64 #define FILEDATA_CONTENT_LIMIT 100000
66 #define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
68 #define FILEDATA_CONTENT_INSPECT_WINDOW 4096
71 #define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
73 #define SMTP_COMMAND_BUFFER_STEPS 5
80 #define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
82 #define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04
84 #define SMTP_PARSER_STATE_PARSING_MULTILINE_REPLY 0x08
86 #define SMTP_PARSER_STATE_PIPELINING_SERVER 0x10
92 #define SMTP_COMMAND_STARTTLS 1
93 #define SMTP_COMMAND_DATA 2
94 #define SMTP_COMMAND_BDAT 3
99 #define SMTP_COMMAND_DATA_MODE 4
101 #define SMTP_COMMAND_OTHER_CMD 5
102 #define SMTP_COMMAND_RSET 6
104 #define SMTP_DEFAULT_MAX_TX 256
179 static int SMTPGetFrameIdByName(
const char *frame_name)
188 static const char *SMTPGetFrameNameById(
const uint8_t frame_id)
199 #define SMTP_MPM mpm_default_matcher
201 static MpmCtx *smtp_mpm_ctx = NULL;
309 #define SCHEME_SUFFIX_LEN 3
317 static void SMTPConfigure(
void) {
321 uint32_t content_limit = 0;
322 uint32_t content_inspect_min_size = 0;
323 uint32_t content_inspect_window = 0;
326 if (config != NULL) {
327 ConfNode *extract_urls_schemes = NULL;
337 SCMimeSmtpConfigDecodeBase64(val);
342 SCMimeSmtpConfigDecodeQuoted(val);
347 if (imval < 0 || imval > UINT32_MAX) {
348 FatalError(
"Invalid value for header-value-depth");
350 SCMimeSmtpConfigHeaderValueDepth((uint32_t)imval);
355 SCMimeSmtpConfigExtractUrls(val);
362 if (extract_urls_schemes) {
365 SCMimeSmtpConfigExtractUrlsSchemeReset();
367 size_t scheme_len = strlen(scheme->
val);
369 FatalError(
"Too long value for extract-urls-schemes");
371 if (scheme->
val[scheme_len - 1] !=
'/') {
373 char *new_val =
SCMalloc(scheme_len + 1);
377 int r = snprintf(new_val, scheme_len + 1,
"%s://", scheme->
val);
378 if (r != (
int)scheme_len) {
379 FatalError(
"snprintf failure for SMTP url extraction scheme.");
382 scheme->
val = new_val;
384 int r = SCMimeSmtpConfigExtractUrlsSchemeAdd(scheme->
val);
386 FatalError(
"Failed to add smtp extract url scheme");
392 SCMimeSmtpConfigExtractUrlsSchemeReset();
393 SCMimeSmtpConfigExtractUrlsSchemeAdd(
"http://");
398 SCMimeSmtpConfigLogUrlScheme(val);
403 SCMimeSmtpConfigBodyMd5(val);
412 if (strcasecmp(
"content-limit", p->
name) == 0) {
420 if (strcasecmp(
"content-inspect-min-size", p->
name) == 0) {
428 if (strcasecmp(
"content-inspect-window", p->
name) == 0) {
440 if (
ConfGetBool(
"app-layer.protocols.smtp.raw-extraction",
445 SCLogError(
"\"decode-mime\" and \"raw-extraction\" "
446 "options can't be enabled at the same time, "
447 "disabling raw extraction");
453 const char *
str = NULL;
454 if (
ConfGet(
"app-layer.protocols.smtp.max-tx", &
str) == 1) {
466 static void SMTPSetEvent(
SMTPState *s, uint8_t e)
489 tx->
tx_data.file_tx = STREAM_TOSERVER;
495 if (tx && tx->
tx_data.de_state) {
496 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW set");
498 }
else if (tx == NULL) {
499 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX");
500 }
else if (tx->
tx_data.de_state == NULL) {
501 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX DESTATE");
511 if (tx == NULL || file == NULL) {
516 FlagDetectStateNewFile(tx);
548 if (direction == 0 &&
555 }
else if (direction == 1) {
558 if (frame != NULL && state->
curr_tx) {
565 uint8_t *lf_idx = memchr(input->
buf + input->
consumed, 0x0a, input->
len);
568 if (lf_idx == NULL) {
581 uint32_t o_consumed = input->
consumed;
582 input->
consumed = (uint32_t)(lf_idx - input->
buf + 1);
590 line->
buf = input->
buf + o_consumed;
593 frame->
len = (int64_t)line->
len;
601 if (discard_till_lf) {
603 if (direction == 0) {
623 static int SMTPInsertCommandIntoCommandBuffer(uint8_t command,
SMTPState *state)
656 if ((
int)(state->
cmds_cnt + 1) > (
int)USHRT_MAX) {
684 static void SetMimeEvents(
SMTPState *state, uint32_t events)
690 if (events & MIME_ANOM_INVALID_BASE64) {
693 if (events & MIME_ANOM_INVALID_QP) {
696 if (events & MIME_ANOM_LONG_LINE) {
699 if (events & MIME_ANOM_LONG_ENC_LINE) {
702 if (events & MIME_ANOM_LONG_HEADER_NAME) {
705 if (events & MIME_ANOM_LONG_HEADER_VALUE) {
708 if (events & MIME_ANOM_LONG_BOUNDARY) {
711 if (events & MIME_ANOM_LONG_FILENAME) {
716 static inline void SMTPTransactionComplete(
SMTPState *state)
727 static int SMTPProcessCommandDATA(
739 if (line->
len == 1 && line->
buf[0] ==
'.') {
757 SMTPTransactionComplete(state);
772 const uint8_t *filename = NULL;
773 uint16_t filename_len = 0;
778 MimeSmtpParserResult ret = SCSmtpMimeParseLine(
780 SetMimeEvents(state, events);
782 case MimeSmtpFileOpen:
786 if (filename_len == 0) {
793 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
808 case MimeSmtpFileChunk:
817 "StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
828 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
833 case MimeSmtpFileClose:
836 SCLogDebug(
"FileCloseFile() failed: %d", ret);
844 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
853 static inline bool IsReplyToCommand(
const SMTPState *state,
const uint8_t cmd)
859 static int SMTPProcessReply(
877 if (line->
len >= 4) {
879 if (line->
buf[3] !=
'-') {
883 if (line->
buf[3] ==
'-') {
905 SCLogDebug(
"REPLY: reply_code %u / %s", reply_code,
924 SCLogDebug(
"unable to match reply with request");
939 SMTPTransactionComplete(state);
960 SMTPTransactionComplete(state);
974 SCMemcmpLowercase(
"pipelining", line->
buf + 4, 10) == 0) {
993 while (i < line->
len) {
994 if (line->
buf[i] !=
' ') {
1003 if (i == line->
len) {
1010 if (line->
len - i <
len) {
1013 memcpy(strbuf, line->
buf + i,
len);
1023 static int SMTPParseCommandWithParam(
SMTPState *state,
const SMTPLine *line, uint8_t prefix_len,
1024 uint8_t **target, uint16_t *target_len)
1026 int i = prefix_len + 1;
1028 while (i < line->
len) {
1029 if (line->
buf[i] !=
' ') {
1038 while (spc_i < line->
len) {
1039 if (line->
buf[spc_i] ==
' ') {
1046 if (*target == NULL)
1048 memcpy(*target, line->
buf + i, spc_i - i);
1049 (*target)[spc_i - i] =
'\0';
1050 if (spc_i - i > UINT16_MAX) {
1051 *target_len = UINT16_MAX;
1054 *target_len = (uint16_t)(spc_i - i);
1066 return SMTPParseCommandWithParam(state, line, 4, &state->
helo, &state->
helo_len);
1075 return SMTPParseCommandWithParam(
1082 uint16_t rcptto_len;
1084 if (SMTPParseCommandWithParam(state, line, 7, &rcptto, &rcptto_len) == 0) {
1087 rcptto_str->
str = rcptto;
1088 rcptto_str->
len = rcptto_len;
1104 if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1106 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"quit", line->
buf, 4) == 0) {
1114 #define rawmsgname "rawmsg"
1133 static int SMTPProcessRequest(
1141 frame->
len = (int64_t)line->
len;
1158 tx = SMTPTransactionCreate(state);
1170 if (frame != NULL && state->
curr_tx) {
1185 if (line->
len >= 8 && SCMemcmpLowercase(
"starttls", line->
buf, 8) == 0) {
1187 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"data", line->
buf, 4) == 0) {
1213 if (data_frame == NULL) {
1214 SCLogDebug(
"data_frame %p - no data frame set up", data_frame);
1223 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"bdat", line->
buf, 4) == 0) {
1224 r = SMTPParseCommandBDAT(state, line);
1230 }
else if (line->
len >= 4 && ((SCMemcmpLowercase(
"helo", line->
buf, 4) == 0) ||
1231 SCMemcmpLowercase(
"ehlo", line->
buf, 4) == 0)) {
1232 r = SMTPParseCommandHELO(state, line);
1237 }
else if (line->
len >= 9 && SCMemcmpLowercase(
"mail from", line->
buf, 9) == 0) {
1238 r = SMTPParseCommandMAILFROM(state, line);
1243 }
else if (line->
len >= 7 && SCMemcmpLowercase(
"rcpt to", line->
buf, 7) == 0) {
1244 r = SMTPParseCommandRCPTTO(state, line);
1249 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1259 if (SMTPInsertCommandIntoCommandBuffer(state->
current_command, state) == -1) {
1268 return SMTPProcessCommandDATA(state, tx, f, line);
1271 return SMTPProcessCommandBDAT(state, line);
1280 static inline void ResetLine(
SMTPLine *line)
1309 static int SMTPPreProcessCommands(
1321 bool line_complete =
false;
1322 const int32_t input_len = input->
len;
1324 for (int32_t i = 0; i < input_len; i++) {
1326 if (i < input_len - 1 && input->buf[
offset + i + 1] == 0x0a) {
1332 line_complete =
true;
1333 }
else if (input->
buf[
offset + i] == 0x0a) {
1336 line_complete =
true;
1339 if (line_complete || (i == input_len - 1)) {
1346 SCLogDebug(
"Possible boundary, yield to GetLine");
1350 int32_t total_consumed =
offset + i + 1;
1351 int32_t current_line_consumed = total_consumed - input->
consumed;
1356 if (line->
len < 0) {
1361 input->
len -= current_line_consumed;
1363 if (SMTPProcessRequest(state, f, input, line, slice) == -1) {
1366 line_complete =
false;
1384 static AppLayerResult SMTPParse(uint8_t direction,
Flow *f,
SMTPState *state,
1389 const uint8_t *input_buf = StreamSliceGetData(&stream_slice);
1390 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
1392 if (input_buf == NULL &&
1397 }
else if (input_buf == NULL || input_len == 0) {
1401 SMTPInput input = { .
buf = input_buf, .len = input_len, .orig_len = input_len, .consumed = 0 };
1402 SMTPLine line = { NULL, 0, 0,
false };
1405 if (direction == 0) {
1409 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1413 }
else if (ret < 0) {
1417 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1418 while (res.status == 0) {
1419 int retval = SMTPProcessRequest(state, f, &input, &line, &stream_slice);
1440 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1444 }
else if (ret < 0) {
1448 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1450 if (res.status == 1)
1454 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1455 while (res.status == 0) {
1456 if (SMTPProcessReply(state, f, thread_data, &input, &line) != 0)
1466 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1468 if (res.status == 1)
1476 StreamSlice stream_slice,
void *local_data)
1481 return SMTPParse(0, f, alstate, pstate, stream_slice, local_data);
1485 StreamSlice stream_slice,
void *local_data)
1490 return SMTPParse(1, f, alstate, pstate, stream_slice, local_data);
1505 if (smtp_state->
cmds == NULL) {
1534 static void *SMTPLocalStorageAlloc(
void)
1543 if (td->
pmq == NULL) {
1556 static void SMTPLocalStorageFree(
void *ptr)
1560 if (td->
pmq != NULL) {
1580 if (tx->
tx_data.events != NULL)
1583 if (tx->
tx_data.de_state != NULL)
1592 SMTPStringFree(
str);
1603 static void SMTPStateFree(
void *p)
1607 if (smtp_state->
cmds != NULL) {
1611 if (smtp_state->
helo) {
1616 while ((tx =
TAILQ_FIRST(&smtp_state->tx_list))) {
1618 SMTPTransactionFree(tx, smtp_state);
1624 static void SMTPSetMpmState(
void)
1627 if (
unlikely(smtp_mpm_ctx == NULL)) {
1644 static void SMTPFreeMpmState(
void)
1646 if (smtp_mpm_ctx != NULL) {
1649 smtp_mpm_ctx = NULL;
1653 static int SMTPStateGetEventInfo(
const char *event_name,
1654 int *event_id, AppLayerEventType *event_type)
1657 if (*event_id == -1) {
1659 "smtp's enum map table.",
1665 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1670 static int SMTPStateGetEventInfoById(
int event_id,
const char **event_name,
1671 AppLayerEventType *event_type)
1674 if (*event_name == NULL) {
1676 "smtp's enum map table.",
1682 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1687 static AppProto SMTPServerProbingParser(
1688 Flow *f, uint8_t direction,
const uint8_t *input, uint32_t
len, uint8_t *rdir)
1695 if (input[0] !=
'2' || input[1] !=
'2' || input[2] !=
'0') {
1699 if (input[3] !=
' ' && input[3] !=
'-') {
1705 if (memchr(input + 4,
'\n',
len - 4) != NULL) {
1716 uint32_t
offset = SCValidateDomain(input + 4,
len - 4);
1727 static int SMTPRegisterPatternsForProtocolDetection(
void)
1730 "EHLO", 4, 0, STREAM_TOSERVER) < 0)
1735 "HELO", 4, 0, STREAM_TOSERVER) < 0)
1740 "QUIT", 4, 0, STREAM_TOSERVER) < 0)
1745 "tcp", IPPROTO_TCP,
"smtp",
ALPROTO_SMTP, 0, 5, NULL, SMTPServerProbingParser)) {
1748 NULL, SMTPServerProbingParser);
1754 static void SMTPStateTransactionFree (
void *state, uint64_t tx_id)
1759 if (tx_id < tx->tx_id)
1761 else if (tx_id > tx->
tx_id)
1764 if (tx == smtp_state->
curr_tx)
1767 SMTPTransactionFree(tx, state);
1775 static uint64_t SMTPStateGetTxCnt(
void *state)
1786 static void *SMTPStateGetTx(
void *state, uint64_t
id)
1792 if (smtp_state->
curr_tx == NULL)
1798 if (tx->
tx_id ==
id)
1805 static int SMTPStateGetAlstateProgress(
void *vtx, uint8_t direction)
1811 static AppLayerGetFileState SMTPGetTxFiles(
void *txv, uint8_t direction)
1816 if (direction & STREAM_TOSERVER) {
1828 static AppLayerStateData *SMTPGetStateData(
void *vstate)
1838 static AppLayerGetTxIterTuple SMTPGetTxIterator(
const uint8_t ipproto,
const AppProto alproto,
1842 AppLayerGetTxIterTuple no_tuple = { NULL, 0,
false };
1845 if (state->
un.
ptr == NULL) {
1851 while (tx_ptr->
tx_id < min_tx_id) {
1857 if (tx_ptr->
tx_id >= max_tx_id) {
1861 AppLayerGetTxIterTuple tuple = {
1864 .has_next = (state->
un.
ptr != NULL),
1877 const char *proto_name =
"smtp";
1881 if (SMTPRegisterPatternsForProtocolDetection() < 0 )
1884 SCLogInfo(
"Protocol detection and parser disabled for %s protocol.",
1893 SMTPParseClientRecord);
1895 SMTPParseServerRecord);
1901 SMTPLocalStorageFree);
1913 IPPROTO_TCP,
ALPROTO_SMTP, SMTPGetFrameIdByName, SMTPGetFrameNameById);
1915 SCLogInfo(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);
1940 static void SMTPTestInitConfig(
void)
1954 static int SMTPParserTest01(
void)
1961 uint8_t welcome_reply[] = {
1962 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
1963 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1964 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
1965 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
1966 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
1969 uint32_t welcome_reply_len =
sizeof(welcome_reply);
1972 uint8_t request1[] = {
1973 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x5b, 0x31, 0x39,
1974 0x32, 0x2e, 0x31, 0x36, 0x38, 0x2e, 0x30, 0x2e,
1975 0x31, 0x35, 0x38, 0x5d, 0x0d, 0x0a
1977 uint32_t request1_len =
sizeof(request1);
1984 uint8_t reply1[] = {
1985 0x32, 0x35, 0x30, 0x2d, 0x6d, 0x78, 0x2e, 0x67,
1986 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1987 0x6d, 0x20, 0x61, 0x74, 0x20, 0x79, 0x6f, 0x75,
1988 0x72, 0x20, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
1989 0x65, 0x2c, 0x20, 0x5b, 0x31, 0x31, 0x37, 0x2e,
1990 0x31, 0x39, 0x38, 0x2e, 0x31, 0x31, 0x35, 0x2e,
1991 0x35, 0x30, 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30,
1992 0x2d, 0x53, 0x49, 0x5a, 0x45, 0x20, 0x33, 0x35,
1993 0x38, 0x38, 0x32, 0x35, 0x37, 0x37, 0x0d, 0x0a,
1994 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49, 0x54,
1995 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35,
1996 0x30, 0x2d, 0x53, 0x54, 0x41, 0x52, 0x54, 0x54,
1997 0x4c, 0x53, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20,
1998 0x45, 0x4e, 0x48, 0x41, 0x4e, 0x43, 0x45, 0x44,
1999 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x43, 0x4f,
2000 0x44, 0x45, 0x53, 0x0d, 0x0a
2002 uint32_t reply1_len =
sizeof(reply1);
2005 uint8_t request2[] = {
2006 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
2009 uint32_t request2_len =
sizeof(request2);
2011 uint8_t reply2[] = {
2012 0x32, 0x32, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2013 0x30, 0x20, 0x52, 0x65, 0x61, 0x64, 0x79, 0x20,
2014 0x74, 0x6f, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74,
2015 0x20, 0x54, 0x4c, 0x53, 0x0d, 0x0a
2017 uint32_t reply2_len =
sizeof(reply2);
2022 memset(&f, 0,
sizeof(f));
2023 memset(&ssn, 0,
sizeof(ssn));
2027 f.
proto = IPPROTO_TCP;
2031 SMTPTestInitConfig();
2034 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2036 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2040 if (smtp_state == NULL) {
2041 printf(
"no smtp state: ");
2046 printf(
"smtp parser in inconsistent state\n");
2051 STREAM_TOSERVER, request1, request1_len);
2053 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2059 printf(
"smtp parser in inconsistent state\n");
2064 STREAM_TOCLIENT, reply1, reply1_len);
2066 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2071 printf(
"smtp parser in inconsistent state\n");
2076 STREAM_TOSERVER, request2, request2_len);
2078 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2084 printf(
"smtp parser in inconsistent state\n");
2089 STREAM_TOCLIENT, reply2, reply2_len);
2091 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2097 printf(
"smtp parser in inconsistent state\n");
2117 static int SMTPParserTest02(
void)
2124 uint8_t welcome_reply[] = {
2125 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
2126 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
2127 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
2128 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
2129 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
2132 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2135 uint8_t request1[] = {
2136 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2137 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2139 uint32_t request1_len =
sizeof(request1);
2146 uint8_t reply1[] = {
2147 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2148 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2149 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2150 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2151 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2152 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2153 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2154 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2155 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2156 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2157 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2158 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2159 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2160 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2161 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2163 uint32_t reply1_len =
sizeof(reply1);
2166 uint8_t request2[] = {
2167 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2168 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
2169 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2172 uint32_t request2_len =
sizeof(request2);
2174 uint8_t reply2[] = {
2175 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2176 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2178 uint32_t reply2_len =
sizeof(reply2);
2181 uint8_t request3[] = {
2182 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2183 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2184 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2187 uint32_t request3_len =
sizeof(request3);
2189 uint8_t reply3[] = {
2190 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2191 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2193 uint32_t reply3_len =
sizeof(reply3);
2196 uint8_t request4[] = {
2197 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2199 uint32_t request4_len =
sizeof(request4);
2201 uint8_t reply4[] = {
2202 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2203 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2204 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2205 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2206 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2208 uint32_t reply4_len =
sizeof(reply4);
2211 uint8_t request5_1[] = {
2212 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2213 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
2214 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2216 uint32_t request5_1_len =
sizeof(request5_1);
2218 uint8_t request5_2[] = {
2219 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2220 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2221 0x6f, 0x6d, 0x0d, 0x0a
2223 uint32_t request5_2_len =
sizeof(request5_2);
2225 uint8_t request5_3[] = {
2228 uint32_t request5_3_len =
sizeof(request5_3);
2230 uint8_t request5_4[] = {
2231 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2232 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2233 0x6c, 0x31, 0x0d, 0x0a
2235 uint32_t request5_4_len =
sizeof(request5_4);
2237 uint8_t request5_5[] = {
2240 uint32_t request5_5_len =
sizeof(request5_5);
2242 uint8_t reply5[] = {
2243 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2244 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2245 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2246 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
2247 0x46, 0x32, 0x0d, 0x0a
2249 uint32_t reply5_len =
sizeof(reply5);
2252 uint8_t request6[] = {
2253 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2254 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x67, 0x40,
2255 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2258 uint32_t request6_len =
sizeof(request6);
2260 uint8_t reply6[] = {
2261 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2262 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2264 uint32_t reply6_len =
sizeof(reply6);
2267 uint8_t request7[] = {
2268 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2269 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2270 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2273 uint32_t request7_len =
sizeof(request7);
2275 uint8_t reply7[] = {
2276 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2277 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2279 uint32_t reply7_len =
sizeof(reply7);
2282 uint8_t request8[] = {
2283 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2285 uint32_t request8_len =
sizeof(request8);
2287 uint8_t reply8[] = {
2288 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2289 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2290 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2291 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2292 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2294 uint32_t reply8_len =
sizeof(reply8);
2297 uint8_t request9_1[] = {
2298 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2299 0x66, 0x67, 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c,
2300 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2302 uint32_t request9_1_len =
sizeof(request9_1);
2304 uint8_t request9_2[] = {
2305 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2306 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2307 0x6f, 0x6d, 0x0d, 0x0a
2309 uint32_t request9_2_len =
sizeof(request9_2);
2311 uint8_t request9_3[] = {
2314 uint32_t request9_3_len =
sizeof(request9_3);
2316 uint8_t request9_4[] = {
2317 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2318 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2319 0x6c, 0x32, 0x0d, 0x0a
2321 uint32_t request9_4_len =
sizeof(request9_4);
2323 uint8_t request9_5[] = {
2326 uint32_t request9_5_len =
sizeof(request9_5);
2328 uint8_t reply9[] = {
2329 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2330 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2331 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2332 0x32, 0x38, 0x43, 0x46, 0x46, 0x32, 0x30, 0x42,
2333 0x46, 0x32, 0x0d, 0x0a
2335 uint32_t reply9_len =
sizeof(reply9);
2338 uint8_t request10[] = {
2339 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
2341 uint32_t request10_len =
sizeof(request10);
2343 uint8_t reply10[] = {
2344 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2345 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
2347 uint32_t reply10_len =
sizeof(reply10);
2352 memset(&f, 0,
sizeof(f));
2353 memset(&ssn, 0,
sizeof(ssn));
2357 f.
proto = IPPROTO_TCP;
2361 SMTPTestInitConfig();
2364 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2366 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2370 if (smtp_state == NULL) {
2371 printf(
"no smtp state: ");
2376 printf(
"smtp parser in inconsistent state\n");
2381 STREAM_TOSERVER, request1, request1_len);
2383 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2389 printf(
"smtp parser in inconsistent state\n");
2394 STREAM_TOCLIENT, reply1, reply1_len);
2396 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2401 printf(
"smtp parser in inconsistent state\n");
2406 STREAM_TOSERVER, request2, request2_len);
2408 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2414 printf(
"smtp parser in inconsistent state\n");
2419 STREAM_TOCLIENT, reply2, reply2_len);
2421 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2426 printf(
"smtp parser in inconsistent state\n");
2431 STREAM_TOSERVER, request3, request3_len);
2433 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2439 printf(
"smtp parser in inconsistent state\n");
2444 STREAM_TOCLIENT, reply3, reply3_len);
2446 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2451 printf(
"smtp parser in inconsistent state\n");
2456 STREAM_TOSERVER, request4, request4_len);
2458 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2464 printf(
"smtp parser in inconsistent state\n");
2469 STREAM_TOCLIENT, reply4, reply4_len);
2471 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2477 printf(
"smtp parser in inconsistent state\n");
2482 STREAM_TOSERVER, request5_1, request5_1_len);
2484 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2491 printf(
"smtp parser in inconsistent state\n");
2496 STREAM_TOSERVER, request5_2, request5_2_len);
2498 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2505 printf(
"smtp parser in inconsistent state\n");
2510 STREAM_TOSERVER, request5_3, request5_3_len);
2512 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2519 printf(
"smtp parser in inconsistent state\n");
2524 STREAM_TOSERVER, request5_4, request5_4_len);
2526 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2533 printf(
"smtp parser in inconsistent state\n");
2538 STREAM_TOSERVER, request5_5, request5_5_len);
2540 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2546 printf(
"smtp parser in inconsistent state\n");
2551 STREAM_TOCLIENT, reply5, reply5_len);
2553 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2558 printf(
"smtp parser in inconsistent state\n");
2563 STREAM_TOSERVER, request6, request6_len);
2565 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2571 printf(
"smtp parser in inconsistent state\n");
2576 STREAM_TOCLIENT, reply6, reply6_len);
2578 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2583 printf(
"smtp parser in inconsistent state\n");
2588 STREAM_TOSERVER, request7, request7_len);
2590 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2596 printf(
"smtp parser in inconsistent state\n");
2601 STREAM_TOCLIENT, reply7, reply7_len);
2603 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2608 printf(
"smtp parser in inconsistent state\n");
2613 STREAM_TOSERVER, request8, request8_len);
2615 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2621 printf(
"smtp parser in inconsistent state\n");
2626 STREAM_TOCLIENT, reply8, reply8_len);
2628 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2634 printf(
"smtp parser in inconsistent state\n");
2639 STREAM_TOSERVER, request9_1, request9_1_len);
2641 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2648 printf(
"smtp parser in inconsistent state\n");
2653 STREAM_TOSERVER, request9_2, request9_2_len);
2655 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2662 printf(
"smtp parser in inconsistent state\n");
2667 STREAM_TOSERVER, request9_3, request9_3_len);
2669 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2676 printf(
"smtp parser in inconsistent state\n");
2681 STREAM_TOSERVER, request9_4, request9_4_len);
2683 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2690 printf(
"smtp parser in inconsistent state\n");
2695 STREAM_TOSERVER, request9_5, request9_5_len);
2697 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2703 printf(
"smtp parser in inconsistent state\n");
2708 STREAM_TOCLIENT, reply9, reply9_len);
2710 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2715 printf(
"smtp parser in inconsistent state\n");
2720 STREAM_TOSERVER, request10, request10_len);
2722 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2728 printf(
"smtp parser in inconsistent state\n");
2733 STREAM_TOCLIENT, reply10, reply10_len);
2735 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2740 printf(
"smtp parser in inconsistent state\n");
2756 static int SMTPParserTest03(
void)
2763 uint8_t welcome_reply[] = {
2764 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2765 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2766 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2767 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2768 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2769 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2771 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2774 uint8_t request1[] = {
2775 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2776 0x2e, 0x63, 0x6f, 0x6d, 0x0a
2778 uint32_t request1_len =
sizeof(request1);
2788 uint8_t reply1[] = {
2789 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2790 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2791 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2792 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2793 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
2794 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
2795 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2796 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2797 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2798 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2799 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2800 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2801 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2802 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2803 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2804 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2805 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2807 uint32_t reply1_len =
sizeof(reply1);
2814 uint8_t request2[] = {
2815 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2816 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2817 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2818 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
2819 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2820 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2821 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
2822 0x49, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74,
2823 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x0d, 0x0a,
2825 uint32_t request2_len =
sizeof(request2);
2830 uint8_t reply2[] = {
2831 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2832 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a, 0x32, 0x35,
2833 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e, 0x35, 0x20,
2834 0x4f, 0x6b, 0x0d, 0x0a, 0x33, 0x35, 0x34, 0x20,
2835 0x45, 0x6e, 0x64, 0x20, 0x64, 0x61, 0x74, 0x61,
2836 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x3c, 0x43,
2837 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x2e, 0x3c,
2838 0x43, 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x0d,
2841 uint32_t reply2_len =
sizeof(reply2);
2846 memset(&f, 0,
sizeof(f));
2847 memset(&ssn, 0,
sizeof(ssn));
2851 f.
proto = IPPROTO_TCP;
2855 SMTPTestInitConfig();
2858 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2860 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2864 if (smtp_state == NULL) {
2865 printf(
"no smtp state: ");
2870 printf(
"smtp parser in inconsistent state\n");
2875 STREAM_TOSERVER, request1, request1_len);
2877 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2883 printf(
"smtp parser in inconsistent state\n");
2888 STREAM_TOCLIENT, reply1, reply1_len);
2890 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2896 printf(
"smtp parser in inconsistent state\n");
2901 STREAM_TOSERVER, request2, request2_len);
2903 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2913 printf(
"smtp parser in inconsistent state\n");
2918 STREAM_TOCLIENT, reply2, reply2_len);
2920 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2927 printf(
"smtp parser in inconsistent state\n");
2943 static int SMTPParserTest04(
void)
2950 uint8_t welcome_reply[] = {
2951 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2952 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2953 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2954 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2955 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2956 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2958 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2961 uint8_t request1[] = {
2962 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2963 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2964 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2965 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2966 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2967 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2969 uint32_t request1_len =
sizeof(request1);
2974 memset(&f, 0,
sizeof(f));
2975 memset(&ssn, 0,
sizeof(ssn));
2979 f.
proto = IPPROTO_TCP;
2983 SMTPTestInitConfig();
2986 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2988 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2992 if (smtp_state == NULL) {
2993 printf(
"no smtp state: ");
2998 printf(
"smtp parser in inconsistent state\n");
3003 STREAM_TOSERVER, request1, request1_len);
3005 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3011 printf(
"smtp parser in inconsistent state\n");
3027 static int SMTPParserTest05(
void)
3034 uint8_t welcome_reply[] = {
3035 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
3036 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3037 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3038 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
3039 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
3040 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
3042 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3045 uint8_t request1[] = {
3046 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3047 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3049 uint32_t request1_len =
sizeof(request1);
3059 uint8_t reply1[] = {
3060 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3061 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3062 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3063 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3064 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
3065 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
3066 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3067 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3068 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3069 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3070 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3071 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3072 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3073 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3074 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3075 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3076 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3078 uint32_t reply1_len =
sizeof(reply1);
3081 uint8_t request2[] = {
3082 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3085 uint32_t request2_len =
sizeof(request2);
3087 uint8_t reply2[] = {
3088 0x35, 0x30, 0x32, 0x20, 0x35, 0x2e, 0x35, 0x2e,
3089 0x32, 0x20, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x3a,
3090 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64,
3091 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x63,
3092 0x6f, 0x67, 0x6e, 0x69, 0x7a, 0x65, 0x64, 0x0d,
3095 uint32_t reply2_len =
sizeof(reply2);
3098 uint8_t request3[] = {
3099 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3102 uint32_t request3_len =
sizeof(request3);
3104 uint8_t reply3[] = {
3105 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3106 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3108 uint32_t reply3_len =
sizeof(reply3);
3113 memset(&f, 0,
sizeof(f));
3114 memset(&ssn, 0,
sizeof(ssn));
3118 f.
proto = IPPROTO_TCP;
3122 SMTPTestInitConfig();
3125 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3127 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3131 if (smtp_state == NULL) {
3132 printf(
"no smtp state: ");
3137 printf(
"smtp parser in inconsistent state\n");
3142 STREAM_TOSERVER, request1, request1_len);
3144 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3150 printf(
"smtp parser in inconsistent state\n");
3155 STREAM_TOCLIENT, reply1, reply1_len);
3157 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3163 printf(
"smtp parser in inconsistent state\n");
3168 STREAM_TOSERVER, request2, request2_len);
3170 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3177 printf(
"smtp parser in inconsistent state\n");
3182 STREAM_TOCLIENT, reply2, reply2_len);
3184 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3190 printf(
"smtp parser in inconsistent state\n");
3202 STREAM_TOSERVER, request3, request3_len);
3204 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3211 printf(
"smtp parser in inconsistent state\n");
3216 STREAM_TOCLIENT, reply3, reply3_len);
3218 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3224 printf(
"smtp parser in inconsistent state\n");
3240 static int SMTPParserTest06(
void)
3246 uint8_t welcome_reply[] = {
3247 0x32, 0x32, 0x30, 0x20, 0x62, 0x61, 0x79, 0x30,
3248 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3249 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3250 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3251 0x6d, 0x20, 0x53, 0x65, 0x6e, 0x64, 0x69, 0x6e,
3252 0x67, 0x20, 0x75, 0x6e, 0x73, 0x6f, 0x6c, 0x69,
3253 0x63, 0x69, 0x74, 0x65, 0x64, 0x20, 0x63, 0x6f,
3254 0x6d, 0x6d, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6c,
3255 0x20, 0x6f, 0x72, 0x20, 0x62, 0x75, 0x6c, 0x6b,
3256 0x20, 0x65, 0x2d, 0x6d, 0x61, 0x69, 0x6c, 0x20,
3257 0x74, 0x6f, 0x20, 0x4d, 0x69, 0x63, 0x72, 0x6f,
3258 0x73, 0x6f, 0x66, 0x74, 0x27, 0x73, 0x20, 0x63,
3259 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72, 0x20,
3260 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x20,
3261 0x69, 0x73, 0x20, 0x70, 0x72, 0x6f, 0x68, 0x69,
3262 0x62, 0x69, 0x74, 0x65, 0x64, 0x2e, 0x20, 0x4f,
3263 0x74, 0x68, 0x65, 0x72, 0x20, 0x72, 0x65, 0x73,
3264 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e,
3265 0x73, 0x20, 0x61, 0x72, 0x65, 0x20, 0x66, 0x6f,
3266 0x75, 0x6e, 0x64, 0x20, 0x61, 0x74, 0x20, 0x68,
3267 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x70, 0x72,
3268 0x69, 0x76, 0x61, 0x63, 0x79, 0x2e, 0x6d, 0x73,
3269 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x6e,
3270 0x74, 0x69, 0x2d, 0x73, 0x70, 0x61, 0x6d, 0x2f,
3271 0x2e, 0x20, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74,
3272 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x77, 0x69, 0x6c,
3273 0x6c, 0x20, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74,
3274 0x20, 0x69, 0x6e, 0x20, 0x75, 0x73, 0x65, 0x20,
3275 0x6f, 0x66, 0x20, 0x65, 0x71, 0x75, 0x69, 0x70,
3276 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6c, 0x6f, 0x63,
3277 0x61, 0x74, 0x65, 0x64, 0x20, 0x69, 0x6e, 0x20,
3278 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e,
3279 0x69, 0x61, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x6f,
3280 0x74, 0x68, 0x65, 0x72, 0x20, 0x73, 0x74, 0x61,
3281 0x74, 0x65, 0x73, 0x2e, 0x20, 0x46, 0x72, 0x69,
3282 0x2c, 0x20, 0x31, 0x36, 0x20, 0x46, 0x65, 0x62,
3283 0x20, 0x32, 0x30, 0x30, 0x37, 0x20, 0x30, 0x35,
3284 0x3a, 0x30, 0x33, 0x3a, 0x32, 0x33, 0x20, 0x2d,
3285 0x30, 0x38, 0x30, 0x30, 0x20, 0x0d, 0x0a
3287 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3289 uint8_t request1[] = {
3290 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x45, 0x58, 0x43,
3291 0x48, 0x41, 0x4e, 0x47, 0x45, 0x32, 0x2e, 0x63,
3292 0x67, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x6d, 0x69,
3293 0x61, 0x6d, 0x69, 0x2e, 0x65, 0x64, 0x75, 0x0d,
3296 uint32_t request1_len =
sizeof(request1);
3298 uint8_t reply1[] = {
3299 0x32, 0x35, 0x30, 0x2d, 0x62, 0x61, 0x79, 0x30,
3300 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3301 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3302 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3303 0x6d, 0x20, 0x28, 0x33, 0x2e, 0x33, 0x2e, 0x31,
3304 0x2e, 0x34, 0x29, 0x20, 0x48, 0x65, 0x6c, 0x6c,
3305 0x6f, 0x20, 0x5b, 0x31, 0x32, 0x39, 0x2e, 0x31,
3306 0x37, 0x31, 0x2e, 0x33, 0x32, 0x2e, 0x35, 0x39,
3307 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53,
3308 0x49, 0x5a, 0x45, 0x20, 0x32, 0x39, 0x36, 0x39,
3309 0x36, 0x30, 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35,
3310 0x30, 0x2d, 0x38, 0x62, 0x69, 0x74, 0x6d, 0x69,
3311 0x6d, 0x65, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3312 0x42, 0x49, 0x4e, 0x41, 0x52, 0x59, 0x4d, 0x49,
3313 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3314 0x43, 0x48, 0x55, 0x4e, 0x4b, 0x49, 0x4e, 0x47,
3315 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3316 0x54, 0x48, 0x20, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3317 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3318 0x54, 0x48, 0x3d, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3319 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20, 0x4f, 0x4b,
3322 uint32_t reply1_len =
sizeof(reply1);
3325 uint8_t request2[] = {
3326 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3327 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3328 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3331 uint32_t request2_len =
sizeof(request2);
3333 uint8_t reply2[] = {
3334 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3335 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3337 uint32_t reply2_len =
sizeof(reply2);
3340 uint8_t request3[] = {
3341 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3342 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3343 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3346 uint32_t request3_len =
sizeof(request3);
3348 uint8_t reply3[] = {
3349 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3350 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3352 uint32_t reply3_len =
sizeof(reply3);
3355 uint8_t request4[] = {
3356 0x42, 0x44, 0x41, 0x54, 0x20, 0x35, 0x31, 0x0d,
3359 uint32_t request4_len =
sizeof(request4);
3361 uint8_t request5[] = {
3362 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3363 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3364 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3365 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x0d, 0x0a,
3367 uint32_t request5_len =
sizeof(request5);
3369 uint8_t request6[] = {
3370 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3371 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3374 uint32_t request6_len =
sizeof(request6);
3379 memset(&f, 0,
sizeof(f));
3380 memset(&ssn, 0,
sizeof(ssn));
3384 f.
proto = IPPROTO_TCP;
3388 SMTPTestInitConfig();
3391 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3393 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3397 if (smtp_state == NULL) {
3398 printf(
"no smtp state: ");
3403 printf(
"smtp parser in inconsistent state\n");
3408 STREAM_TOSERVER, request1, request1_len);
3410 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3416 printf(
"smtp parser in inconsistent state\n");
3421 STREAM_TOCLIENT, reply1, reply1_len);
3423 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3428 printf(
"smtp parser in inconsistent state\n");
3433 STREAM_TOSERVER, request2, request2_len);
3435 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3441 printf(
"smtp parser in inconsistent state\n");
3446 STREAM_TOCLIENT, reply2, reply2_len);
3448 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3453 printf(
"smtp parser in inconsistent state\n");
3458 STREAM_TOSERVER, request3, request3_len);
3460 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3466 printf(
"smtp parser in inconsistent state\n");
3471 STREAM_TOCLIENT, reply3, reply3_len);
3473 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3478 printf(
"smtp parser in inconsistent state\n");
3483 STREAM_TOSERVER, request4, request4_len);
3485 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3493 printf(
"smtp parser in inconsistent state\n");
3498 STREAM_TOSERVER, request5, request5_len);
3500 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3507 printf(
"smtp parser in inconsistent state\n");
3512 STREAM_TOSERVER, request6, request6_len);
3514 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3520 printf(
"smtp parser in inconsistent state\n");
3533 static int SMTPParserTest12(
void)
3547 uint8_t request1[] = {
3548 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3549 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3551 int32_t request1_len =
sizeof(request1);
3555 uint8_t reply1[] = {
3556 0x31, 0x38, 0x38, 0x0d, 0x0a,
3558 uint32_t reply1_len =
sizeof(reply1);
3562 memset(&th_v, 0,
sizeof(th_v));
3563 memset(&f, 0,
sizeof(f));
3564 memset(&ssn, 0,
sizeof(ssn));
3570 f.
proto = IPPROTO_TCP;
3579 SMTPTestInitConfig();
3588 "(msg:\"SMTP event handling\"; "
3589 "app-layer-event: smtp.invalid_reply; "
3598 STREAM_TOSERVER | STREAM_START, request1,
3601 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3606 if (smtp_state == NULL) {
3607 printf(
"no smtp state: ");
3615 printf(
"sid 1 matched. It shouldn't match: ");
3620 STREAM_TOCLIENT | STREAM_TOCLIENT, reply1,
3623 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3631 printf(
"sid 1 didn't match. Should have matched: ");
3652 static int SMTPParserTest13(
void)
3666 uint8_t request1[] = {
3667 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3668 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3670 int32_t request1_len =
sizeof(request1);
3674 uint8_t reply1[] = {
3675 0x32, 0x35, 0x30, 0x0d, 0x0a,
3677 uint32_t reply1_len =
sizeof(reply1);
3684 uint8_t request2[] = {
3685 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3686 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3687 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3688 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
3689 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3690 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3691 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
3692 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3695 uint32_t request2_len =
sizeof(request2);
3699 memset(&th_v, 0,
sizeof(th_v));
3700 memset(&f, 0,
sizeof(f));
3701 memset(&ssn, 0,
sizeof(ssn));
3707 f.
proto = IPPROTO_TCP;
3716 SMTPTestInitConfig();
3725 "(msg:\"SMTP event handling\"; "
3727 "smtp.invalid_pipelined_sequence; "
3736 STREAM_TOSERVER | STREAM_START, request1,
3739 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3744 if (smtp_state == NULL) {
3745 printf(
"no smtp state: ");
3753 printf(
"sid 1 matched. It shouldn't match: ");
3758 STREAM_TOCLIENT, reply1, reply1_len);
3760 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3768 printf(
"sid 1 matched. It shouldn't match: ");
3773 STREAM_TOSERVER, request2, request2_len);
3775 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3783 printf(
"sid 1 didn't match. Should have matched: ");
3807 static int SMTPParserTest14(
void)
3814 static uint8_t welcome_reply[] = {
3815 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
3816 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
3817 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
3818 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
3819 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
3822 static uint32_t welcome_reply_len =
sizeof(welcome_reply);
3825 static uint8_t request1[] = {
3826 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3827 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3829 static uint32_t request1_len =
sizeof(request1);
3836 static uint8_t reply1[] = {
3837 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3838 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3839 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3840 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3841 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3842 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3843 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3844 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3845 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3846 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3847 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3848 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3849 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3850 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3851 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3853 static uint32_t reply1_len =
sizeof(reply1);
3856 static uint8_t request2[] = {
3857 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3858 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3859 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3862 static uint32_t request2_len =
sizeof(request2);
3864 static uint8_t reply2[] = {
3865 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3866 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3868 static uint32_t reply2_len =
sizeof(reply2);
3871 static uint8_t request3[] = {
3872 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3873 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3874 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3877 static uint32_t request3_len =
sizeof(request3);
3879 static uint8_t reply3[] = {
3880 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3881 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3883 static uint32_t reply3_len =
sizeof(reply3);
3886 static uint8_t request4[] = {
3887 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
3889 static uint32_t request4_len =
sizeof(request4);
3891 static uint8_t reply4[] = {
3892 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
3893 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
3894 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
3895 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
3896 0x4c, 0x46, 0x3e, 0x0d, 0x0a
3898 static uint32_t reply4_len =
sizeof(reply4);
3901 static uint64_t filesize = 133;
3902 static uint8_t request4_msg[] = {
3903 0x4D, 0x49, 0x4D, 0x45, 0x2D, 0x56, 0x65, 0x72,
3904 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20, 0x31, 0x2E,
3905 0x30, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3906 0x6E, 0x74, 0x2D, 0x54, 0x79, 0x70, 0x65, 0x3A,
3907 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61,
3908 0x74, 0x69, 0x6F, 0x6E, 0x2F, 0x6F, 0x63, 0x74,
3909 0x65, 0x74, 0x2D, 0x73, 0x74, 0x72, 0x65, 0x61,
3910 0x6D, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3911 0x6E, 0x74, 0x2D, 0x54, 0x72, 0x61, 0x6E, 0x73,
3912 0x66, 0x65, 0x72, 0x2D, 0x45, 0x6E, 0x63, 0x6F,
3913 0x64, 0x69, 0x6E, 0x67, 0x3A, 0x20, 0x62, 0x61,
3914 0x73, 0x65, 0x36, 0x34, 0x0D, 0x0A, 0x43, 0x6F,
3915 0x6E, 0x74, 0x65, 0x6E, 0x74, 0x2D, 0x44, 0x69,
3916 0x73, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x69, 0x6F,
3917 0x6E, 0x3A, 0x20, 0x61, 0x74, 0x74, 0x61, 0x63,
3918 0x68, 0x6D, 0x65, 0x6E, 0x74, 0x3B, 0x20, 0x66,
3919 0x69, 0x6C, 0x65, 0x6E, 0x61, 0x6D, 0x65, 0x3D,
3920 0x22, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x65, 0x78,
3921 0x65, 0x22, 0x3B, 0x0D, 0x0A, 0x0D, 0x0A, 0x54,
3922 0x56, 0x6F, 0x41, 0x41, 0x46, 0x42, 0x46, 0x41,
3923 0x41, 0x42, 0x4D, 0x41, 0x51, 0x45, 0x41, 0x61,
3924 0x69, 0x70, 0x59, 0x77, 0x77, 0x41, 0x41, 0x41,
3925 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3926 0x41, 0x41, 0x44, 0x41, 0x51, 0x73, 0x42, 0x43,
3927 0x41, 0x41, 0x42, 0x41, 0x41, 0x43, 0x41, 0x41,
3928 0x41, 0x41, 0x41, 0x41, 0x48, 0x6B, 0x41, 0x41,
3929 0x41, 0x41, 0x4D, 0x41, 0x41, 0x41, 0x41, 0x65,
3930 0x51, 0x41, 0x41, 0x41, 0x41, 0x77, 0x41, 0x41,
3931 0x41, 0x41, 0x41, 0x41, 0x45, 0x41, 0x41, 0x42,
3932 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3933 0x41, 0x42, 0x30, 0x41, 0x41, 0x41, 0x41, 0x49,
3934 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3935 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3936 0x41, 0x45, 0x41, 0x41, 0x49, 0x67, 0x41, 0x41,
3937 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3938 0x67, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3939 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3940 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3941 0x41, 0x42, 0x63, 0x58, 0x44, 0x59, 0x32, 0x4C,
3942 0x6A, 0x6B, 0x7A, 0x4C, 0x6A, 0x59, 0x34, 0x4C,
3943 0x6A, 0x5A, 0x63, 0x65, 0x67, 0x41, 0x41, 0x4F,
3944 0x41, 0x3D, 0x3D, 0x0D,0x0A };
3945 static uint32_t request4_msg_len =
sizeof(request4_msg);
3948 static uint8_t request4_end[] = {
3949 0x0d, 0x0a, 0x2e, 0x0d, 0x0a
3951 static uint32_t request4_end_len =
sizeof(request4_end);
3953 static uint8_t reply4_end[] = {
3954 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3955 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
3956 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
3957 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
3958 0x46, 0x32, 0x0d, 0x0a
3960 static uint32_t reply4_end_len =
sizeof(reply4_end);
3963 static uint8_t request5[] = {
3964 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3966 static uint32_t request5_len =
sizeof(request5);
3968 static uint8_t reply5[] = {
3969 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3970 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3972 static uint32_t reply5_len =
sizeof(reply5);
3977 memset(&f, 0,
sizeof(f));
3978 memset(&ssn, 0,
sizeof(ssn));
3982 f.
proto = IPPROTO_TCP;
3986 SMTPTestInitConfig();
3990 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3992 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3996 if (smtp_state == NULL) {
3997 printf(
"no smtp state: ");
4002 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4007 STREAM_TOSERVER, request1, request1_len);
4009 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4015 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4021 STREAM_TOCLIENT, reply1, reply1_len);
4023 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4027 if ((smtp_state->
helo_len != 7) || strncmp(
"boo.com", (
char *)smtp_state->
helo, 7)) {
4028 printf(
"incorrect parsing of HELO field '%s' (%d)\n", smtp_state->
helo, smtp_state->
helo_len);
4034 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4040 STREAM_TOSERVER, request2, request2_len);
4042 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4048 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4054 STREAM_TOCLIENT, reply2, reply2_len);
4056 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4062 printf(
"incorrect parsing of MAIL FROM field '%s' (%d)\n",
4070 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4076 STREAM_TOSERVER, request3, request3_len);
4078 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4084 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4090 STREAM_TOCLIENT, reply3, reply3_len);
4092 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4097 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4103 SCMimeSmtpConfigDecodeBase64(1);
4104 SCMimeSmtpConfigDecodeQuoted(1);
4108 STREAM_TOSERVER, request4, request4_len);
4110 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4117 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4123 STREAM_TOCLIENT, reply4, reply4_len);
4125 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4131 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4137 STREAM_TOSERVER, request4_msg, request4_msg_len);
4139 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4147 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4153 STREAM_TOSERVER, request4_end, request4_end_len);
4155 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4163 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4172 if (files != NULL && files->
head != NULL) {
4175 if(strncmp((
const char *)file->
name,
"test.exe", 8) != 0){
4176 printf(
"smtp-mime file name is incorrect");
4180 printf(
"smtp-mime file size %"PRIu64
" is incorrect",
FileDataSize(file));
4183 static uint8_t org_binary[] = {
4184 0x4D, 0x5A, 0x00, 0x00, 0x50, 0x45, 0x00, 0x00,
4185 0x4C, 0x01, 0x01, 0x00, 0x6A, 0x2A, 0x58, 0xC3,
4186 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4187 0x04, 0x00, 0x03, 0x01, 0x0B, 0x01, 0x08, 0x00,
4188 0x01, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
4189 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4190 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4191 0x00, 0x00, 0x40, 0x00, 0x04, 0x00, 0x00, 0x00,
4192 0x04, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00,
4193 0x20, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
4194 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4195 0x88, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4196 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4197 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4198 0x00, 0x00, 0x00, 0x00, 0x5C, 0x5C, 0x36, 0x36,
4199 0x2E, 0x39, 0x33, 0x2E, 0x36, 0x38, 0x2E, 0x36,
4200 0x5C, 0x7A, 0x00, 0x00, 0x38,};
4203 org_binary,
sizeof(org_binary)) != 1)
4205 printf(
"smtp-mime file data incorrect\n");
4212 STREAM_TOCLIENT, reply4_end, reply4_end_len);
4214 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4219 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4225 STREAM_TOSERVER, request5, request5_len);
4227 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4233 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4239 STREAM_TOCLIENT, reply5, reply5_len);
4241 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4246 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);