58 #define FILEDATA_CONTENT_LIMIT 100000
60 #define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
62 #define FILEDATA_CONTENT_INSPECT_WINDOW 4096
65 #define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
67 #define SMTP_COMMAND_BUFFER_STEPS 5
74 #define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
76 #define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04
78 #define SMTP_PARSER_STATE_PARSING_MULTILINE_REPLY 0x08
80 #define SMTP_PARSER_STATE_PIPELINING_SERVER 0x10
86 #define SMTP_COMMAND_STARTTLS 1
87 #define SMTP_COMMAND_DATA 2
88 #define SMTP_COMMAND_BDAT 3
93 #define SMTP_COMMAND_DATA_MODE 4
95 #define SMTP_COMMAND_OTHER_CMD 5
96 #define SMTP_COMMAND_RSET 6
98 #define SMTP_DEFAULT_MAX_TX 256
173 static int SMTPGetFrameIdByName(
const char *frame_name)
182 static const char *SMTPGetFrameNameById(
const uint8_t frame_id)
193 #define SMTP_MPM mpm_default_matcher
195 static MpmCtx *smtp_mpm_ctx = NULL;
303 #define SCHEME_SUFFIX_LEN 3
311 static void SMTPConfigure(
void) {
315 uint32_t content_limit = 0;
316 uint32_t content_inspect_min_size = 0;
317 uint32_t content_inspect_window = 0;
320 if (config != NULL) {
321 ConfNode *extract_urls_schemes = NULL;
331 SCMimeSmtpConfigDecodeBase64(val);
336 SCMimeSmtpConfigDecodeQuoted(val);
341 if (imval < 0 || imval > UINT32_MAX) {
342 FatalError(
"Invalid value for header-value-depth");
344 SCMimeSmtpConfigHeaderValueDepth((uint32_t)imval);
349 SCMimeSmtpConfigExtractUrls(val);
356 if (extract_urls_schemes) {
360 size_t scheme_len = strlen(scheme->
val);
362 FatalError(
"Too long value for extract-urls-schemes");
364 if (scheme->
val[scheme_len - 1] !=
'/') {
366 char *new_val =
SCMalloc(scheme_len + 1);
370 int r = snprintf(new_val, scheme_len + 1,
"%s://", scheme->
val);
371 if (r != (
int)scheme_len) {
372 FatalError(
"snprintf failure for SMTP url extraction scheme.");
375 scheme->
val = new_val;
377 int r = SCMimeSmtpConfigExtractUrlsSchemeAdd(scheme->
val);
379 FatalError(
"Failed to add smtp extract url scheme");
385 SCMimeSmtpConfigExtractUrlsSchemeAdd(
"http://");
390 SCMimeSmtpConfigLogUrlScheme(val);
395 SCMimeSmtpConfigBodyMd5(val);
404 if (strcasecmp(
"content-limit", p->
name) == 0) {
412 if (strcasecmp(
"content-inspect-min-size", p->
name) == 0) {
420 if (strcasecmp(
"content-inspect-window", p->
name) == 0) {
432 if (
ConfGetBool(
"app-layer.protocols.smtp.raw-extraction",
437 SCLogError(
"\"decode-mime\" and \"raw-extraction\" "
438 "options can't be enabled at the same time, "
439 "disabling raw extraction");
445 const char *
str = NULL;
446 if (
ConfGet(
"app-layer.protocols.smtp.max-tx", &
str) == 1) {
458 static void SMTPSetEvent(
SMTPState *s, uint8_t e)
481 tx->
tx_data.file_tx = STREAM_TOSERVER;
487 if (tx && tx->
tx_data.de_state) {
488 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW set");
490 }
else if (tx == NULL) {
491 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX");
492 }
else if (tx->
tx_data.de_state == NULL) {
493 SCLogDebug(
"DETECT_ENGINE_STATE_FLAG_FILE_NEW NOT set, no TX DESTATE");
503 if (tx == NULL || file == NULL) {
508 FlagDetectStateNewFile(tx);
540 if (direction == 0 &&
547 }
else if (direction == 1) {
550 if (frame != NULL && state->
curr_tx) {
557 uint8_t *lf_idx = memchr(input->
buf + input->
consumed, 0x0a, input->
len);
560 if (lf_idx == NULL) {
573 uint32_t o_consumed = input->
consumed;
574 input->
consumed = (uint32_t)(lf_idx - input->
buf + 1);
582 line->
buf = input->
buf + o_consumed;
585 frame->
len = (int64_t)line->
len;
593 if (discard_till_lf) {
595 if (direction == 0) {
615 static int SMTPInsertCommandIntoCommandBuffer(uint8_t command,
SMTPState *state)
648 if ((
int)(state->
cmds_cnt + 1) > (
int)USHRT_MAX) {
676 static void SetMimeEvents(
SMTPState *state, uint32_t events)
682 if (events & MIME_ANOM_INVALID_BASE64) {
685 if (events & MIME_ANOM_INVALID_QP) {
688 if (events & MIME_ANOM_LONG_LINE) {
691 if (events & MIME_ANOM_LONG_ENC_LINE) {
694 if (events & MIME_ANOM_LONG_HEADER_NAME) {
697 if (events & MIME_ANOM_LONG_HEADER_VALUE) {
700 if (events & MIME_ANOM_LONG_BOUNDARY) {
703 if (events & MIME_ANOM_LONG_FILENAME) {
708 static inline void SMTPTransactionComplete(
SMTPState *state)
719 static int SMTPProcessCommandDATA(
731 if (line->
len == 1 && line->
buf[0] ==
'.') {
749 SMTPTransactionComplete(state);
764 const uint8_t *filename = NULL;
765 uint16_t filename_len = 0;
770 MimeSmtpParserResult ret = SCSmtpMimeParseLine(
772 SetMimeEvents(state, events);
774 case MimeSmtpFileOpen:
778 if (filename_len == 0) {
785 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
800 case MimeSmtpFileChunk:
809 "StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
820 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %" PRIu32,
825 case MimeSmtpFileClose:
828 SCLogDebug(
"FileCloseFile() failed: %d", ret);
836 SCLogDebug(
"StreamTcpReassemblySetMinInspectDepth STREAM_TOSERVER %u", depth);
845 static inline bool IsReplyToCommand(
const SMTPState *state,
const uint8_t cmd)
851 static int SMTPProcessReply(
872 if (line->
len >= 4) {
874 if (line->
buf[3] !=
'-') {
878 if (line->
buf[3] ==
'-') {
900 SCLogDebug(
"REPLY: reply_code %u / %s", reply_code,
919 SCLogDebug(
"unable to match reply with request");
934 SMTPTransactionComplete(state);
955 SMTPTransactionComplete(state);
969 SCMemcmpLowercase(
"pipelining", line->
buf + 4, 10) == 0) {
988 while (i < line->
len) {
989 if (line->
buf[i] !=
' ') {
998 if (i == line->
len) {
1005 if (line->
len - i <
len) {
1008 memcpy(strbuf, line->
buf + i,
len);
1018 static int SMTPParseCommandWithParam(
SMTPState *state,
const SMTPLine *line, uint8_t prefix_len,
1019 uint8_t **target, uint16_t *target_len)
1021 int i = prefix_len + 1;
1023 while (i < line->
len) {
1024 if (line->
buf[i] !=
' ') {
1033 while (spc_i < line->
len) {
1034 if (line->
buf[spc_i] ==
' ') {
1041 if (*target == NULL)
1043 memcpy(*target, line->
buf + i, spc_i - i);
1044 (*target)[spc_i - i] =
'\0';
1045 if (spc_i - i > UINT16_MAX) {
1046 *target_len = UINT16_MAX;
1049 *target_len = (uint16_t)(spc_i - i);
1061 return SMTPParseCommandWithParam(state, line, 4, &state->
helo, &state->
helo_len);
1070 return SMTPParseCommandWithParam(
1077 uint16_t rcptto_len;
1079 if (SMTPParseCommandWithParam(state, line, 7, &rcptto, &rcptto_len) == 0) {
1082 rcptto_str->
str = rcptto;
1083 rcptto_str->
len = rcptto_len;
1099 if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1101 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"quit", line->
buf, 4) == 0) {
1109 #define rawmsgname "rawmsg"
1128 static int SMTPProcessRequest(
1136 frame->
len = (int64_t)line->
len;
1153 tx = SMTPTransactionCreate(state);
1165 if (frame != NULL && state->
curr_tx) {
1168 tx->
tx_data.updated_ts =
true;
1181 if (line->
len >= 8 && SCMemcmpLowercase(
"starttls", line->
buf, 8) == 0) {
1183 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"data", line->
buf, 4) == 0) {
1209 if (data_frame == NULL) {
1210 SCLogDebug(
"data_frame %p - no data frame set up", data_frame);
1219 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"bdat", line->
buf, 4) == 0) {
1220 r = SMTPParseCommandBDAT(state, line);
1226 }
else if (line->
len >= 4 && ((SCMemcmpLowercase(
"helo", line->
buf, 4) == 0) ||
1227 SCMemcmpLowercase(
"ehlo", line->
buf, 4) == 0)) {
1228 r = SMTPParseCommandHELO(state, line);
1233 }
else if (line->
len >= 9 && SCMemcmpLowercase(
"mail from", line->
buf, 9) == 0) {
1234 r = SMTPParseCommandMAILFROM(state, line);
1239 }
else if (line->
len >= 7 && SCMemcmpLowercase(
"rcpt to", line->
buf, 7) == 0) {
1240 r = SMTPParseCommandRCPTTO(state, line);
1245 }
else if (line->
len >= 4 && SCMemcmpLowercase(
"rset", line->
buf, 4) == 0) {
1255 if (SMTPInsertCommandIntoCommandBuffer(state->
current_command, state) == -1) {
1264 return SMTPProcessCommandDATA(state, tx, f, line);
1267 return SMTPProcessCommandBDAT(state, line);
1276 static inline void ResetLine(
SMTPLine *line)
1305 static int SMTPPreProcessCommands(
1317 bool line_complete =
false;
1318 const int32_t input_len = input->
len;
1320 for (int32_t i = 0; i < input_len; i++) {
1322 if (i < input_len - 1 && input->buf[
offset + i + 1] == 0x0a) {
1328 line_complete =
true;
1329 }
else if (input->
buf[
offset + i] == 0x0a) {
1332 line_complete =
true;
1335 if (line_complete || (i == input_len - 1)) {
1342 SCLogDebug(
"Possible boundary, yield to GetLine");
1346 int32_t total_consumed =
offset + i + 1;
1347 int32_t current_line_consumed = total_consumed - input->
consumed;
1352 if (line->
len < 0) {
1357 input->
len -= current_line_consumed;
1359 if (SMTPProcessRequest(state, f, input, line, slice) == -1) {
1362 line_complete =
false;
1380 static AppLayerResult SMTPParse(uint8_t direction,
Flow *f,
SMTPState *state,
1385 const uint8_t *input_buf = StreamSliceGetData(&stream_slice);
1386 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
1388 if (input_buf == NULL &&
1393 }
else if (input_buf == NULL || input_len == 0) {
1397 SMTPInput input = { .
buf = input_buf, .len = input_len, .orig_len = input_len, .consumed = 0 };
1398 SMTPLine line = { NULL, 0, 0,
false };
1401 if (direction == 0) {
1405 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1409 }
else if (ret < 0) {
1413 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1414 while (res.status == 0) {
1415 int retval = SMTPProcessRequest(state, f, &input, &line, &stream_slice);
1436 int ret = SMTPPreProcessCommands(state, f, &stream_slice, &input, &line);
1440 }
else if (ret < 0) {
1444 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1446 if (res.status == 1)
1450 AppLayerResult res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1451 while (res.status == 0) {
1452 if (SMTPProcessReply(state, f, thread_data, &input, &line) != 0)
1462 res = SMTPGetLine(f, &stream_slice, state, &input, &line, direction);
1464 if (res.status == 1)
1472 StreamSlice stream_slice,
void *local_data)
1477 return SMTPParse(0, f, alstate, pstate, stream_slice, local_data);
1481 StreamSlice stream_slice,
void *local_data)
1486 return SMTPParse(1, f, alstate, pstate, stream_slice, local_data);
1501 if (smtp_state->
cmds == NULL) {
1530 static void *SMTPLocalStorageAlloc(
void)
1539 if (td->
pmq == NULL) {
1552 static void SMTPLocalStorageFree(
void *ptr)
1556 if (td->
pmq != NULL) {
1576 if (tx->
tx_data.events != NULL)
1579 if (tx->
tx_data.de_state != NULL)
1588 SMTPStringFree(
str);
1599 static void SMTPStateFree(
void *p)
1603 if (smtp_state->
cmds != NULL) {
1607 if (smtp_state->
helo) {
1612 while ((tx =
TAILQ_FIRST(&smtp_state->tx_list))) {
1614 SMTPTransactionFree(tx, smtp_state);
1620 static void SMTPSetMpmState(
void)
1623 if (
unlikely(smtp_mpm_ctx == NULL)) {
1640 static void SMTPFreeMpmState(
void)
1642 if (smtp_mpm_ctx != NULL) {
1645 smtp_mpm_ctx = NULL;
1649 static int SMTPStateGetEventInfo(
1650 const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)
1653 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1659 static int SMTPStateGetEventInfoById(
1660 uint8_t event_id,
const char **event_name, AppLayerEventType *event_type)
1663 if (*event_name == NULL) {
1665 "smtp's enum map table.",
1671 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
1676 static AppProto SMTPServerProbingParser(
1677 Flow *f, uint8_t direction,
const uint8_t *input, uint32_t
len, uint8_t *rdir)
1684 if (input[0] !=
'2' || input[1] !=
'2' || input[2] !=
'0') {
1688 if (input[3] !=
' ' && input[3] !=
'-') {
1694 if (memchr(input + 4,
'\n',
len - 4) != NULL) {
1705 uint32_t
offset = SCValidateDomain(input + 4,
len - 4);
1716 static int SMTPRegisterPatternsForProtocolDetection(
void)
1719 "EHLO", 4, 0, STREAM_TOSERVER) < 0)
1724 "HELO", 4, 0, STREAM_TOSERVER) < 0)
1729 "QUIT", 4, 0, STREAM_TOSERVER) < 0)
1734 "tcp", IPPROTO_TCP,
"smtp",
ALPROTO_SMTP, 0, 5, NULL, SMTPServerProbingParser)) {
1737 NULL, SMTPServerProbingParser);
1743 static void SMTPStateTransactionFree (
void *state, uint64_t tx_id)
1748 if (tx_id < tx->tx_id)
1750 else if (tx_id > tx->
tx_id)
1753 if (tx == smtp_state->
curr_tx)
1756 SMTPTransactionFree(tx, state);
1764 static uint64_t SMTPStateGetTxCnt(
void *state)
1775 static void *SMTPStateGetTx(
void *state, uint64_t
id)
1781 if (smtp_state->
curr_tx == NULL)
1787 if (tx->
tx_id ==
id)
1794 static int SMTPStateGetAlstateProgress(
void *vtx, uint8_t direction)
1800 static AppLayerGetFileState SMTPGetTxFiles(
void *txv, uint8_t direction)
1805 if (direction & STREAM_TOSERVER) {
1817 static AppLayerStateData *SMTPGetStateData(
void *vstate)
1827 static AppLayerGetTxIterTuple SMTPGetTxIterator(
const uint8_t ipproto,
const AppProto alproto,
1831 AppLayerGetTxIterTuple no_tuple = { NULL, 0,
false };
1834 if (state->
un.
ptr == NULL) {
1840 while (tx_ptr->
tx_id < min_tx_id) {
1846 if (tx_ptr->
tx_id >= max_tx_id) {
1850 AppLayerGetTxIterTuple tuple = {
1853 .has_next = (state->
un.
ptr != NULL),
1866 const char *proto_name =
"smtp";
1870 if (SMTPRegisterPatternsForProtocolDetection() < 0 )
1873 SCLogInfo(
"Protocol detection and parser disabled for %s protocol.",
1882 SMTPParseClientRecord);
1884 SMTPParseServerRecord);
1890 SMTPLocalStorageFree);
1902 IPPROTO_TCP,
ALPROTO_SMTP, SMTPGetFrameIdByName, SMTPGetFrameNameById);
1904 SCLogInfo(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);
1929 static void SMTPTestInitConfig(
void)
1943 static int SMTPParserTest01(
void)
1950 uint8_t welcome_reply[] = {
1951 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
1952 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1953 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
1954 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
1955 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
1958 uint32_t welcome_reply_len =
sizeof(welcome_reply);
1961 uint8_t request1[] = {
1962 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x5b, 0x31, 0x39,
1963 0x32, 0x2e, 0x31, 0x36, 0x38, 0x2e, 0x30, 0x2e,
1964 0x31, 0x35, 0x38, 0x5d, 0x0d, 0x0a
1966 uint32_t request1_len =
sizeof(request1);
1973 uint8_t reply1[] = {
1974 0x32, 0x35, 0x30, 0x2d, 0x6d, 0x78, 0x2e, 0x67,
1975 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
1976 0x6d, 0x20, 0x61, 0x74, 0x20, 0x79, 0x6f, 0x75,
1977 0x72, 0x20, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
1978 0x65, 0x2c, 0x20, 0x5b, 0x31, 0x31, 0x37, 0x2e,
1979 0x31, 0x39, 0x38, 0x2e, 0x31, 0x31, 0x35, 0x2e,
1980 0x35, 0x30, 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30,
1981 0x2d, 0x53, 0x49, 0x5a, 0x45, 0x20, 0x33, 0x35,
1982 0x38, 0x38, 0x32, 0x35, 0x37, 0x37, 0x0d, 0x0a,
1983 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49, 0x54,
1984 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35,
1985 0x30, 0x2d, 0x53, 0x54, 0x41, 0x52, 0x54, 0x54,
1986 0x4c, 0x53, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20,
1987 0x45, 0x4e, 0x48, 0x41, 0x4e, 0x43, 0x45, 0x44,
1988 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x43, 0x4f,
1989 0x44, 0x45, 0x53, 0x0d, 0x0a
1991 uint32_t reply1_len =
sizeof(reply1);
1994 uint8_t request2[] = {
1995 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
1998 uint32_t request2_len =
sizeof(request2);
2000 uint8_t reply2[] = {
2001 0x32, 0x32, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2002 0x30, 0x20, 0x52, 0x65, 0x61, 0x64, 0x79, 0x20,
2003 0x74, 0x6f, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74,
2004 0x20, 0x54, 0x4c, 0x53, 0x0d, 0x0a
2006 uint32_t reply2_len =
sizeof(reply2);
2011 memset(&f, 0,
sizeof(f));
2012 memset(&ssn, 0,
sizeof(ssn));
2016 f.
proto = IPPROTO_TCP;
2020 SMTPTestInitConfig();
2023 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2025 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2029 if (smtp_state == NULL) {
2030 printf(
"no smtp state: ");
2035 printf(
"smtp parser in inconsistent state\n");
2040 STREAM_TOSERVER, request1, request1_len);
2042 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2048 printf(
"smtp parser in inconsistent state\n");
2053 STREAM_TOCLIENT, reply1, reply1_len);
2055 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2060 printf(
"smtp parser in inconsistent state\n");
2065 STREAM_TOSERVER, request2, request2_len);
2067 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2073 printf(
"smtp parser in inconsistent state\n");
2078 STREAM_TOCLIENT, reply2, reply2_len);
2080 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2086 printf(
"smtp parser in inconsistent state\n");
2106 static int SMTPParserTest02(
void)
2113 uint8_t welcome_reply[] = {
2114 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
2115 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
2116 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
2117 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
2118 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
2121 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2124 uint8_t request1[] = {
2125 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2126 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2128 uint32_t request1_len =
sizeof(request1);
2135 uint8_t reply1[] = {
2136 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2137 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2138 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2139 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2140 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2141 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2142 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2143 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2144 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2145 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2146 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2147 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2148 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2149 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2150 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2152 uint32_t reply1_len =
sizeof(reply1);
2155 uint8_t request2[] = {
2156 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2157 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
2158 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2161 uint32_t request2_len =
sizeof(request2);
2163 uint8_t reply2[] = {
2164 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2165 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2167 uint32_t reply2_len =
sizeof(reply2);
2170 uint8_t request3[] = {
2171 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2172 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2173 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2176 uint32_t request3_len =
sizeof(request3);
2178 uint8_t reply3[] = {
2179 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2180 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2182 uint32_t reply3_len =
sizeof(reply3);
2185 uint8_t request4[] = {
2186 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2188 uint32_t request4_len =
sizeof(request4);
2190 uint8_t reply4[] = {
2191 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2192 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2193 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2194 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2195 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2197 uint32_t reply4_len =
sizeof(reply4);
2200 uint8_t request5_1[] = {
2201 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2202 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
2203 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2205 uint32_t request5_1_len =
sizeof(request5_1);
2207 uint8_t request5_2[] = {
2208 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2209 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2210 0x6f, 0x6d, 0x0d, 0x0a
2212 uint32_t request5_2_len =
sizeof(request5_2);
2214 uint8_t request5_3[] = {
2217 uint32_t request5_3_len =
sizeof(request5_3);
2219 uint8_t request5_4[] = {
2220 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2221 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2222 0x6c, 0x31, 0x0d, 0x0a
2224 uint32_t request5_4_len =
sizeof(request5_4);
2226 uint8_t request5_5[] = {
2229 uint32_t request5_5_len =
sizeof(request5_5);
2231 uint8_t reply5[] = {
2232 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2233 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2234 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2235 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
2236 0x46, 0x32, 0x0d, 0x0a
2238 uint32_t reply5_len =
sizeof(reply5);
2241 uint8_t request6[] = {
2242 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2243 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x67, 0x40,
2244 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
2247 uint32_t request6_len =
sizeof(request6);
2249 uint8_t reply6[] = {
2250 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2251 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2253 uint32_t reply6_len =
sizeof(reply6);
2256 uint8_t request7[] = {
2257 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
2258 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
2259 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
2262 uint32_t request7_len =
sizeof(request7);
2264 uint8_t reply7[] = {
2265 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2266 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
2268 uint32_t reply7_len =
sizeof(reply7);
2271 uint8_t request8[] = {
2272 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
2274 uint32_t request8_len =
sizeof(request8);
2276 uint8_t reply8[] = {
2277 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
2278 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
2279 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
2280 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
2281 0x4c, 0x46, 0x3e, 0x0d, 0x0a
2283 uint32_t reply8_len =
sizeof(reply8);
2286 uint8_t request9_1[] = {
2287 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
2288 0x66, 0x67, 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c,
2289 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
2291 uint32_t request9_1_len =
sizeof(request9_1);
2293 uint8_t request9_2[] = {
2294 0x54, 0x4f, 0x3a, 0x62, 0x69, 0x6d, 0x62, 0x73,
2295 0x40, 0x67, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
2296 0x6f, 0x6d, 0x0d, 0x0a
2298 uint32_t request9_2_len =
sizeof(request9_2);
2300 uint8_t request9_3[] = {
2303 uint32_t request9_3_len =
sizeof(request9_3);
2305 uint8_t request9_4[] = {
2306 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
2307 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x61, 0x69,
2308 0x6c, 0x32, 0x0d, 0x0a
2310 uint32_t request9_4_len =
sizeof(request9_4);
2312 uint8_t request9_5[] = {
2315 uint32_t request9_5_len =
sizeof(request9_5);
2317 uint8_t reply9[] = {
2318 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2319 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
2320 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
2321 0x32, 0x38, 0x43, 0x46, 0x46, 0x32, 0x30, 0x42,
2322 0x46, 0x32, 0x0d, 0x0a
2324 uint32_t reply9_len =
sizeof(reply9);
2327 uint8_t request10[] = {
2328 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
2330 uint32_t request10_len =
sizeof(request10);
2332 uint8_t reply10[] = {
2333 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
2334 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
2336 uint32_t reply10_len =
sizeof(reply10);
2341 memset(&f, 0,
sizeof(f));
2342 memset(&ssn, 0,
sizeof(ssn));
2346 f.
proto = IPPROTO_TCP;
2350 SMTPTestInitConfig();
2353 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2355 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2359 if (smtp_state == NULL) {
2360 printf(
"no smtp state: ");
2365 printf(
"smtp parser in inconsistent state\n");
2370 STREAM_TOSERVER, request1, request1_len);
2372 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2378 printf(
"smtp parser in inconsistent state\n");
2383 STREAM_TOCLIENT, reply1, reply1_len);
2385 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2390 printf(
"smtp parser in inconsistent state\n");
2395 STREAM_TOSERVER, request2, request2_len);
2397 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2403 printf(
"smtp parser in inconsistent state\n");
2408 STREAM_TOCLIENT, reply2, reply2_len);
2410 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2415 printf(
"smtp parser in inconsistent state\n");
2420 STREAM_TOSERVER, request3, request3_len);
2422 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2428 printf(
"smtp parser in inconsistent state\n");
2433 STREAM_TOCLIENT, reply3, reply3_len);
2435 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2440 printf(
"smtp parser in inconsistent state\n");
2445 STREAM_TOSERVER, request4, request4_len);
2447 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2453 printf(
"smtp parser in inconsistent state\n");
2458 STREAM_TOCLIENT, reply4, reply4_len);
2460 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2466 printf(
"smtp parser in inconsistent state\n");
2471 STREAM_TOSERVER, request5_1, request5_1_len);
2473 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2480 printf(
"smtp parser in inconsistent state\n");
2485 STREAM_TOSERVER, request5_2, request5_2_len);
2487 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2494 printf(
"smtp parser in inconsistent state\n");
2499 STREAM_TOSERVER, request5_3, request5_3_len);
2501 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2508 printf(
"smtp parser in inconsistent state\n");
2513 STREAM_TOSERVER, request5_4, request5_4_len);
2515 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2522 printf(
"smtp parser in inconsistent state\n");
2527 STREAM_TOSERVER, request5_5, request5_5_len);
2529 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2535 printf(
"smtp parser in inconsistent state\n");
2540 STREAM_TOCLIENT, reply5, reply5_len);
2542 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2547 printf(
"smtp parser in inconsistent state\n");
2552 STREAM_TOSERVER, request6, request6_len);
2554 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2560 printf(
"smtp parser in inconsistent state\n");
2565 STREAM_TOCLIENT, reply6, reply6_len);
2567 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2572 printf(
"smtp parser in inconsistent state\n");
2577 STREAM_TOSERVER, request7, request7_len);
2579 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2585 printf(
"smtp parser in inconsistent state\n");
2590 STREAM_TOCLIENT, reply7, reply7_len);
2592 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2597 printf(
"smtp parser in inconsistent state\n");
2602 STREAM_TOSERVER, request8, request8_len);
2604 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2610 printf(
"smtp parser in inconsistent state\n");
2615 STREAM_TOCLIENT, reply8, reply8_len);
2617 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2623 printf(
"smtp parser in inconsistent state\n");
2628 STREAM_TOSERVER, request9_1, request9_1_len);
2630 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2637 printf(
"smtp parser in inconsistent state\n");
2642 STREAM_TOSERVER, request9_2, request9_2_len);
2644 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2651 printf(
"smtp parser in inconsistent state\n");
2656 STREAM_TOSERVER, request9_3, request9_3_len);
2658 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2665 printf(
"smtp parser in inconsistent state\n");
2670 STREAM_TOSERVER, request9_4, request9_4_len);
2672 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2679 printf(
"smtp parser in inconsistent state\n");
2684 STREAM_TOSERVER, request9_5, request9_5_len);
2686 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2692 printf(
"smtp parser in inconsistent state\n");
2697 STREAM_TOCLIENT, reply9, reply9_len);
2699 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2704 printf(
"smtp parser in inconsistent state\n");
2709 STREAM_TOSERVER, request10, request10_len);
2711 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2717 printf(
"smtp parser in inconsistent state\n");
2722 STREAM_TOCLIENT, reply10, reply10_len);
2724 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2729 printf(
"smtp parser in inconsistent state\n");
2745 static int SMTPParserTest03(
void)
2752 uint8_t welcome_reply[] = {
2753 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2754 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2755 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2756 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2757 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2758 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2760 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2763 uint8_t request1[] = {
2764 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
2765 0x2e, 0x63, 0x6f, 0x6d, 0x0a
2767 uint32_t request1_len =
sizeof(request1);
2777 uint8_t reply1[] = {
2778 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
2779 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2780 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2781 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
2782 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
2783 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
2784 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
2785 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
2786 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
2787 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
2788 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
2789 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
2790 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
2791 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
2792 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
2793 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
2794 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
2796 uint32_t reply1_len =
sizeof(reply1);
2803 uint8_t request2[] = {
2804 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
2805 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2806 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2807 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
2808 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
2809 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
2810 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
2811 0x49, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74,
2812 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x0d, 0x0a,
2814 uint32_t request2_len =
sizeof(request2);
2819 uint8_t reply2[] = {
2820 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
2821 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a, 0x32, 0x35,
2822 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e, 0x35, 0x20,
2823 0x4f, 0x6b, 0x0d, 0x0a, 0x33, 0x35, 0x34, 0x20,
2824 0x45, 0x6e, 0x64, 0x20, 0x64, 0x61, 0x74, 0x61,
2825 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x3c, 0x43,
2826 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x2e, 0x3c,
2827 0x43, 0x52, 0x3e, 0x3c, 0x4c, 0x46, 0x3e, 0x0d,
2830 uint32_t reply2_len =
sizeof(reply2);
2835 memset(&f, 0,
sizeof(f));
2836 memset(&ssn, 0,
sizeof(ssn));
2840 f.
proto = IPPROTO_TCP;
2844 SMTPTestInitConfig();
2847 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2849 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2853 if (smtp_state == NULL) {
2854 printf(
"no smtp state: ");
2859 printf(
"smtp parser in inconsistent state\n");
2864 STREAM_TOSERVER, request1, request1_len);
2866 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2872 printf(
"smtp parser in inconsistent state\n");
2877 STREAM_TOCLIENT, reply1, reply1_len);
2879 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2885 printf(
"smtp parser in inconsistent state\n");
2890 STREAM_TOSERVER, request2, request2_len);
2892 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2902 printf(
"smtp parser in inconsistent state\n");
2907 STREAM_TOCLIENT, reply2, reply2_len);
2909 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2916 printf(
"smtp parser in inconsistent state\n");
2932 static int SMTPParserTest04(
void)
2939 uint8_t welcome_reply[] = {
2940 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2941 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2942 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2943 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2944 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2945 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2947 uint32_t welcome_reply_len =
sizeof(welcome_reply);
2950 uint8_t request1[] = {
2951 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
2952 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
2953 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
2954 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
2955 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
2956 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
2958 uint32_t request1_len =
sizeof(request1);
2963 memset(&f, 0,
sizeof(f));
2964 memset(&ssn, 0,
sizeof(ssn));
2968 f.
proto = IPPROTO_TCP;
2972 SMTPTestInitConfig();
2975 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
2977 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
2981 if (smtp_state == NULL) {
2982 printf(
"no smtp state: ");
2987 printf(
"smtp parser in inconsistent state\n");
2992 STREAM_TOSERVER, request1, request1_len);
2994 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3000 printf(
"smtp parser in inconsistent state\n");
3016 static int SMTPParserTest05(
void)
3023 uint8_t welcome_reply[] = {
3024 0x32, 0x32, 0x30, 0x20, 0x70, 0x6f, 0x6f, 0x6e,
3025 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3026 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3027 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x20,
3028 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20, 0x50, 0x6f,
3029 0x73, 0x74, 0x66, 0x69, 0x78, 0x0d, 0x0a
3031 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3034 uint8_t request1[] = {
3035 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3036 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3038 uint32_t request1_len =
sizeof(request1);
3048 uint8_t reply1[] = {
3049 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3050 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3051 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3052 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3053 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x50, 0x49, 0x50,
3054 0x45, 0x4c, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x0d,
3055 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3056 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3057 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3058 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3059 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3060 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3061 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3062 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3063 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3064 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3065 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3067 uint32_t reply1_len =
sizeof(reply1);
3070 uint8_t request2[] = {
3071 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3074 uint32_t request2_len =
sizeof(request2);
3076 uint8_t reply2[] = {
3077 0x35, 0x30, 0x32, 0x20, 0x35, 0x2e, 0x35, 0x2e,
3078 0x32, 0x20, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x3a,
3079 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64,
3080 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x63,
3081 0x6f, 0x67, 0x6e, 0x69, 0x7a, 0x65, 0x64, 0x0d,
3084 uint32_t reply2_len =
sizeof(reply2);
3087 uint8_t request3[] = {
3088 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3091 uint32_t request3_len =
sizeof(request3);
3093 uint8_t reply3[] = {
3094 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3095 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3097 uint32_t reply3_len =
sizeof(reply3);
3102 memset(&f, 0,
sizeof(f));
3103 memset(&ssn, 0,
sizeof(ssn));
3107 f.
proto = IPPROTO_TCP;
3111 SMTPTestInitConfig();
3114 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3116 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3120 if (smtp_state == NULL) {
3121 printf(
"no smtp state: ");
3126 printf(
"smtp parser in inconsistent state\n");
3131 STREAM_TOSERVER, request1, request1_len);
3133 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3139 printf(
"smtp parser in inconsistent state\n");
3144 STREAM_TOCLIENT, reply1, reply1_len);
3146 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3152 printf(
"smtp parser in inconsistent state\n");
3157 STREAM_TOSERVER, request2, request2_len);
3159 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3166 printf(
"smtp parser in inconsistent state\n");
3171 STREAM_TOCLIENT, reply2, reply2_len);
3173 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3179 printf(
"smtp parser in inconsistent state\n");
3191 STREAM_TOSERVER, request3, request3_len);
3193 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3200 printf(
"smtp parser in inconsistent state\n");
3205 STREAM_TOCLIENT, reply3, reply3_len);
3207 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3213 printf(
"smtp parser in inconsistent state\n");
3229 static int SMTPParserTest06(
void)
3235 uint8_t welcome_reply[] = {
3236 0x32, 0x32, 0x30, 0x20, 0x62, 0x61, 0x79, 0x30,
3237 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3238 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3239 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3240 0x6d, 0x20, 0x53, 0x65, 0x6e, 0x64, 0x69, 0x6e,
3241 0x67, 0x20, 0x75, 0x6e, 0x73, 0x6f, 0x6c, 0x69,
3242 0x63, 0x69, 0x74, 0x65, 0x64, 0x20, 0x63, 0x6f,
3243 0x6d, 0x6d, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6c,
3244 0x20, 0x6f, 0x72, 0x20, 0x62, 0x75, 0x6c, 0x6b,
3245 0x20, 0x65, 0x2d, 0x6d, 0x61, 0x69, 0x6c, 0x20,
3246 0x74, 0x6f, 0x20, 0x4d, 0x69, 0x63, 0x72, 0x6f,
3247 0x73, 0x6f, 0x66, 0x74, 0x27, 0x73, 0x20, 0x63,
3248 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72, 0x20,
3249 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x20,
3250 0x69, 0x73, 0x20, 0x70, 0x72, 0x6f, 0x68, 0x69,
3251 0x62, 0x69, 0x74, 0x65, 0x64, 0x2e, 0x20, 0x4f,
3252 0x74, 0x68, 0x65, 0x72, 0x20, 0x72, 0x65, 0x73,
3253 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e,
3254 0x73, 0x20, 0x61, 0x72, 0x65, 0x20, 0x66, 0x6f,
3255 0x75, 0x6e, 0x64, 0x20, 0x61, 0x74, 0x20, 0x68,
3256 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x70, 0x72,
3257 0x69, 0x76, 0x61, 0x63, 0x79, 0x2e, 0x6d, 0x73,
3258 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x6e,
3259 0x74, 0x69, 0x2d, 0x73, 0x70, 0x61, 0x6d, 0x2f,
3260 0x2e, 0x20, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74,
3261 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x77, 0x69, 0x6c,
3262 0x6c, 0x20, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74,
3263 0x20, 0x69, 0x6e, 0x20, 0x75, 0x73, 0x65, 0x20,
3264 0x6f, 0x66, 0x20, 0x65, 0x71, 0x75, 0x69, 0x70,
3265 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6c, 0x6f, 0x63,
3266 0x61, 0x74, 0x65, 0x64, 0x20, 0x69, 0x6e, 0x20,
3267 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e,
3268 0x69, 0x61, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x6f,
3269 0x74, 0x68, 0x65, 0x72, 0x20, 0x73, 0x74, 0x61,
3270 0x74, 0x65, 0x73, 0x2e, 0x20, 0x46, 0x72, 0x69,
3271 0x2c, 0x20, 0x31, 0x36, 0x20, 0x46, 0x65, 0x62,
3272 0x20, 0x32, 0x30, 0x30, 0x37, 0x20, 0x30, 0x35,
3273 0x3a, 0x30, 0x33, 0x3a, 0x32, 0x33, 0x20, 0x2d,
3274 0x30, 0x38, 0x30, 0x30, 0x20, 0x0d, 0x0a
3276 uint32_t welcome_reply_len =
sizeof(welcome_reply);
3278 uint8_t request1[] = {
3279 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x45, 0x58, 0x43,
3280 0x48, 0x41, 0x4e, 0x47, 0x45, 0x32, 0x2e, 0x63,
3281 0x67, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x6d, 0x69,
3282 0x61, 0x6d, 0x69, 0x2e, 0x65, 0x64, 0x75, 0x0d,
3285 uint32_t request1_len =
sizeof(request1);
3287 uint8_t reply1[] = {
3288 0x32, 0x35, 0x30, 0x2d, 0x62, 0x61, 0x79, 0x30,
3289 0x2d, 0x6d, 0x63, 0x36, 0x2d, 0x66, 0x31, 0x30,
3290 0x2e, 0x62, 0x61, 0x79, 0x30, 0x2e, 0x68, 0x6f,
3291 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
3292 0x6d, 0x20, 0x28, 0x33, 0x2e, 0x33, 0x2e, 0x31,
3293 0x2e, 0x34, 0x29, 0x20, 0x48, 0x65, 0x6c, 0x6c,
3294 0x6f, 0x20, 0x5b, 0x31, 0x32, 0x39, 0x2e, 0x31,
3295 0x37, 0x31, 0x2e, 0x33, 0x32, 0x2e, 0x35, 0x39,
3296 0x5d, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53,
3297 0x49, 0x5a, 0x45, 0x20, 0x32, 0x39, 0x36, 0x39,
3298 0x36, 0x30, 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35,
3299 0x30, 0x2d, 0x38, 0x62, 0x69, 0x74, 0x6d, 0x69,
3300 0x6d, 0x65, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3301 0x42, 0x49, 0x4e, 0x41, 0x52, 0x59, 0x4d, 0x49,
3302 0x4d, 0x45, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3303 0x43, 0x48, 0x55, 0x4e, 0x4b, 0x49, 0x4e, 0x47,
3304 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3305 0x54, 0x48, 0x20, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3306 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x41, 0x55,
3307 0x54, 0x48, 0x3d, 0x4c, 0x4f, 0x47, 0x49, 0x4e,
3308 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x20, 0x4f, 0x4b,
3311 uint32_t reply1_len =
sizeof(reply1);
3314 uint8_t request2[] = {
3315 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3316 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3317 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3320 uint32_t request2_len =
sizeof(request2);
3322 uint8_t reply2[] = {
3323 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3324 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3326 uint32_t reply2_len =
sizeof(reply2);
3329 uint8_t request3[] = {
3330 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3331 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3332 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3335 uint32_t request3_len =
sizeof(request3);
3337 uint8_t reply3[] = {
3338 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3339 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3341 uint32_t reply3_len =
sizeof(reply3);
3344 uint8_t request4[] = {
3345 0x42, 0x44, 0x41, 0x54, 0x20, 0x35, 0x31, 0x0d,
3348 uint32_t request4_len =
sizeof(request4);
3350 uint8_t request5[] = {
3351 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3352 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3353 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3354 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x0d, 0x0a,
3356 uint32_t request5_len =
sizeof(request5);
3358 uint8_t request6[] = {
3359 0x46, 0x52, 0x4f, 0x4d, 0x3a, 0x61, 0x73, 0x64,
3360 0x66, 0x66, 0x40, 0x61, 0x73, 0x64, 0x66, 0x2e,
3363 uint32_t request6_len =
sizeof(request6);
3368 memset(&f, 0,
sizeof(f));
3369 memset(&ssn, 0,
sizeof(ssn));
3373 f.
proto = IPPROTO_TCP;
3377 SMTPTestInitConfig();
3380 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3382 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3386 if (smtp_state == NULL) {
3387 printf(
"no smtp state: ");
3392 printf(
"smtp parser in inconsistent state\n");
3397 STREAM_TOSERVER, request1, request1_len);
3399 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3405 printf(
"smtp parser in inconsistent state\n");
3410 STREAM_TOCLIENT, reply1, reply1_len);
3412 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3417 printf(
"smtp parser in inconsistent state\n");
3422 STREAM_TOSERVER, request2, request2_len);
3424 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3430 printf(
"smtp parser in inconsistent state\n");
3435 STREAM_TOCLIENT, reply2, reply2_len);
3437 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3442 printf(
"smtp parser in inconsistent state\n");
3447 STREAM_TOSERVER, request3, request3_len);
3449 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3455 printf(
"smtp parser in inconsistent state\n");
3460 STREAM_TOCLIENT, reply3, reply3_len);
3462 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3467 printf(
"smtp parser in inconsistent state\n");
3472 STREAM_TOSERVER, request4, request4_len);
3474 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3482 printf(
"smtp parser in inconsistent state\n");
3487 STREAM_TOSERVER, request5, request5_len);
3489 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3496 printf(
"smtp parser in inconsistent state\n");
3501 STREAM_TOSERVER, request6, request6_len);
3503 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3509 printf(
"smtp parser in inconsistent state\n");
3522 static int SMTPParserTest12(
void)
3536 uint8_t request1[] = {
3537 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3538 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3540 int32_t request1_len =
sizeof(request1);
3544 uint8_t reply1[] = {
3545 0x31, 0x38, 0x38, 0x0d, 0x0a,
3547 uint32_t reply1_len =
sizeof(reply1);
3551 memset(&th_v, 0,
sizeof(th_v));
3552 memset(&f, 0,
sizeof(f));
3553 memset(&ssn, 0,
sizeof(ssn));
3559 f.
proto = IPPROTO_TCP;
3568 SMTPTestInitConfig();
3577 "(msg:\"SMTP event handling\"; "
3578 "app-layer-event: smtp.invalid_reply; "
3587 STREAM_TOSERVER | STREAM_START, request1,
3590 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3595 if (smtp_state == NULL) {
3596 printf(
"no smtp state: ");
3604 printf(
"sid 1 matched. It shouldn't match: ");
3609 STREAM_TOCLIENT | STREAM_TOCLIENT, reply1,
3612 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3620 printf(
"sid 1 didn't match. Should have matched: ");
3641 static int SMTPParserTest13(
void)
3655 uint8_t request1[] = {
3656 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3657 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a,
3659 int32_t request1_len =
sizeof(request1);
3663 uint8_t reply1[] = {
3664 0x32, 0x35, 0x30, 0x0d, 0x0a,
3666 uint32_t reply1_len =
sizeof(reply1);
3673 uint8_t request2[] = {
3674 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3675 0x4d, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3676 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3677 0x0d, 0x0a, 0x52, 0x43, 0x50, 0x54, 0x20, 0x54,
3678 0x4f, 0x3a, 0x70, 0x62, 0x73, 0x66, 0x40, 0x61,
3679 0x73, 0x64, 0x66, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
3680 0x0d, 0x0a, 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a,
3681 0x53, 0x54, 0x41, 0x52, 0x54, 0x54, 0x4c, 0x53,
3684 uint32_t request2_len =
sizeof(request2);
3688 memset(&th_v, 0,
sizeof(th_v));
3689 memset(&f, 0,
sizeof(f));
3690 memset(&ssn, 0,
sizeof(ssn));
3696 f.
proto = IPPROTO_TCP;
3705 SMTPTestInitConfig();
3714 "(msg:\"SMTP event handling\"; "
3716 "smtp.invalid_pipelined_sequence; "
3725 STREAM_TOSERVER | STREAM_START, request1,
3728 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3733 if (smtp_state == NULL) {
3734 printf(
"no smtp state: ");
3742 printf(
"sid 1 matched. It shouldn't match: ");
3747 STREAM_TOCLIENT, reply1, reply1_len);
3749 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3757 printf(
"sid 1 matched. It shouldn't match: ");
3762 STREAM_TOSERVER, request2, request2_len);
3764 printf(
"AppLayerParse for smtp failed. Returned %" PRId32, r);
3772 printf(
"sid 1 didn't match. Should have matched: ");
3796 static int SMTPParserTest14(
void)
3803 static uint8_t welcome_reply[] = {
3804 0x32, 0x32, 0x30, 0x20, 0x6d, 0x78, 0x2e, 0x67,
3805 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
3806 0x6d, 0x20, 0x45, 0x53, 0x4d, 0x54, 0x50, 0x20,
3807 0x64, 0x31, 0x35, 0x73, 0x6d, 0x39, 0x38, 0x36,
3808 0x32, 0x38, 0x33, 0x77, 0x66, 0x6c, 0x2e, 0x36,
3811 static uint32_t welcome_reply_len =
sizeof(welcome_reply);
3814 static uint8_t request1[] = {
3815 0x45, 0x48, 0x4c, 0x4f, 0x20, 0x62, 0x6f, 0x6f,
3816 0x2e, 0x63, 0x6f, 0x6d, 0x0d, 0x0a
3818 static uint32_t request1_len =
sizeof(request1);
3825 static uint8_t reply1[] = {
3826 0x32, 0x35, 0x30, 0x2d, 0x70, 0x6f, 0x6f, 0x6e,
3827 0x61, 0x5f, 0x73, 0x6c, 0x61, 0x63, 0x6b, 0x5f,
3828 0x76, 0x6d, 0x31, 0x2e, 0x6c, 0x6f, 0x63, 0x61,
3829 0x6c, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x0d,
3830 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x53, 0x49, 0x5a,
3831 0x45, 0x20, 0x31, 0x30, 0x32, 0x34, 0x30, 0x30,
3832 0x30, 0x30, 0x0d, 0x0a, 0x32, 0x35, 0x30, 0x2d,
3833 0x56, 0x52, 0x46, 0x59, 0x0d, 0x0a, 0x32, 0x35,
3834 0x30, 0x2d, 0x45, 0x54, 0x52, 0x4e, 0x0d, 0x0a,
3835 0x32, 0x35, 0x30, 0x2d, 0x45, 0x4e, 0x48, 0x41,
3836 0x4e, 0x43, 0x45, 0x44, 0x53, 0x54, 0x41, 0x54,
3837 0x55, 0x53, 0x43, 0x4f, 0x44, 0x45, 0x53, 0x0d,
3838 0x0a, 0x32, 0x35, 0x30, 0x2d, 0x38, 0x42, 0x49,
3839 0x54, 0x4d, 0x49, 0x4d, 0x45, 0x0d, 0x0a, 0x32,
3840 0x35, 0x30, 0x20, 0x44, 0x53, 0x4e, 0x0d, 0x0a
3842 static uint32_t reply1_len =
sizeof(reply1);
3845 static uint8_t request2[] = {
3846 0x4d, 0x41, 0x49, 0x4c, 0x20, 0x46, 0x52, 0x4f,
3847 0x4d, 0x3a, 0x61, 0x73, 0x64, 0x66, 0x66, 0x40,
3848 0x61, 0x73, 0x64, 0x66, 0x2e, 0x63, 0x6f, 0x6d,
3851 static uint32_t request2_len =
sizeof(request2);
3853 static uint8_t reply2[] = {
3854 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3855 0x30, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3857 static uint32_t reply2_len =
sizeof(reply2);
3860 static uint8_t request3[] = {
3861 0x52, 0x43, 0x50, 0x54, 0x20, 0x54, 0x4f, 0x3a,
3862 0x62, 0x69, 0x6d, 0x62, 0x73, 0x40, 0x67, 0x6d,
3863 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x0d,
3866 static uint32_t request3_len =
sizeof(request3);
3868 static uint8_t reply3[] = {
3869 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x31, 0x2e,
3870 0x35, 0x20, 0x4f, 0x6b, 0x0d, 0x0a
3872 static uint32_t reply3_len =
sizeof(reply3);
3875 static uint8_t request4[] = {
3876 0x44, 0x41, 0x54, 0x41, 0x0d, 0x0a
3878 static uint32_t request4_len =
sizeof(request4);
3880 static uint8_t reply4[] = {
3881 0x33, 0x35, 0x34, 0x20, 0x45, 0x6e, 0x64, 0x20,
3882 0x64, 0x61, 0x74, 0x61, 0x20, 0x77, 0x69, 0x74,
3883 0x68, 0x20, 0x3c, 0x43, 0x52, 0x3e, 0x3c, 0x4c,
3884 0x46, 0x3e, 0x2e, 0x3c, 0x43, 0x52, 0x3e, 0x3c,
3885 0x4c, 0x46, 0x3e, 0x0d, 0x0a
3887 static uint32_t reply4_len =
sizeof(reply4);
3890 static uint64_t filesize = 133;
3891 static uint8_t request4_msg[] = {
3892 0x4D, 0x49, 0x4D, 0x45, 0x2D, 0x56, 0x65, 0x72,
3893 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20, 0x31, 0x2E,
3894 0x30, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3895 0x6E, 0x74, 0x2D, 0x54, 0x79, 0x70, 0x65, 0x3A,
3896 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61,
3897 0x74, 0x69, 0x6F, 0x6E, 0x2F, 0x6F, 0x63, 0x74,
3898 0x65, 0x74, 0x2D, 0x73, 0x74, 0x72, 0x65, 0x61,
3899 0x6D, 0x0D, 0x0A, 0x43, 0x6F, 0x6E, 0x74, 0x65,
3900 0x6E, 0x74, 0x2D, 0x54, 0x72, 0x61, 0x6E, 0x73,
3901 0x66, 0x65, 0x72, 0x2D, 0x45, 0x6E, 0x63, 0x6F,
3902 0x64, 0x69, 0x6E, 0x67, 0x3A, 0x20, 0x62, 0x61,
3903 0x73, 0x65, 0x36, 0x34, 0x0D, 0x0A, 0x43, 0x6F,
3904 0x6E, 0x74, 0x65, 0x6E, 0x74, 0x2D, 0x44, 0x69,
3905 0x73, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x69, 0x6F,
3906 0x6E, 0x3A, 0x20, 0x61, 0x74, 0x74, 0x61, 0x63,
3907 0x68, 0x6D, 0x65, 0x6E, 0x74, 0x3B, 0x20, 0x66,
3908 0x69, 0x6C, 0x65, 0x6E, 0x61, 0x6D, 0x65, 0x3D,
3909 0x22, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x65, 0x78,
3910 0x65, 0x22, 0x3B, 0x0D, 0x0A, 0x0D, 0x0A, 0x54,
3911 0x56, 0x6F, 0x41, 0x41, 0x46, 0x42, 0x46, 0x41,
3912 0x41, 0x42, 0x4D, 0x41, 0x51, 0x45, 0x41, 0x61,
3913 0x69, 0x70, 0x59, 0x77, 0x77, 0x41, 0x41, 0x41,
3914 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3915 0x41, 0x41, 0x44, 0x41, 0x51, 0x73, 0x42, 0x43,
3916 0x41, 0x41, 0x42, 0x41, 0x41, 0x43, 0x41, 0x41,
3917 0x41, 0x41, 0x41, 0x41, 0x48, 0x6B, 0x41, 0x41,
3918 0x41, 0x41, 0x4D, 0x41, 0x41, 0x41, 0x41, 0x65,
3919 0x51, 0x41, 0x41, 0x41, 0x41, 0x77, 0x41, 0x41,
3920 0x41, 0x41, 0x41, 0x41, 0x45, 0x41, 0x41, 0x42,
3921 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3922 0x41, 0x42, 0x30, 0x41, 0x41, 0x41, 0x41, 0x49,
3923 0x41, 0x41, 0x41, 0x41, 0x41, 0x51, 0x41, 0x41,
3924 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x42,
3925 0x41, 0x45, 0x41, 0x41, 0x49, 0x67, 0x41, 0x41,
3926 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3927 0x67, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3928 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3929 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
3930 0x41, 0x42, 0x63, 0x58, 0x44, 0x59, 0x32, 0x4C,
3931 0x6A, 0x6B, 0x7A, 0x4C, 0x6A, 0x59, 0x34, 0x4C,
3932 0x6A, 0x5A, 0x63, 0x65, 0x67, 0x41, 0x41, 0x4F,
3933 0x41, 0x3D, 0x3D, 0x0D,0x0A };
3934 static uint32_t request4_msg_len =
sizeof(request4_msg);
3937 static uint8_t request4_end[] = {
3938 0x0d, 0x0a, 0x2e, 0x0d, 0x0a
3940 static uint32_t request4_end_len =
sizeof(request4_end);
3942 static uint8_t reply4_end[] = {
3943 0x32, 0x35, 0x30, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3944 0x30, 0x20, 0x4f, 0x6b, 0x3a, 0x20, 0x71, 0x75,
3945 0x65, 0x75, 0x65, 0x64, 0x20, 0x61, 0x73, 0x20,
3946 0x36, 0x41, 0x31, 0x41, 0x46, 0x32, 0x30, 0x42,
3947 0x46, 0x32, 0x0d, 0x0a
3949 static uint32_t reply4_end_len =
sizeof(reply4_end);
3952 static uint8_t request5[] = {
3953 0x51, 0x55, 0x49, 0x54, 0x0d, 0x0a
3955 static uint32_t request5_len =
sizeof(request5);
3957 static uint8_t reply5[] = {
3958 0x32, 0x32, 0x31, 0x20, 0x32, 0x2e, 0x30, 0x2e,
3959 0x30, 0x20, 0x42, 0x79, 0x65, 0x0d, 0x0a
3961 static uint32_t reply5_len =
sizeof(reply5);
3966 memset(&f, 0,
sizeof(f));
3967 memset(&ssn, 0,
sizeof(ssn));
3971 f.
proto = IPPROTO_TCP;
3975 SMTPTestInitConfig();
3979 STREAM_TOCLIENT, welcome_reply, welcome_reply_len);
3981 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
3985 if (smtp_state == NULL) {
3986 printf(
"no smtp state: ");
3991 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
3996 STREAM_TOSERVER, request1, request1_len);
3998 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4004 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4010 STREAM_TOCLIENT, reply1, reply1_len);
4012 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4016 if ((smtp_state->
helo_len != 7) || strncmp(
"boo.com", (
char *)smtp_state->
helo, 7)) {
4017 printf(
"incorrect parsing of HELO field '%s' (%d)\n", smtp_state->
helo, smtp_state->
helo_len);
4023 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4029 STREAM_TOSERVER, request2, request2_len);
4031 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4037 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4043 STREAM_TOCLIENT, reply2, reply2_len);
4045 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4051 printf(
"incorrect parsing of MAIL FROM field '%s' (%d)\n",
4059 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4065 STREAM_TOSERVER, request3, request3_len);
4067 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4073 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4079 STREAM_TOCLIENT, reply3, reply3_len);
4081 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4086 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4092 SCMimeSmtpConfigDecodeBase64(1);
4093 SCMimeSmtpConfigDecodeQuoted(1);
4097 STREAM_TOSERVER, request4, request4_len);
4099 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4106 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4112 STREAM_TOCLIENT, reply4, reply4_len);
4114 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4120 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4126 STREAM_TOSERVER, request4_msg, request4_msg_len);
4128 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4136 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4142 STREAM_TOSERVER, request4_end, request4_end_len);
4144 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4152 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4161 if (files != NULL && files->
head != NULL) {
4164 if(strncmp((
const char *)file->
name,
"test.exe", 8) != 0){
4165 printf(
"smtp-mime file name is incorrect");
4169 printf(
"smtp-mime file size %"PRIu64
" is incorrect",
FileDataSize(file));
4172 static uint8_t org_binary[] = {
4173 0x4D, 0x5A, 0x00, 0x00, 0x50, 0x45, 0x00, 0x00,
4174 0x4C, 0x01, 0x01, 0x00, 0x6A, 0x2A, 0x58, 0xC3,
4175 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4176 0x04, 0x00, 0x03, 0x01, 0x0B, 0x01, 0x08, 0x00,
4177 0x01, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
4178 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4179 0x79, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
4180 0x00, 0x00, 0x40, 0x00, 0x04, 0x00, 0x00, 0x00,
4181 0x04, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00,
4182 0x20, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
4183 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4184 0x88, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4185 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4186 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4187 0x00, 0x00, 0x00, 0x00, 0x5C, 0x5C, 0x36, 0x36,
4188 0x2E, 0x39, 0x33, 0x2E, 0x36, 0x38, 0x2E, 0x36,
4189 0x5C, 0x7A, 0x00, 0x00, 0x38,};
4192 org_binary,
sizeof(org_binary)) != 1)
4194 printf(
"smtp-mime file data incorrect\n");
4201 STREAM_TOCLIENT, reply4_end, reply4_end_len);
4203 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4208 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4214 STREAM_TOSERVER, request5, request5_len);
4216 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4222 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);
4228 STREAM_TOCLIENT, reply5, reply5_len);
4230 printf(
"smtp check returned %" PRId32
", expected 0: ", r);
4235 printf(
"smtp parser in inconsistent state l.%d\n", __LINE__);