Fossil

Check-in [51740ce4]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:The blob-to-SMTP encoding logic was not strictly following RFC 5321 in that it was only dealing with the lone dot on the line case, doubling it to prevent the SMTP server from interpreting that as end-of-message. It missed the case where, if anything follows the dot, SMTP drops the leading dot, so you must also double the leading dot in that case. Basically, you always double a leading dot, regardless of line length.

This only affects Fossil's direct-to-SMTP email sending case, not those that send via a piped command or via DB. That is dealt with later in [8c0ec30bc3].

Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256:51740ce45fd4d498256d9610d3273f3bb2ee5f8bb11dc7058186801d00888601
User & Date: wyoung 2018-08-14 03:55:56
Original Comment: Fixed the blob-to-SMTP encoding logic to prevent a possible data truncation when the line wrapping happens to place a period alone at the start of a new line. SMTP treats that as end-of-message. Fix diagnosed by gumblex, /forumpost/4290f75ba1.
References
2018-08-14
05:59
Changed all of the "sendmail -t" commands to "sendmail -ti" to make it ignore lines containing only a dot; we use EOF to signal "end of message," so we don't need the second signal. This is separate from the smtp.c fix in [51740ce45f]: that's only used when Fossil speaks directly to an SMTP server, where a leading dot is treated somewhat differently than the lone dot rule for sendmail(1)'s stdin.

This problem with leading dots was diagnosed by gumblex, /forumpost/4290f75ba1. check-in: 8c0ec30b user: wyoung tags: trunk

Context
2018-08-14
04:39
URL fix check-in: 6787aac9 user: wyoung tags: trunk
03:55
The blob-to-SMTP encoding logic was not strictly following RFC 5321 in that it was only dealing with the lone dot on the line case, doubling it to prevent the SMTP server from interpreting that as end-of-message. It missed the case where, if anything follows the dot, SMTP drops the leading dot, so you must also double the leading dot in that case. Basically, you always double a leading dot, regardless of line length.

This only affects Fossil's direct-to-SMTP email sending case, not those that send via a piped command or via DB. That is dealt with later in [8c0ec30bc3]. check-in: 51740ce4 user: wyoung tags: trunk

2018-08-13
03:51
Covered capability 7 in the forum.wiki document, and made several improvements to the "Using the Moderation Feature" section. check-in: 31631b75 user: wyoung tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/smtp.c.

446
447
448
449
450
451
452
453

454
455
456
457
458
459
460
...
463
464
465
466
467
468
469
470

471
472
473
474
475

476
477
478
479
480
481
482
  smtp_session_free(p);
}

/*
** Send the content of an email message followed by a single
** "." line.  All lines must be \r\n terminated.  Any isolated
** \n line terminators in the input must be converted.  Also,
** an line contain using "." should be converted to "..".

*/
static void smtp_send_email_body(
  const char *zMsg,                          /* Message to send */
  size_t (*xSend)(void*,const void*,size_t), /* Sender callback function */
  void *pArg                                 /* First arg to sender */
){
  Blob in;
................................................................................
  blob_init(&in, zMsg, -1);
  while( blob_line(&in, &line) ){
    char *z = blob_buffer(&line);
    int n = blob_size(&line);
    if( n==0 ) break;
    n--;
    if( n && z[n-1]=='\r' ) n--;
    if( n==1 && z[0]=='.' ){

      blob_append(&out, "..\r\n", 4);
    }else{
      blob_append(&out, z, n);
      blob_append(&out, "\r\n", 2);
    }

  }
  blob_append(&out, ".\r\n", 3);
  xSend(pArg, blob_buffer(&out), blob_size(&out));
  blob_reset(&out);
  blob_reset(&line);
}








|
>







 







|
>
|


<

>







446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
...
464
465
466
467
468
469
470
471
472
473
474
475

476
477
478
479
480
481
482
483
484
  smtp_session_free(p);
}

/*
** Send the content of an email message followed by a single
** "." line.  All lines must be \r\n terminated.  Any isolated
** \n line terminators in the input must be converted.  Also,
** a line beginning with "." must have the dot doubled per
** https://tools.ietf.org/html/rfc5321#section-4.5.2
*/
static void smtp_send_email_body(
  const char *zMsg,                          /* Message to send */
  size_t (*xSend)(void*,const void*,size_t), /* Sender callback function */
  void *pArg                                 /* First arg to sender */
){
  Blob in;
................................................................................
  blob_init(&in, zMsg, -1);
  while( blob_line(&in, &line) ){
    char *z = blob_buffer(&line);
    int n = blob_size(&line);
    if( n==0 ) break;
    n--;
    if( n && z[n-1]=='\r' ) n--;
    if( z[0]=='.' ){
      blob_append(&out, "..", 2);   /* RFC 5321 ยง 4.5.2 */
      blob_append(&out, z+1, n-1);
    }else{
      blob_append(&out, z, n);

    }
    blob_append(&out, "\r\n", 2);
  }
  blob_append(&out, ".\r\n", 3);
  xSend(pArg, blob_buffer(&out), blob_size(&out));
  blob_reset(&out);
  blob_reset(&line);
}