diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-07-25 23:58:32 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-07-26 00:00:43 +0100 |
| commit | f1e494e0021f2efbc346a24727b8ebc66733e4b2 (patch) | |
| tree | d3998db070127eccf1bd018e871466f8674a3581 | |
| parent | afaf5a50b05810d75c1f7ae9d1cd83697815a997 (diff) | |
GnuTLS: in server, detect TCP RST from client after QUIT under SSL,
and log different message (under new log_selector)
| -rw-r--r-- | doc/doc-txt/experimental-spec.txt | 2 | ||||
| -rw-r--r-- | src/src/tls-gnu.c | 24 |
2 files changed, 20 insertions, 6 deletions
diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt index e4a9301c3..47cd93f3d 100644 --- a/doc/doc-txt/experimental-spec.txt +++ b/doc/doc-txt/experimental-spec.txt @@ -672,7 +672,7 @@ Logging protocol unusual states An extra log_selector, "protocol_detail" has been added in the default build. The name may change in future, hence the Experimenal status. -Currrently the only effect is to enable logging, under OpenSSL, +Currrently the only effect is to enable logging, under TLS, of a TCP RST received directly after a QUIT (in server mode). Outlook is consistently doing this; not waiting for the SMTP response diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index 6308f10df..013d9c0e8 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -429,9 +429,7 @@ msg = rc == GNUTLS_E_FATAL_ALERT_RECEIVED US gnutls_alert_get_name(gnutls_alert_get(state->session))) #ifdef GNUTLS_E_PREMATURE_TERMINATION : rc == GNUTLS_E_PREMATURE_TERMINATION && errno - ? errno == ECONNRESET /* Outlook does this to us right after sending us QUIT */ - ? string_sprintf("syscall: %s", strerror(errno)) - : string_sprintf("%s: syscall: %s", US gnutls_strerror(rc), strerror(errno)) + ? string_sprintf("%s: syscall: %s", US gnutls_strerror(rc), strerror(errno)) #endif : US gnutls_strerror(rc); @@ -3396,8 +3394,24 @@ while (left > 0) if (outbytes < 0) { - DEBUG(D_tls) debug_printf("%s: gnutls_record_send err\n", __FUNCTION__); - record_io_error(state, outbytes, US"send", NULL); +#ifdef GNUTLS_E_PREMATURE_TERMINATION + if ( outbytes == GNUTLS_E_PREMATURE_TERMINATION && errno == ECONNRESET + && !ct_ctx && f.smtp_in_quit + ) + { /* Outlook, dammit */ + if (LOGGING(protocol_detail)) + log_write(0, LOG_MAIN, "[%s] after QUIT, client reset TCP before" + " SMTP response and TLS close\n", sender_host_address); + else + DEBUG(D_tls) debug_printf("[%s] SSL_write: after QUIT," + " client reset TCP before TLS close\n", sender_host_address); + } + else +#endif + { + DEBUG(D_tls) debug_printf("%s: gnutls_record_send err\n", __FUNCTION__); + record_io_error(state, outbytes, US"send", NULL); + } return -1; } if (outbytes == 0) |