransactionComplete(state);
955 SMTPTransactionComplete(state);
969 SCMemcmpLowercase(
"pipelining", line->
buf + 4, 10) == 0) {
988 while (i < line->
len) {
989 if (line->
buf[i] !=
' ') {
998 if (i == line->
len) {
1005 if (line->
len - i <
len) {
1008 memcpy(strbuf, line->
buf + i,
len);
1018 static int SMTPParseCommandWithParam(
SMTPState *state,
const SMTPLine *line, uint8_t prefix_len,
1019 uint8_t **target, uint16_t *target_len)
1021 int i = prefix_len + 1;
1023 while (i < line->
len) {
1024 if (line->
buf[i] !=
' ') {
1033 while (spc_i < line->
len) {
1034 if (line->
buf[spc_i] ==
' ') {
1041 if (*target == NULL)
1043 memcpy(*target, line->
buf + i, spc_i - i);
1044 (*target)[spc_i - i] =
'\0';
1045 if (spc_i - i > UINT16_MAX) {
1046 *target_len = UINT16_MAX;
1049 *target_len = (uint16_t)(spc_i - i);
1061 return SMTPParseCommandWithParam(state, line, 4, &state->
helo, &state->
helo_len);
1070 return SMTPParseCommandWithParam(
1077 uint16_t rcptto_len;
1079 if (SMTPParseCommandWithParam(state, line, 7, &rcptto, &rcptto_len) == 0) {
1082 rcptto_str->
str = rcptto;
1083 rcptto_str->
len = rcptto_len;
1099 if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1101 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"quit", line->
buf, 4) == 0) {
1109 #define rawmsgname "rawmsg"
1128 static int SMTPProcessRequest(
1136 frame->
len = (int64_t)line->
len;
1153 tx = SMTPTransactionCreate(state);
1165 if (frame != NULL && state->
curr_tx) {
1168 tx->
tx_data.updated_ts =
true;
1181 if (line->
len >= 8 && SCMemcmpLowercase(
"starttls", line->
buf, 8) == 0) {
1183 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"data", line->
buf, 4) == 0) {
1209 if (data_frame == NULL) {
1210 SCLogDebug(
"data_frame %p - no data frame set up", data_frame);
1219 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"bdat", line->
buf, 4) == 0) {
1220 r = SMTPParseCommandBDAT(state, line);
1226 }
else if (line->
len >= 4 && ((SCMemcmpLowercase(
"helo", line->
buf, 4) == 0) ||
1227 SCMemcmpLowercase(
"ehlo", line->
buf, 4) == 0)) {
1228 r = SMTPParseCommandHELO(state, line);
1233 }
else if (line->
len >= 9 && SCMemcmpLowercase(
"mail from", line->
buf, 9) == 0) {
1234 r = SMTPParseCommandMAILFROM(state, line);
1239 }
else if (line->
len >= 7 && SCMemcmpLowercase(
"rcpt to", line->
buf, 7) == 0) {
1240 r = SMTPParseCommandRCPTTO(state, line);
1245 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1255 if (SMTPInsertCommandIntoCommandBuffer(state->
current_command, state) == -1) {
1264 return SMTPProcessCommandDATA(state, tx, f, line);
1267 return SMTPProcessCommandBDAT(state, line);
1276 static inline void ResetLine(
SMTPLine *line)
1305 static int SMTPPreProcessCommands(
1317 bool line_complete =
false;
1318 const int32_t input_len = input->
len;
1320 for (int32_t i = 0; i < input_len; i++) {
1322 if (i < input_len - 1 && input->buf[
offset + i + 1] == 0x0a) {
1328 line_complete =
true;
1329 }
else if (input->
buf[
offset + i] == 0x0a) {
1332 line_complete =
true;
1335 if (line_complete || (i == input_len - 1)) {
1342 SCLogDebug(
"Possible boundary, yield to GetLine");
1346 int32_t total_consumed =
offset + i + 1;
1347 int32_t current_line_consumed = total_consumed - input->
consumed;
1352 if (line->
len < 0) {
1357 input->
len -= current_line_consumed;
1359 if (SMTPProcessRequest(state, f, input, line, slice) == -1) {
1362 line_complete =
false;
1380 static AppLayerResult SMTPParse(uint8_t direction,
Flow *f,
SMTPState *state,
1385 const uint8_t *input_buf = StreamSliceGetData(&stream_slice);
1386 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
1388 if (input_buf == NULL &&
1393 }
else if (input_buf == NULL || input_len == 0) {
1397 SMTPInput input = { .
buf = input_buf, .len = input_len, .orig_len = input_len, .consumed = 0 };
1398 SMTPLine line = { NULL, 0, 0,
false };
1401 if (direction == 0) {
1405 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1409 }
else if (ret < 0) {
1413 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1414 while (res.status == 0) {
1415 int retval = SMTPProcessRequest(state, f, &input, &line, &stream_slice);
1436 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1440 }
else if (ret < 0) {
1444 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1446 if (res.status == 1)
1450 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1451 while (res.status == 0) {
1452 if (SMTPProcessReply(state, f, thread_data, &input, &line) != 0)
1462 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1464 if (res.status == 1)
1472 StreamSlice stream_slice,
void *local_data)
1477 return SMTPParse(0, f, alstate, pstate, stream_slice, local_data);
1481 StreamSlice stream_slice,
void *local_data)
1486 return SMTPParse(1, f, alstate, pstate, stream_slice, local_data);
1501 if (smtp_state->
cmds == NULL) {
1530 static void *SMTPLocalStorageAlloc(
void)
1539 if (td->
pmq == NULL) {
1552 static void SMTPLocalStorageFree(
void *ptr)
1556 if (td->
pmq != NULL) {
1576 SCAppLayerTxDataCleanup(&tx->
tx_data);
1584 SMTPStringFree(
str);
1595 static void SMTPStateFree(
void *p)
1599 if (smtp_state->
cmds != NULL) {
1603 if (smtp_state->
helo) {
1608 while ((tx =
TAILQ_FIRST(&smtp_state->tx_list))) {
1610 SMTPTransactionFree(tx, smtp_state);
1616 static void SMTPSetMpmState(
void)
1619 if (
unlikely(smtp_mpm_ctx == NULL)) {
1636 static void SMTPFreeMpmState(
void)
1638 if (smtp_mpm_ctx != NULL) {
1641 smtp_mpm_ctx = NULL;
1645 static int SMTPStateGetEventInfo(
1646 const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)
1649 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1655 static int SMTPStateGetEventInfoById(
1656 uint8_t event_id,
const char **event_name, AppLayerEventType *event_type)
1659 if (*event_name == NULL) {
1661 "smtp's enum map table.",
1667 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1672 static AppProto SMTPServerProbingParser(
1673 Flow *f, uint8_t direction,
const uint8_t *input, uint32_t
len, uint8_t *rdir)
1680 if (input[0] !=
'2' || input[1] !=
'2' || input[2] !=
'0') {
1684 if (input[3] !=
' ' && input[3] !=
'-') {
1690 if (memchr(input + 4,
'\n',
len - 4) != NULL) {
1701 uint32_t
offset = SCValidateDomain(input + 4,
len - 4);
1712 static int SMTPRegisterPatternsForProtocolDetection(
void)
1715 "EHLO", 4, 0, STREAM_TOSERVER) < 0)
1720 "HELO", 4, 0, STREAM_TOSERVER) < 0)
1725 "QUIT", 4, 0, STREAM_TOSERVER) < 0)
1730 "tcp", IPPROTO_TCP,
"smtp",
ALPROTO_SMTP, 0, 5, NULL, SMTPServerProbingParser)) {
1733 NULL, SMTPServerProbingParser);
1739 static void SMTPStateTransactionFree (
void *state, uint64_t tx_id)
1744 if (tx_id < tx->tx_id)
1746 else if (tx_id > tx->
tx_id)
1749 if (tx == smtp_state->
curr_tx)
1752 SMTPTransactionFree(tx, state);
1760 static uint64_t SMTPStateGetTxCnt(
void *state)
1771 static void *SMTPStateGetTx(
void *state, uint64_t
id)
1777 if (smtp_state->
curr_tx == NULL)
1783 if (tx->
tx_id ==
id)
1790 static int SMTPStateGetAlstateProgress(
void *vtx, uint8_t direction)
1796 static AppLayerGetFileState SMTPGetTxFiles(
void *txv, uint8_t direction)
1801 if (direction & STREAM_TOSERVER) {
1813 static AppLayerStateData *SMTPGetStateData(
void *vstate)
1823 static AppLayerGetTxIterTuple SMTPGetTxIterator(
const uint8_t ipproto,
const AppProto alproto,
1827 AppLayerGetTxIterTuple no_tuple = { NULL, 0,
false };
1830 if (state->
un.
ptr == NULL) {
1836 while (tx_ptr->
tx_id < min_tx_id) {
1842 if (tx_ptr->
tx_id >= max_tx_id) {
1846 AppLayerGetTxIterTuple tuple = {
1849 .has_next = (state->
un.
ptr != NULL),
1862 const char *proto_name =
"smtp";
1866 if (SMTPRegisterPatternsForProtocolDetection() < 0 )
1869 SCLogInfo(
"Protocol detection and parser disabled for %s protocol.",
1878 SMTPParseClientRecord);
1880 SMTPParseServerRecord);
1886 SMTPLocalStorageFree);
1898 IPPROTO_TCP,
ALPROTO_SMTP, SMTPGetFrameIdByName, SMTPGetFrameNameById);
1900 SCLogInfo(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);
1925 static void SMTPTestInitConfig(
void)
1939 static int SMTPParserTest01(
void)
1946 uint8_t welcome_reply[] = {
1947 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
1948 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1949 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
1950 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
1951 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
1954 uint32_t welcome_reply_len =
sizeof(welcome_reply);
1957 uint8_t request1[] = {
1958 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x5b, 0x31, 0x39,
1959 0x32, 0x2e, 0x31, 0x36, 0x38, 0x2e, 0x30, 0x2e,
1960 0x31, 0x35, 0x38, 0x5d, 0x0d, 0x0a
1962 uint32_t request1_len =
sizeof(request1);
1969 uint8_t reply1[] = {
1970 0x32, 0x35, 0x30, 0x2d, 0x6d, 0x78, 0x2e, 0x67,
1971 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1972 0x6d, 0x20, 0x61, 0x74, 0x20, 0x79, 0x6f, 0x75,
1973 0x72, 0x20, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
1974 0x65, 0x2c, 0x20, 0x5b, 0x31, 0x31, 0x37, 0x2e,
1975 0x31, 0x39, 0x38, 0x2e, 0x31, 0x31, 0x35, 0x2e,
1976 0x35, 0x30, 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30,
1977 0x2d, 0x53, 0x49, 0x5a, 0x45, 0x20, 0x33, 0x35,
1978 0x38, 0x38, 0x32, 0x35, 0x37, 0x37, 0x0d, 0x0a,
1979 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49, 0x54,
1980 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35,
1981 0x30, 0x2d, 0x53, 0x54, 0x41, 0x52, 0x54, 0x54,
1982 0x4c, 0x53, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20,
1983 0x45, 0x4e, 0x48, 0x41, 0x4e, 0x43, 0x45, 0x44,
1984 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x43, 0x4f,
1985 0x44, 0x45, 0x53, 0x0d, 0x0a
1987 uint32_t reply1_len =
sizeof(reply1);
1990 uint8_t request2[] = {
1991 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
1994 uint32_t request2_len =
sizeof(request2);
1996 uint8_t reply2[] = {
1997 0x32, 0x32, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
1998 0x30, 0x20, 0x52, 0x65, 0x61, 0x64, 0x79, 0x20,
1999 0x74, 0x6f, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74,
2000 0x20, 0x54, 0x4c, 0x53, 0x0d, 0x0a
2002 uint32_t reply2_len =
sizeof(reply2);
2007 memset(&f, 0,
sizeof(f));
2008 memset(&ssn, 0,
sizeof(ssn));
2012 f.
proto = IPPROTO_TCP;
2016 SMTPTestInitConfig();
2019 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2021 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2025 if (smtp_state == NULL) {
2026 printf(
"no smtp state: ");
2031 printf(
"smtp parser in inconsistent state\n");
2036 STREAM_TOSERVER, request1, request1_len);
2038 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2044 printf(
"smtp parser in inconsistent state\n");
2049 STREAM_TOCLIENT, reply1, reply1_len);
2051 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2056 printf(
"smtp parser in inconsistent state\n");
2061 STREAM_TOSERVER, request2, request2_len);
2063 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2069 printf(
"smtp parser in inconsistent state\n");
2074 STREAM_TOCLIENT, reply2, reply2_len);
2076 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2082 printf(
"smtp parser in inconsistent state\n");
2102 static int SMTPParserTest02(
void)
2109 uint8_t welcome_reply[] = {
2110 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
2111 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
2112 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
2113 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
2114 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
2117 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2120 uint8_t request1[] = {
2121 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2122 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2124 uint32_t request1_len =
sizeof(request1);
2131 uint8_t reply1[] = {
2132 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2133 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2134 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2135 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2136 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2137 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2138 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2139 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2140 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2141 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2142 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2143 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2144 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2145 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2146 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2148 uint32_t reply1_len =
sizeof(reply1);
2151 uint8_t request2[] = {
2152 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2153 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
2154 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2157 uint32_t request2_len =
sizeof(request2);
2159 uint8_t reply2[] = {
2160 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2161 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2163 uint32_t reply2_len =
sizeof(reply2);
2166 uint8_t request3[] = {
2167 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2168 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2169 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2172 uint32_t request3_len =
sizeof(request3);
2174 uint8_t reply3[] = {
2175 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2176 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2178 uint32_t reply3_len =
sizeof(reply3);
2181 uint8_t request4[] = {
2182 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2184 uint32_t request4_len =
sizeof(request4);
2186 uint8_t reply4[] = {
2187 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2188 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2189 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2190 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2191 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2193 uint32_t reply4_len =
sizeof(reply4);
2196 uint8_t request5_1[] = {
2197 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2198 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
2199 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2201 uint32_t request5_1_len =
sizeof(request5_1);
2203 uint8_t request5_2[] = {
2204 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2205 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2206 0x6f, 0x6d, 0x0d, 0x0a
2208 uint32_t request5_2_len =
sizeof(request5_2);
2210 uint8_t request5_3[] = {
2213 uint32_t request5_3_len =
sizeof(request5_3);
2215 uint8_t request5_4[] = {
2216 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2217 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2218 0x6c, 0x31, 0x0d, 0x0a
2220 uint32_t request5_4_len =
sizeof(request5_4);
2222 uint8_t request5_5[] = {
2225 uint32_t request5_5_len =
sizeof(request5_5);
2227 uint8_t reply5[] = {
2228 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2229 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2230 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2231 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
2232 0x46, 0x32, 0x0d, 0x0a
2234 uint32_t reply5_len =
sizeof(reply5);
2237 uint8_t request6[] = {
2238 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2239 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x67, 0x40,
2240 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2243 uint32_t request6_len =
sizeof(request6);
2245 uint8_t reply6[] = {
2246 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2247 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2249 uint32_t reply6_len =
sizeof(reply6);
2252 uint8_t request7[] = {
2253 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2254 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2255 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2258 uint32_t request7_len =
sizeof(request7);
2260 uint8_t reply7[] = {
2261 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2262 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2264 uint32_t reply7_len =
sizeof(reply7);
2267 uint8_t request8[] = {
2268 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2270 uint32_t request8_len =
sizeof(request8);
2272 uint8_t reply8[] = {
2273 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2274 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2275 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2276 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2277 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2279 uint32_t reply8_len =
sizeof(reply8);
2282 uint8_t request9_1[] = {
2283 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2284 0x66, 0x67, 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c,
2285 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2287 uint32_t request9_1_len =
sizeof(request9_1);
2289 uint8_t request9_2[] = {
2290 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2291 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2292 0x6f, 0x6d, 0x0d, 0x0a
2294 uint32_t request9_2_len =
sizeof(request9_2);
2296 uint8_t request9_3[] = {
2299 uint32_t request9_3_len =
sizeof(request9_3);
2301 uint8_t request9_4[] = {
2302 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2303 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2304 0x6c, 0x32, 0x0d, 0x0a
2306 uint32_t request9_4_len =
sizeof(request9_4);
2308 uint8_t request9_5[] = {
2311 uint32_t request9_5_len =
sizeof(request9_5);
2313 uint8_t reply9[] = {
2314 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2315 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2316 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2317 0x32, 0x38, 0x43, 0x46, 0x46, 0x32, 0x30, 0x42,
2318 0x46, 0x32, 0x0d, 0x0a
2320 uint32_t reply9_len =
sizeof(reply9);
2323 uint8_t request10[] = {
2324 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
2326 uint32_t request10_len =
sizeof(request10);
2328 uint8_t reply10[] = {
2329 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2330 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
2332 uint32_t reply10_len =
sizeof(reply10);
2337 memset(&f, 0,
sizeof(f));
2338 memset(&ssn, 0,
sizeof(ssn));
2342 f.
proto = IPPROTO_TCP;
2346 SMTPTestInitConfig();
2349 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2351 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2355 if (smtp_state == NULL) {
2356 printf(
"no smtp state: ");
2361 printf(
"smtp parser in inconsistent state\n");
2366 STREAM_TOSERVER, request1, request1_len);
2368 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2374 printf(
"smtp parser in inconsistent state\n");
2379 STREAM_TOCLIENT, reply1, reply1_len);
2381 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2386 printf(
"smtp parser in inconsistent state\n");
2391 STREAM_TOSERVER, request2, request2_len);
2393 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2399 printf(
"smtp parser in inconsistent state\n");
2404 STREAM_TOCLIENT, reply2, reply2_len);
2406 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2411 printf(
"smtp parser in inconsistent state\n");
2416 STREAM_TOSERVER, request3, request3_len);
2418 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2424 printf(
"smtp parser in inconsistent state\n");
2429 STREAM_TOCLIENT, reply3, reply3_len);
2431 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2436 printf(
"smtp parser in inconsistent state\n");
2441 STREAM_TOSERVER, request4, request4_len);
2443 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2449 printf(
"smtp parser in inconsistent state\n");
2454 STREAM_TOCLIENT, reply4, reply4_len);
2456 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2462 printf(
"smtp parser in inconsistent state\n");
2467 STREAM_TOSERVER, request5_1, request5_1_len);
2469 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2476 printf(
"smtp parser in inconsistent state\n");
2481 STREAM_TOSERVER, request5_2, request5_2_len);
2483 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2490 printf(
"smtp parser in inconsistent state\n");
2495 STREAM_TOSERVER, request5_3, request5_3_len);
2497 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2504 printf(
"smtp parser in inconsistent state\n");
2509 STREAM_TOSERVER, request5_4, request5_4_len);
2511 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2518 printf(
"smtp parser in inconsistent state\n");
2523 STREAM_TOSERVER, request5_5, request5_5_len);
2525 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2531 printf(
"smtp parser in inconsistent state\n");
2536 STREAM_TOCLIENT, reply5, reply5_len);
2538 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2543 printf(
"smtp parser in inconsistent state\n");
2548 STREAM_TOSERVER, request6, request6_len);
2550 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2556 printf(
"smtp parser in inconsistent state\n");
2561 STREAM_TOCLIENT, reply6, reply6_len);
2563 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2568 printf(
"smtp parser in inconsistent state\n");
2573 STREAM_TOSERVER, request7, request7_len);
2575 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2581 printf(
"smtp parser in inconsistent state\n");
2586 STREAM_TOCLIENT, reply7, reply7_len);
2588 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2593 printf(
"smtp parser in inconsistent state\n");
2598 STREAM_TOSERVER, request8, request8_len);
2600 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2606 printf(
"smtp parser in inconsistent state\n");
2611 STREAM_TOCLIENT, reply8, reply8_len);
2613 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2619 printf(
"smtp parser in inconsistent state\n");
2624 STREAM_TOSERVER, request9_1, request9_1_len);
2626 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2633 printf(
"smtp parser in inconsistent state\n");
2638 STREAM_TOSERVER, request9_2, request9_2_len);
2640 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2647 printf(
"smtp parser in inconsistent state\n");
2652 STREAM_TOSERVER, request9_3, request9_3_len);
2654 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2661 printf(
"smtp parser in inconsistent state\n");
2666 STREAM_TOSERVER, request9_4, request9_4_len);
2668 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2675 printf(
"smtp parser in inconsistent state\n");
2680 STREAM_TOSERVER, request9_5, request9_5_len);
2682 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2688 printf(
"smtp parser in inconsistent state\n");
2693 STREAM_TOCLIENT, reply9, reply9_len);
2695 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2700 printf(
"smtp parser in inconsistent state\n");
2705 STREAM_TOSERVER, request10, request10_len);
2707 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2713 printf(
"smtp parser in inconsistent state\n");
2718 STREAM_TOCLIENT, reply10, reply10_len);
2720 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2725 printf(
"smtp parser in inconsistent state\n");
2741 static int SMTPParserTest03(
void)
2748 uint8_t welcome_reply[] = {
2749 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2750 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2751 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2752 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2753 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2754 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2756 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2759 uint8_t request1[] = {
2760 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2761 0x2e, 0x63, 0x6f, 0x6d, 0x0a
2763 uint32_t request1_len =
sizeof(request1);
2773 uint8_t reply1[] = {
2774 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2775 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2776 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2777 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2778 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
2779 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
2780 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2781 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2782 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2783 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2784 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2785 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2786 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2787 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2788 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2789 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2790 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2792 uint32_t reply1_len =
sizeof(reply1);
2799 uint8_t request2[] = {
2800 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2801 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2802 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2803 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
2804 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2805 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2806 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
2807 0x49, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74,
2808 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x0d, 0x0a,
2810 uint32_t request2_len =
sizeof(request2);
2815 uint8_t reply2[] = {
2816 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2817 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a, 0x32, 0x35,
2818 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e, 0x35, 0x20,
2819 0x4f, 0x6b, 0x0d, 0x0a, 0x33, 0x35, 0x34, 0x20,
2820 0x45, 0x6e, 0x64, 0x20, 0x64, 0x61, 0x74, 0x61,
2821 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x3c, 0x43,
2822 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x2e, 0x3c,
2823 0x43, 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x0d,
2826 uint32_t reply2_len =
sizeof(reply2);
2831 memset(&f, 0,
sizeof(f));
2832 memset(&ssn, 0,
sizeof(ssn));
2836 f.
proto = IPPROTO_TCP;
2840 SMTPTestInitConfig();
2843 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2845 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2849 if (smtp_state == NULL) {
2850 printf(
"no smtp state: ");
2855 printf(
"smtp parser in inconsistent state\n");
2860 STREAM_TOSERVER, request1, request1_len);
2862 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2868 printf(
"smtp parser in inconsistent state\n");
2873 STREAM_TOCLIENT, reply1, reply1_len);
2875 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2881 printf(
"smtp parser in inconsistent state\n");
2886 STREAM_TOSERVER, request2, request2_len);
2888 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2898 printf(
"smtp parser in inconsistent state\n");
2903 STREAM_TOCLIENT, reply2, reply2_len);
2905 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2912 printf(
"smtp parser in inconsistent state\n");
2928 static int SMTPParserTest04(
void)
2935 uint8_t welcome_reply[] = {
2936 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2937 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2938 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2939 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2940 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2941 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2943 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2946 uint8_t request1[] = {
2947 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2948 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2949 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2950 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2951 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2952 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2954 uint32_t request1_len =
sizeof(request1);
2959 memset(&f, 0,
sizeof(f));
2960 memset(&ssn, 0,
sizeof(ssn));
2964 f.
proto = IPPROTO_TCP;
2968 SMTPTestInitConfig();
2971 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2973 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2977 if (smtp_state == NULL) {
2978 printf(
"no smtp state: ");
2983 printf(
"smtp parser in inconsistent state\n");
2988 STREAM_TOSERVER, request1, request1_len);
2990 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2996 printf(
"smtp parser in inconsistent state\n");
3012 static int SMTPParserTest05(
void)
3019 uint8_t welcome_reply[] = {
3020 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
3021 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3022 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3023 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
3024 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
3025 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
3027 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3030 uint8_t request1[] = {
3031 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3032 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3034 uint32_t request1_len =
sizeof(request1);
3044 uint8_t reply1[] = {
3045 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3046 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3047 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3048 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3049 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
3050 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
3051 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3052 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3053 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3054 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3055 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3056 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3057 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3058 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3059 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3060 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3061 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3063 uint32_t reply1_len =
sizeof(reply1);
3066 uint8_t request2[] = {
3067 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3070 uint32_t request2_len =
sizeof(request2);
3072 uint8_t reply2[] = {
3073 0x35, 0x30, 0x32, 0x20, 0x35, 0x2e, 0x35, 0x2e,
3074 0x32, 0x20, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x3a,
3075 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64,
3076 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x63,
3077 0x6f, 0x67, 0x6e, 0x69, 0x7a, 0x65, 0x64, 0x0d,
3080 uint32_t reply2_len =
sizeof(reply2);
3083 uint8_t request3[] = {
3084 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3087 uint32_t request3_len =
sizeof(request3);
3089 uint8_t reply3[] = {
3090 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3091 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3093 uint32_t reply3_len =
sizeof(reply3);
3098 memset(&f, 0,
sizeof(f));
3099 memset(&ssn, 0,
sizeof(ssn));
3103 f.
proto = IPPROTO_TCP;
3107 SMTPTestInitConfig();
3110 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3112 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3116 if (smtp_state == NULL) {
3117 printf(
"no smtp state: ");
3122 printf(
"smtp parser in inconsistent state\n");
3127 STREAM_TOSERVER, request1, request1_len);
3129 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3135 printf(
"smtp parser in inconsistent state\n");
3140 STREAM_TOCLIENT, reply1, reply1_len);
3142 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3148 printf(
"smtp parser in inconsistent state\n");
3153 STREAM_TOSERVER, request2, request2_len);
3155 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3162 printf(
"smtp parser in inconsistent state\n");
3167 STREAM_TOCLIENT, reply2, reply2_len);
3169 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3175 printf(
"smtp parser in inconsistent state\n");
3187 STREAM_TOSERVER, request3, request3_len);
3189 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3196 printf(
"smtp parser in inconsistent state\n");
3201 STREAM_TOCLIENT, reply3, reply3_len);
3203 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3209 printf(
"smtp parser in inconsistent state\n");
3225 static int SMTPParserTest06(
void)
3231 uint8_t welcome_reply[] = {
3232 0x32, 0x32, 0x30, 0x20, 0x62, 0x61, 0x79, 0x30,
3233 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3234 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3235 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3236 0x6d, 0x20, 0x53, 0x65, 0x6e, 0x64, 0x69, 0x6e,
3237 0x67, 0x20, 0x75, 0x6e, 0x73, 0x6f, 0x6c, 0x69,
3238 0x63, 0x69, 0x74, 0x65, 0x64, 0x20, 0x63, 0x6f,
3239 0x6d, 0x6d, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6c,
3240 0x20, 0x6f, 0x72, 0x20, 0x62, 0x75, 0x6c, 0x6b,
3241 0x20, 0x65, 0x2d, 0x6d, 0x61, 0x69, 0x6c, 0x20,
3242 0x74, 0x6f, 0x20, 0x4d, 0x69, 0x63, 0x72, 0x6f,
3243 0x73, 0x6f, 0x66, 0x74, 0x27, 0x73, 0x20, 0x63,
3244 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72, 0x20,
3245 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x20,
3246 0x69, 0x73, 0x20, 0x70, 0x72, 0x6f, 0x68, 0x69,
3247 0x62, 0x69, 0x74, 0x65, 0x64, 0x2e, 0x20, 0x4f,
3248 0x74, 0x68, 0x65, 0x72, 0x20, 0x72, 0x65, 0x73,
3249 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e,
3250 0x73, 0x20, 0x61, 0x72, 0x65, 0x20, 0x66, 0x6f,
3251 0x75, 0x6e, 0x64, 0x20, 0x61, 0x74, 0x20, 0x68,
3252 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x70, 0x72,
3253 0x69, 0x76, 0x61, 0x63, 0x79, 0x2e, 0x6d, 0x73,
3254 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x6e,
3255 0x74, 0x69, 0x2d, 0x73, 0x70, 0x61, 0x6d, 0x2f,
3256 0x2e, 0x20, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74,
3257 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x77, 0x69, 0x6c,
3258 0x6c, 0x20, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74,
3259 0x20, 0x69, 0x6e, 0x20, 0x75, 0x73, 0x65, 0x20,
3260 0x6f, 0x66, 0x20, 0x65, 0x71, 0x75, 0x69, 0x70,
3261 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6c, 0x6f, 0x63,
3262 0x61, 0x74, 0x65, 0x64, 0x20, 0x69, 0x6e, 0x20,
3263 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e,
3264 0x69, 0x61, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x6f,
3265 0x74, 0x68, 0x65, 0x72, 0x20, 0x73, 0x74, 0x61,
3266 0x74, 0x65, 0x73, 0x2e, 0x20, 0x46, 0x72, 0x69,
3267 0x2c, 0x20, 0x31, 0x36, 0x20, 0x46, 0x65, 0x62,
3268 0x20, 0x32, 0x30, 0x30, 0x37, 0x20, 0x30, 0x35,
3269 0x3a, 0x30, 0x33, 0x3a, 0x32, 0x33, 0x20, 0x2d,
3270 0x30, 0x38, 0x30, 0x30, 0x20, 0x0d, 0x0a
3272 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3274 uint8_t request1[] = {
3275 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x45, 0x58, 0x43,
3276 0x48, 0x41, 0x4e, 0x47, 0x45, 0x32, 0x2e, 0x63,
3277 0x67, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x6d, 0x69,
3278 0x61, 0x6d, 0x69, 0x2e, 0x65, 0x64, 0x75, 0x0d,
3281 uint32_t request1_len =
sizeof(request1);
3283 uint8_t reply1[] = {
3284 0x32, 0x35, 0x30, 0x2d, 0x62, 0x61, 0x79, 0x30,
3285 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3286 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3287 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3288 0x6d, 0x20, 0x28, 0x33, 0x2e, 0x33, 0x2e, 0x31,
3289 0x2e, 0x34, 0x29, 0x20, 0x48, 0x65, 0x6c, 0x6c,
3290 0x6f, 0x20, 0x5b, 0x31, 0x32, 0x39, 0x2e, 0x31,
3291 0x37, 0x31, 0x2e, 0x33, 0x32, 0x2e, 0x35, 0x39,
3292 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53,
3293 0x49, 0x5a, 0x45, 0x20, 0x32, 0x39, 0x36, 0x39,
3294 0x36, 0x30, 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35,
3295 0x30, 0x2d, 0x38, 0x62, 0x69, 0x74, 0x6d, 0x69,
3296 0x6d, 0x65, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3297 0x42, 0x49, 0x4e, 0x41, 0x52, 0x59, 0x4d, 0x49,
3298 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3299 0x43, 0x48, 0x55, 0x4e, 0x4b, 0x49, 0x4e, 0x47,
3300 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3301 0x54, 0x48, 0x20, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3302 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3303 0x54, 0x48, 0x3d, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3304 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20, 0x4f, 0x4b,
3307 uint32_t reply1_len =
sizeof(reply1);
3310 uint8_t request2[] = {
3311 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3312 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3313 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3316 uint32_t request2_len =
sizeof(request2);
3318 uint8_t reply2[] = {
3319 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3320 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3322 uint32_t reply2_len =
sizeof(reply2);
3325 uint8_t request3[] = {
3326 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3327 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3328 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3331 uint32_t request3_len =
sizeof(request3);
3333 uint8_t reply3[] = {
3334 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3335 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3337 uint32_t reply3_len =
sizeof(reply3);
3340 uint8_t request4[] = {
3341 0x42, 0x44, 0x41, 0x54, 0x20, 0x35, 0x31, 0x0d,
3344 uint32_t request4_len =
sizeof(request4);
3346 uint8_t request5[] = {
3347 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3348 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3349 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3350 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x0d, 0x0a,
3352 uint32_t request5_len =
sizeof(request5);
3354 uint8_t request6[] = {
3355 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3356 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3359 uint32_t request6_len =
sizeof(request6);
3364 memset(&f, 0,
sizeof(f));
3365 memset(&ssn, 0,
sizeof(ssn));
3369 f.
proto = IPPROTO_TCP;
3373 SMTPTestInitConfig();
3376 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3378 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3382 if (smtp_state == NULL) {
3383 printf(
"no smtp state: ");
3388 printf(
"smtp parser in inconsistent state\n");
3393 STREAM_TOSERVER, request1, request1_len);
3395 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3401 printf(
"smtp parser in inconsistent state\n");
3406 STREAM_TOCLIENT, reply1, reply1_len);
3408 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3413 printf(
"smtp parser in inconsistent state\n");
3418 STREAM_TOSERVER, request2, request2_len);
3420 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3426 printf(
"smtp parser in inconsistent state\n");
3431 STREAM_TOCLIENT, reply2, reply2_len);
3433 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3438 printf(
"smtp parser in inconsistent state\n");
3443 STREAM_TOSERVER, request3, request3_len);
3445 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3451 printf(
"smtp parser in inconsistent state\n");
3456 STREAM_TOCLIENT, reply3, reply3_len);
3458 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3463 printf(
"smtp parser in inconsistent state\n");
3468 STREAM_TOSERVER, request4, request4_len);
3470 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3478 printf(
"smtp parser in inconsistent state\n");
3483 STREAM_TOSERVER, request5, request5_len);
3485 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3492 printf(
"smtp parser in inconsistent state\n");
3497 STREAM_TOSERVER, request6, request6_len);
3499 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3505 printf(
"smtp parser in inconsistent state\n");
3518 static int SMTPParserTest12(
void)
3532 uint8_t request1[] = {
3533 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3534 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3536 int32_t request1_len =
sizeof(request1);
3540 uint8_t reply1[] = {
3541 0x31, 0x38, 0x38, 0x0d, 0x0a,
3543 uint32_t reply1_len =
sizeof(reply1);
3547 memset(&th_v, 0,
sizeof(th_v));
3548 memset(&f, 0,
sizeof(f));
3549 memset(&ssn, 0,
sizeof(ssn));
3555 f.
proto = IPPROTO_TCP;
3564 SMTPTestInitConfig();
3573 "(msg:\"SMTP event handling\"; "
3574 "app-layer-event: smtp.invalid_reply; "
3583 STREAM_TOSERVER | STREAM_START, request1,
3586 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3591 if (smtp_state == NULL) {
3592 printf(
"no smtp state: ");
3600 printf(
"sid 1 matched. It shouldn't match: ");
3605 STREAM_TOCLIENT | STREAM_TOCLIENT, reply1,
3608 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3616 printf(
"sid 1 didn't match. Should have matched: ");
3637 static int SMTPParserTest13(
void)
3651 uint8_t request1[] = {
3652 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3653 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3655 int32_t request1_len =
sizeof(request1);
3659 uint8_t reply1[] = {
3660 0x32, 0x35, 0x30, 0x0d, 0x0a,
3662 uint32_t reply1_len =
sizeof(reply1);
3669 uint8_t request2[] = {
3670 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3671 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3672 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3673 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
3674 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3675 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3676 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
3677 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3680 uint32_t request2_len =
sizeof(request2);
3684 memset(&th_v, 0,
sizeof(th_v));
3685 memset(&f, 0,
sizeof(f));
3686 memset(&ssn, 0,
sizeof(ssn));
3692 f.
proto = IPPROTO_TCP;
3701 SMTPTestInitConfig();
3710 "(msg:\"SMTP event handling\"; "
3712 "smtp.invalid_pipelined_sequence; "
3721 STREAM_TOSERVER | STREAM_START, request1,
3724 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3729 if (smtp_state == NULL) {
3730 printf(
"no smtp state: ");
3738 printf(
"sid 1 matched. It shouldn't match: ");
3743 STREAM_TOCLIENT, reply1, reply1_len);
3745 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3753 printf(
"sid 1 matched. It shouldn't match: ");
3758 STREAM_TOSERVER, request2, request2_len);
3760 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3768 printf(
"sid 1 didn't match. Should have matched: ");
3792 static int SMTPParserTest14(
void)
3799 static uint8_t welcome_reply[] = {
3800 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
3801 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
3802 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
3803 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
3804 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
3807 static uint32_t welcome_reply_len =
sizeof(welcome_reply);
3810 static uint8_t request1[] = {
3811 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3812 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3814 static uint32_t request1_len =
sizeof(request1);
3821 static uint8_t reply1[] = {
3822 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3823 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3824 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3825 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3826 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3827 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3828 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3829 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3830 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3831 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3832 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3833 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3834 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3835 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3836 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3838 static uint32_t reply1_len =
sizeof(reply1);
3841 static uint8_t request2[] = {
3842 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3843 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3844 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3847 static uint32_t request2_len =
sizeof(request2);
3849 static uint8_t reply2[] = {
3850 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3851 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3853 static uint32_t reply2_len =
sizeof(reply2);
3856 static uint8_t request3[] = {
3857 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3858 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3859 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3862 static uint32_t request3_len =
sizeof(request3);
3864 static uint8_t reply3[] = {
3865 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3866 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3868 static uint32_t reply3_len =
sizeof(reply3);
3871 static uint8_t request4[] = {
3872 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
3874 static uint32_t request4_len =
sizeof(request4);
3876 static uint8_t reply4[] = {
3877 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
3878 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
3879 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
3880 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
3881 0x4c, 0x46, 0x3e, 0x0d, 0x0a
3883 static uint32_t reply4_len =
sizeof(reply4);
3886 static uint64_t filesize = 133;
3887 static uint8_t request4_msg[] = {
3888 0x4D, 0x49, 0x4D, 0x45, 0x2D, 0x56, 0x65, 0x72,
3889 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20, 0x31, 0x2E,
3890 0x30, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3891 0x6E, 0x74, 0x2D, 0x54, 0x79, 0x70, 0x65, 0x3A,
3892 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61,
3893 0x74, 0x69, 0x6F, 0x6E, 0x2F, 0x6F, 0x63, 0x74,
3894 0x65, 0x74, 0x2D, 0x73, 0x74, 0x72, 0x65, 0x61,
3895 0x6D, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3896 0x6E, 0x74, 0x2D, 0x54, 0x72, 0x61, 0x6E, 0x73,
3897 0x66, 0x65, 0x72, 0x2D, 0x45, 0x6E, 0x63, 0x6F,
3898 0x64, 0x69, 0x6E, 0x67, 0x3A, 0x20, 0x62, 0x61,
3899 0x73, 0x65, 0x36, 0x34, 0x0D, 0x0A, 0x43, 0x6F,
3900 0x6E, 0x74, 0x65, 0x6E, 0x74, 0x2D, 0x44, 0x69,
3901 0x73, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x69, 0x6F,
3902 0x6E, 0x3A, 0x20, 0x61, 0x74, 0x74, 0x61, 0x63,
3903 0x68, 0x6D, 0x65, 0x6E, 0x74, 0x3B, 0x20, 0x66,
3904 0x69, 0x6C, 0x65, 0x6E, 0x61, 0x6D, 0x65, 0x3D,
3905 0x22, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x65, 0x78,
3906 0x65, 0x22, 0x3B, 0x0D, 0x0A, 0x0D, 0x0A, 0x54,
3907 0x56, 0x6F, 0x41, 0x41, 0x46, 0x42, 0x46, 0x41,
3908 0x41, 0x42, 0x4D, 0x41, 0x51, 0x45, 0x41, 0x61,
3909 0x69, 0x70, 0x59, 0x77, 0x77, 0x41, 0x41, 0x41,
3910 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3911 0x41, 0x41, 0x44, 0x41, 0x51, 0x73, 0x42, 0x43,
3912 0x41, 0x41, 0x42, 0x41, 0x41, 0x43, 0x41, 0x41,
3913 0x41, 0x41, 0x41, 0x41, 0x48, 0x6B, 0x41, 0x41,
3914 0x41, 0x41, 0x4D, 0x41, 0x41, 0x41, 0x41, 0x65,
3915 0x51, 0x41, 0x41, 0x41, 0x41, 0x77, 0x41, 0x41,
3916 0x41, 0x41, 0x41, 0x41, 0x45, 0x41, 0x41, 0x42,
3917 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3918 0x41, 0x42, 0x30, 0x41, 0x41, 0x41, 0x41, 0x49,
3919 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3920 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3921 0x41, 0x45, 0x41, 0x41, 0x49, 0x67, 0x41, 0x41,
3922 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3923 0x67, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3924 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3925 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3926 0x41, 0x42, 0x63, 0x58, 0x44, 0x59, 0x32, 0x4C,
3927 0x6A, 0x6B, 0x7A, 0x4C, 0x6A, 0x59, 0x34, 0x4C,
3928 0x6A, 0x5A, 0x63, 0x65, 0x67, 0x41, 0x41, 0x4F,
3929 0x41, 0x3D, 0x3D, 0x0D,0x0A };
3930 static uint32_t request4_msg_len =
sizeof(request4_msg);
3933 static uint8_t request4_end[] = {
3934 0x0d, 0x0a, 0x2e, 0x0d, 0x0a
3936 static uint32_t request4_end_len =
sizeof(request4_end);
3938 static uint8_t reply4_end[] = {
3939 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3940 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
3941 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
3942 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
3943 0x46, 0x32, 0x0d, 0x0a
3945 static uint32_t reply4_end_len =
sizeof(reply4_end);
3948 static uint8_t request5[] = {
3949 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3951 static uint32_t request5_len =
sizeof(request5);
3953 static uint8_t reply5[] = {
3954 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3955 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3957 static uint32_t reply5_len =
sizeof(reply5);
3962 memset(&f, 0,
sizeof(f));
3963 memset(&ssn, 0,
sizeof(ssn));
3967 f.
proto = IPPROTO_TCP;
3971 SMTPTestInitConfig();
3975 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3977 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3981 if (smtp_state == NULL) {
3982 printf(
"no smtp state: ");
3987 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3992 STREAM_TOSERVER, request1, request1_len);
3994 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4000 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4006 STREAM_TOCLIENT, reply1, reply1_len);
4008 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4012 if ((smtp_state->
helo_len != 7) || strncmp(
"boo.com", (
char *)smtp_state->
helo, 7)) {
4013 printf(
"incorrect parsing of HELO field '%s' (%d)\n", smtp_state->
helo, smtp_state->
helo_len);
4019 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4025 STREAM_TOSERVER, request2, request2_len);
4027 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4033 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4039 STREAM_TOCLIENT, reply2, reply2_len);
4041 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4047 printf(
"incorrect parsing of MAIL FROM field '%s' (%d)\n",
4055 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4061 STREAM_TOSERVER, request3, request3_len);
4063 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4069 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4075 STREAM_TOCLIENT, reply3, reply3_len);
4077 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4082 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4088 SCMimeSmtpConfigDecodeBase64(1);
4089 SCMimeSmtpConfigDecodeQuoted(1);
4093 STREAM_TOSERVER, request4, request4_len);
4095 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4102 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4108 STREAM_TOCLIENT, reply4, reply4_len);
4110 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4116 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4122 STREAM_TOSERVER, request4_msg, request4_msg_len);
4124 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4132 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4138 STREAM_TOSERVER, request4_end, request4_end_len);
4140 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4148 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4157 if (files != NULL && files->
head != NULL) {
4160 if(strncmp((
const char *)file->
name,
"test.exe", 8) != 0){
4161 printf(
"smtp-mime file name is incorrect");
4165 printf(
"smtp-mime file size %"PRIu64
" is incorrect",
FileDataSize(file));
4168 static uint8_t org_binary[] = {
4169 0x4D, 0x5A, 0x00, 0x00, 0x50, 0x45, 0x00, 0x00,
4170 0x4C, 0x01, 0x01, 0x00, 0x6A, 0x2A, 0x58, 0xC3,
4171 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4172 0x04, 0x00, 0x03, 0x01, 0x0B, 0x01, 0x08, 0x00,
4173 0x01, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
4174 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4175 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4176 0x00, 0x00, 0x40, 0x00, 0x04, 0x00, 0x00, 0x00,
4177 0x04, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00,
4178 0x20, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
4179 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4180 0x88, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4181 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4182 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4183 0x00, 0x00, 0x00, 0x00, 0x5C, 0x5C, 0x36, 0x36,
4184 0x2E, 0x39, 0x33, 0x2E, 0x36, 0x38, 0x2E, 0x36,
4185 0x5C, 0x7A, 0x00, 0x00, 0x38,};
4188 org_binary,
sizeof(org_binary)) != 1)
4190 printf(
"smtp-mime file data incorrect\n");
4197 STREAM_TOCLIENT, reply4_end, reply4_end_len);
4199 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4204 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4210 STREAM_TOSERVER, request5, request5_len);
4212 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4218 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4224 STREAM_TOCLIENT, reply5, reply5_len);
4226 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4231 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);