From 099afc4f7362d39816cb3555127214548dd9cb35 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 20 Oct 2018 20:07:21 +0100 Subject: [PATCH] Ensure unique message-id even for rejected messages --- src/src/receive.c | 33 ++++++++++++++++++++------------- test/log/2002 | 2 +- test/log/2015 | 8 ++++---- test/log/2024 | 4 ++-- test/log/2034 | 6 +++--- test/scripts/2000-GnuTLS/2014 | 6 +++++- test/scripts/2000-GnuTLS/2015 | 5 +++-- test/scripts/2000-GnuTLS/2024 | 6 ++++-- test/scripts/2000-GnuTLS/2034 | 5 +++-- test/stdout/2014 | 8 ++++++-- test/stdout/2015 | 8 ++++---- test/stdout/2024 | 10 ++++++---- test/stdout/2034 | 8 ++++---- 13 files changed, 65 insertions(+), 44 deletions(-) diff --git a/src/src/receive.c b/src/src/receive.c index bc5cebaad..016a92d6b 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -1623,7 +1623,7 @@ int error_rc = error_handling == ERRORS_SENDER ? errors_sender_rc : EXIT_FAILURE; int header_size = 256; int start, end, domain; -int id_resolution; +int id_resolution = 0; int had_zero = 0; int prevlines_length = 0; @@ -2625,7 +2625,7 @@ the message, if necessary (we hope it won't be). */ if (host_number_string) { - id_resolution = (BASE_62 == 62)? 5000 : 10000; + id_resolution = BASE_62 == 62 ? 5000 : 10000; sprintf(CS(message_id + MESSAGE_ID_LENGTH - 3), "-%2s", string_base62((long int)( host_number * (1000000/id_resolution) + @@ -2637,7 +2637,7 @@ appropriate resolution. */ else { - id_resolution = (BASE_62 == 62)? 500 : 1000; + id_resolution = BASE_62 == 62 ? 500 : 1000; sprintf(CS(message_id + MESSAGE_ID_LENGTH - 3), "-%2s", string_base62((long int)(message_id_tv.tv_usec/id_resolution)) + 4); } @@ -3893,16 +3893,6 @@ else receive_messagecount++; -/* In SMTP sessions we may receive several in one connection. After each one, -we wait for the clock to tick at the level of message-id granularity. This is -so that the combination of time+pid is unique, even on systems where the pid -can be re-used within our time interval. We can't shorten the interval without -re-designing the message-id. See comments above where the message id is -created. This is Something For The Future. */ - -message_id_tv.tv_usec = (message_id_tv.tv_usec/id_resolution) * id_resolution; -exim_wait_tick(&message_id_tv, id_resolution); - /* Add data size to written header size. We do not count the initial file name that is in the file, but we do add one extra for the notional blank line that precedes the data. This total differs from message_size in that it include the @@ -4261,6 +4251,23 @@ then we can think about properly declaring the message not-received. */ TIDYUP: +/* In SMTP sessions we may receive several messages in one connection. After +each one, we wait for the clock to tick at the level of message-id granularity. +This is so that the combination of time+pid is unique, even on systems where the +pid can be re-used within our time interval. We can't shorten the interval +without re-designing the message-id. See comments above where the message id is +created. This is Something For The Future. +Do this wait any time we have created a message-id, even if we rejected the +message. This gives unique IDs for logging done by ACLs. */ + +if (id_resolution != 0) + { + message_id_tv.tv_usec = (message_id_tv.tv_usec/id_resolution) * id_resolution; + exim_wait_tick(&message_id_tv, id_resolution); + id_resolution = 0; + } + + process_info[process_info_len] = 0; /* Remove message id */ if (spool_data_file && cutthrough_done == NOT_TRIED) { diff --git a/test/log/2002 b/test/log/2002 index 9099a1c01..b376e055f 100644 --- a/test/log/2002 +++ b/test/log/2002 @@ -19,7 +19,6 @@ 1999-03-02 09:44:33 Our cert SN: 1999-03-02 09:44:33 Peer did not present a cert 1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke_RSA_AES_256_CBC_SHAnnn:256 CV=no S=sss -1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (gnutls_handshake): The peer did not send any certificate. 1999-03-02 09:44:33 Our cert SN: 1999-03-02 09:44:33 Peer cert: 1999-03-02 09:44:33 ver 3 @@ -47,3 +46,4 @@ 1999-03-02 09:44:33 Our cert SN: 1999-03-02 09:44:33 Peer did not present a cert 1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke_ECDSA_AES_256_CBC_SHAnnn:256 CV=no S=sss +1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (gnutls_handshake): The peer did not send any certificate. diff --git a/test/log/2015 b/test/log/2015 index 7252550ca..78d6c3c41 100644 --- a/test/log/2015 +++ b/test/log/2015 @@ -2,8 +2,8 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 SMTP connection from [127.0.0.1] (TCP/IP connection count = 1) -1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [127.0.0.1] (gnutls_handshake): timed out -1999-03-02 09:44:33 SMTP command timeout on connection from (rhu.barb) [127.0.0.1] +1999-03-02 09:44:33 TLS error on connection from (timeout.rhu.barb) [127.0.0.1] (gnutls_handshake): timed out +1999-03-02 09:44:33 SMTP command timeout on connection from (timeout.rhu.barb) [127.0.0.1] 1999-03-02 09:44:33 SMTP connection from [127.0.0.1] (TCP/IP connection count = 1) -1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [127.0.0.1] (gnutls_handshake): The TLS connection was non-properly terminated. -1999-03-02 09:44:33 SMTP connection from (rhu.barb) [127.0.0.1] closed by EOF +1999-03-02 09:44:33 TLS error on connection from (close.rhu.barb) [127.0.0.1] (gnutls_handshake): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 SMTP connection from (close.rhu.barb) [127.0.0.1] closed by EOF diff --git a/test/log/2024 b/test/log/2024 index f16da49b7..fa389662a 100644 --- a/test/log/2024 +++ b/test/log/2024 @@ -1,6 +1,6 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (gnutls_handshake): The peer did not send any certificate. +1999-03-02 09:44:33 TLS error on connection from (rhu1.barb) [ip4.ip4.ip4.ip4] (gnutls_handshake): The peer did not send any certificate. 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (cert/key setup: cert=/non/exist key=/non/exist): Error while reading file. +1999-03-02 09:44:33 TLS error on connection from (rhu2.barb) [ip4.ip4.ip4.ip4] (cert/key setup: cert=/non/exist key=/non/exist): Error while reading file. diff --git a/test/log/2034 b/test/log/2034 index 33f138ae2..0cc299ee9 100644 --- a/test/log/2034 +++ b/test/log/2034 @@ -1,6 +1,6 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [127.0.0.1] (gnutls_handshake): timed out -1999-03-02 09:44:33 SMTP command timeout on connection from (rhu.barb) [127.0.0.1] -1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [127.0.0.1] (gnutls_handshake): An unexpected TLS packet was received. +1999-03-02 09:44:33 TLS error on connection from (rhu1.barb) [127.0.0.1] (gnutls_handshake): timed out +1999-03-02 09:44:33 SMTP command timeout on connection from (rhu1.barb) [127.0.0.1] +1999-03-02 09:44:33 TLS error on connection from (rhu2.barb) [127.0.0.1] (gnutls_handshake): An unexpected TLS packet was received. diff --git a/test/scripts/2000-GnuTLS/2014 b/test/scripts/2000-GnuTLS/2014 index 1e12b4ef5..8c23e2cdf 100644 --- a/test/scripts/2000-GnuTLS/2014 +++ b/test/scripts/2000-GnuTLS/2014 @@ -15,6 +15,8 @@ ehlo rhu1.barb ??? 250 starttls ??? 220 +nop +????554 **** ### No certificate, certificate optional at TLS time, required by ACL client-gnutls 127.0.0.1 PORT_D @@ -89,6 +91,8 @@ ehlo rhu5.barb ??? 250 starttls ??? 220 +nop +????554 **** ### Bad certificate, certificate optional at TLS time, reject at ACL time # (situation as above) @@ -153,7 +157,7 @@ quit ### Good certificate, certificate required - but nonmatching CRL also present client-gnutls HOSTIPV4 PORT_D aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key ??? 220 -ehlo rhu.barb +ehlo rhu9.barb ??? 250- ??? 250- ??? 250- diff --git a/test/scripts/2000-GnuTLS/2015 b/test/scripts/2000-GnuTLS/2015 index b963e4e06..07fda35b3 100644 --- a/test/scripts/2000-GnuTLS/2015 +++ b/test/scripts/2000-GnuTLS/2015 @@ -4,7 +4,7 @@ exim -DSERVER=server -bd -oX PORT_D **** client-gnutls 127.0.0.1 PORT_D ??? 220 -ehlo rhu.barb +ehlo timeout.rhu.barb ??? 250- ??? 250- ??? 250- @@ -18,7 +18,7 @@ starttls_wait **** client-gnutls 127.0.0.1 PORT_D ??? 220 -ehlo rhu.barb +ehlo close.rhu.barb ??? 250- ??? 250- ??? 250- @@ -28,4 +28,5 @@ ehlo rhu.barb starttls_wait ??? 220 **** +millisleep 500 killdaemon diff --git a/test/scripts/2000-GnuTLS/2024 b/test/scripts/2000-GnuTLS/2024 index a2ad20446..307fde706 100644 --- a/test/scripts/2000-GnuTLS/2024 +++ b/test/scripts/2000-GnuTLS/2024 @@ -11,7 +11,7 @@ exim -DSERVER=server -bd -oX PORT_D munge gnutls_bad_clientcert client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 ??? 220 -ehlo rhu.barb +ehlo rhu1.barb ??? 250- ??? 250- ??? 250- @@ -20,6 +20,8 @@ ehlo rhu.barb ??? 250 starttls ??? 220 +nop +????554 **** killdaemon # @@ -28,7 +30,7 @@ exim -DSERVER=server -DCERT=/non/exist -bd -oX PORT_D **** client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 ??? 220 -ehlo rhu.barb +ehlo rhu2.barb ??? 250- ??? 250- ??? 250- diff --git a/test/scripts/2000-GnuTLS/2034 b/test/scripts/2000-GnuTLS/2034 index b03c60d93..c8654f1aa 100644 --- a/test/scripts/2000-GnuTLS/2034 +++ b/test/scripts/2000-GnuTLS/2034 @@ -5,7 +5,7 @@ exim -DSERVER=server -bd -oX PORT_D # timeout case client 127.0.0.1 PORT_D ??? 220 -ehlo rhu.barb +ehlo rhu1.barb ??? 250- ??? 250- ??? 250- @@ -20,7 +20,7 @@ starttls # bad TLS negotiation case client 127.0.0.1 PORT_D ??? 220 -ehlo rhu.barb +ehlo rhu2.barb ??? 250- ??? 250- ??? 250- @@ -31,4 +31,5 @@ starttls ??? 220 bogus **** +millisleep 500 killdaemon diff --git a/test/stdout/2014 b/test/stdout/2014 index cb24d0561..d29a3bd86 100644 --- a/test/stdout/2014 +++ b/test/stdout/2014 @@ -21,6 +21,8 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected Attempting to start TLS A TLS fatal alert has been received. Failed to start TLS +>>> nop +????554 End of script ### No certificate, certificate optional at TLS time, required by ACL Connecting to 127.0.0.1 port 1225 ... connected @@ -150,6 +152,8 @@ Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net Attempting to start TLS A TLS fatal alert has been received. Failed to start TLS +>>> nop +????554 End of script ### Bad certificate, certificate optional at TLS time, reject at ACL time Connecting to 127.0.0.1 port 1225 ... connected @@ -250,9 +254,9 @@ Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.exa Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 ->>> ehlo rhu.barb +>>> ehlo rhu9.barb ??? 250- -<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] +<<< 250-myhost.test.ex Hello rhu9.barb [ip4.ip4.ip4.ip4] ??? 250- <<< 250-SIZE 52428800 ??? 250- diff --git a/test/stdout/2015 b/test/stdout/2015 index 42fe5c0fd..bfef01151 100644 --- a/test/stdout/2015 +++ b/test/stdout/2015 @@ -1,9 +1,9 @@ Connecting to 127.0.0.1 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 ->>> ehlo rhu.barb +>>> ehlo timeout.rhu.barb ??? 250- -<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] +<<< 250-myhost.test.ex Hello timeout.rhu.barb [127.0.0.1] ??? 250- <<< 250-SIZE 52428800 ??? 250- @@ -24,9 +24,9 @@ End of script Connecting to 127.0.0.1 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 ->>> ehlo rhu.barb +>>> ehlo close.rhu.barb ??? 250- -<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] +<<< 250-myhost.test.ex Hello close.rhu.barb [127.0.0.1] ??? 250- <<< 250-SIZE 52428800 ??? 250- diff --git a/test/stdout/2024 b/test/stdout/2024 index b25f1c8f4..f2f660e59 100644 --- a/test/stdout/2024 +++ b/test/stdout/2024 @@ -3,9 +3,9 @@ Certificate file = aux-fixed/cert2 Key file = aux-fixed/cert2 ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 ->>> ehlo rhu.barb +>>> ehlo rhu1.barb ??? 250- -<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] +<<< 250-myhost.test.ex Hello rhu1.barb [ip4.ip4.ip4.ip4] ??? 250- <<< 250-SIZE 52428800 ??? 250- @@ -22,15 +22,17 @@ Key file = aux-fixed/cert2 Attempting to start TLS A TLS fatal alert has been received. Failed to start TLS +>>> nop +????554 End of script Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected Certificate file = aux-fixed/cert2 Key file = aux-fixed/cert2 ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 ->>> ehlo rhu.barb +>>> ehlo rhu2.barb ??? 250- -<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] +<<< 250-myhost.test.ex Hello rhu2.barb [ip4.ip4.ip4.ip4] ??? 250- <<< 250-SIZE 52428800 ??? 250- diff --git a/test/stdout/2034 b/test/stdout/2034 index 94531616d..19e959b8b 100644 --- a/test/stdout/2034 +++ b/test/stdout/2034 @@ -1,9 +1,9 @@ Connecting to 127.0.0.1 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 ->>> ehlo rhu.barb +>>> ehlo rhu1.barb ??? 250- -<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] +<<< 250-myhost.test.ex Hello rhu1.barb [127.0.0.1] ??? 250- <<< 250-SIZE 52428800 ??? 250- @@ -22,9 +22,9 @@ End of script Connecting to 127.0.0.1 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 ->>> ehlo rhu.barb +>>> ehlo rhu2.barb ??? 250- -<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] +<<< 250-myhost.test.ex Hello rhu2.barb [127.0.0.1] ??? 250- <<< 250-SIZE 52428800 ??? 250- -- 2.25.1