From ce80533b305c56d57cb7ec1484491f191132cf84 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 14 Oct 2018 15:22:32 +0100 Subject: [PATCH 1/1] Testsuite: client script faciility for handling optional reponses Use this to deal with fallout from TLS negotiation failure, where the server sees leftover encrypted data as garbage commands. --- src/src/smtp_in.c | 4 +++- test/README | 17 +++++++++++---- test/scripts/2100-OpenSSL/2114 | 10 +++++++++ test/src/client.c | 39 ++++++++++++++++++++++------------ test/stdout/2114 | 15 +++++++++++++ 5 files changed, 67 insertions(+), 18 deletions(-) diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index b99b5cdbc..00c842760 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -5508,7 +5508,9 @@ while (done <= 0) /* Hard failure. Reject everything except QUIT or closed connection. One cause for failure is a nested STARTTLS, in which case tls_in.active remains - set, but we must still reject all incoming commands. */ + set, but we must still reject all incoming commands. Another is a handshake + failure - and there may some encrypted data still in the pipe to us, which we + see as garbage commands. */ DEBUG(D_tls) debug_printf("TLS failed to start\n"); while (done <= 0) switch(smtp_read_command(FALSE, GETC_BUFFER_UNLIMITED)) diff --git a/test/README b/test/README index f4eeddbb4..5b3a86966 100644 --- a/test/README +++ b/test/README @@ -1023,18 +1023,27 @@ Lines in client scripts are of several kinds: line defines the start of expected output from the server. If what is received does not match, the client bombs out with an error message. -(2) If a line starts with three plus signs followed by a space, the rest of the +(2) If a line begins with three question marks and an asterisk, the server + is expected to close the connection. + +(3) If a line begins with four question marks, the rest of the line defines + the start of one or more possible output lines from the server. When it + matches, the client silently repeats the comparison using the next server + line. When the match fails, the client silently proceeds to the next script + line with the then-current server output unconsumed. + +(4) If a line starts with three plus signs followed by a space, the rest of the line specifies a number of seconds to sleep for before proceeding. -(3) If a line begins with three '>' characters and a space, the rest of the +(5) If a line begins with three '>' characters and a space, the rest of the line is input to be sent to the server. Backslash escaping is done as described below, but no trailing "\r\n" is sent. -(4) If a line begin with three '<' characters and a space, the rest of the +(6) If a line begin with three '<' characters and a space, the rest of the line is a filename; the content of the file is inserted intto the script at this point. -(5) Otherwise, the line is an input line line that is sent to the server. Any +(7) Otherwise, the line is an input line line that is sent to the server. Any occurrences of \r and \n in the line are turned into carriage return and linefeed, respectively. This is used for testing PIPELINING. Any sequences of \x followed by two hex digits are converted to the equvalent diff --git a/test/scripts/2100-OpenSSL/2114 b/test/scripts/2100-OpenSSL/2114 index 49598e366..cc78ab0fb 100644 --- a/test/scripts/2100-OpenSSL/2114 +++ b/test/scripts/2100-OpenSSL/2114 @@ -13,6 +13,12 @@ ehlo rhu.barb ??? 250 starttls ??? 220 +noop +??? 554 Security failure +quit +????554 Security failure +??? 221 +???* **** ### No certificate, certificate optional at TLS time, required by ACL client-ssl 127.0.0.1 PORT_D @@ -85,6 +91,8 @@ ehlo rhu.barb ??? 250 starttls ??? 220 +noop +??? 554 Security failure **** ### Bad certificate, certificate optional at TLS time, reject at ACL time client-ssl 127.0.0.1 PORT_D aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key @@ -124,6 +132,8 @@ ehlo rhu.barb ??? 250 starttls ??? 220 +noop +??? 554 Security failure **** ### Revoked certificate, certificate optional at TLS time, reject at ACL time client-ssl 127.0.0.1 PORT_D aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key diff --git a/test/src/client.c b/test/src/client.c index eef82ef57..5b998e269 100644 --- a/test/src/client.c +++ b/test/src/client.c @@ -553,32 +553,32 @@ while (fgets(CS outbuffer, sizeof(outbuffer), f) != NULL) /* Expect incoming */ if ( strncmp(CS outbuffer, "???", 3) == 0 - && (outbuffer[3] == ' ' || outbuffer[3] == '*') + && (outbuffer[3] == ' ' || outbuffer[3] == '*' || outbuffer[3] == '?') ) { unsigned char *lineptr; unsigned exp_eof = outbuffer[3] == '*'; + unsigned resp_optional = outbuffer[3] == '?'; printf("%s\n", outbuffer); n = unescape_buf(outbuffer, n); +nextinput: if (*inptr == 0) /* Refill input buffer */ { + alarm(timeout); if (srv->tls_active) { #ifdef HAVE_OPENSSL - rc = SSL_read (srv->ssl, inbuffer, bsiz - 1); + rc = SSL_read(srv->ssl, inbuffer, bsiz - 1); #endif #ifdef HAVE_GNUTLS rc = gnutls_record_recv(tls_session, CS inbuffer, bsiz - 1); #endif } else - { - alarm(timeout); rc = read(srv->sock, inbuffer, bsiz); - alarm(0); - } + alarm(0); if (rc < 0) { @@ -618,19 +618,31 @@ while (fgets(CS outbuffer, sizeof(outbuffer), f) != NULL) if (*inptr == '\n') inptr++; } - printf("<<< %s\n", lineptr); if (strncmp(CS lineptr, CS outbuffer + 4, n - 4) != 0) - { - printf("\n******** Input mismatch ********\n"); - exit(79); - } + if (resp_optional) + { + inptr = lineptr; /* consume scriptline, not inputline */ + continue; + } + else + { + printf("<<< %s\n", lineptr); + printf("\n******** Input mismatch ********\n"); + exit(79); + } + + /* input matched script */ + + if (resp_optional) + goto nextinput; /* consume inputline, not scriptline */ + + printf("<<< %s\n", lineptr); #ifdef HAVE_TLS if (srv->sent_starttls) { if (lineptr[0] == '2') { -int rc; unsigned int verify; printf("Attempting to start TLS\n"); @@ -1219,7 +1231,8 @@ do_file(&srv, stdin, timeout, inbuffer, sizeof(inbuffer), inptr); printf("End of script\n"); shutdown(srv.sock, SHUT_WR); -while (read(srv.sock, inbuffer, sizeof(inbuffer)) > 0) ; +if (fcntl(srv.sock, F_SETFL, O_NONBLOCK) == 0) + while (read(srv.sock, inbuffer, sizeof(inbuffer)) > 0) ; close(srv.sock); exit(0); diff --git a/test/stdout/2114 b/test/stdout/2114 index c3fa9ce98..2a26dd128 100644 --- a/test/stdout/2114 +++ b/test/stdout/2114 @@ -21,6 +21,15 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected Attempting to start TLS pppp:error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:[...]:SSL alert number 40 Failed to start TLS +>>> noop +??? 554 Security failure +<<< 554 Security failure +>>> quit +????554 Security failure +??? 221 +<<< 221 myhost.test.ex closing connection +???* +Expected EOF read End of script ### No certificate, certificate optional at TLS time, required by ACL Connecting to 127.0.0.1 port 1225 ... connected @@ -153,6 +162,9 @@ Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net Attempting to start TLS pppp:error:dddddddd:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:[...]:SSL alert number 48 Failed to start TLS +>>> noop +??? 554 Security failure +<<< 554 Security failure End of script ### Bad certificate, certificate optional at TLS time, reject at ACL time Connecting to 127.0.0.1 port 1225 ... connected @@ -214,6 +226,9 @@ Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.c Attempting to start TLS pppp:error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert certificate revoked:[...]:SSL alert number 44 Failed to start TLS +>>> noop +??? 554 Security failure +<<< 554 Security failure End of script ### Revoked certificate, certificate optional at TLS time, reject at ACL time Connecting to 127.0.0.1 port 1225 ... connected -- 2.30.2