From 8595ae99f9dad524fbf0816ff6528343e7dc4190 Mon Sep 17 00:00:00 2001 From: op Date: Wed, 8 Apr 2026 12:04:56 +0000 Subject: [PATCH] EHLO must reset the transaction MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RFC5321 ยง4.1.4 states that an EHLO command MAY be issued by a client later in the session and, if it's acceptable, it MUST clear all buffers and reset the state exactly as if a RSET command was issued. discussed with / okay martijn@ --- usr.sbin/smtpd/smtp_session.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c index 00bac7ede04..8fa48d6c635 100644 --- a/usr.sbin/smtpd/smtp_session.c +++ b/usr.sbin/smtpd/smtp_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtp_session.c,v 1.447 2026/03/26 18:43:40 op Exp $ */ +/* $OpenBSD: smtp_session.c,v 1.448 2026/04/08 12:04:56 op Exp $ */ /* * Copyright (c) 2008 Gilles Chehade @@ -1422,13 +1422,6 @@ smtp_check_ehlo(struct smtp_session *s, const char *args) return 0; } - if (s->helo[0]) { - smtp_reply(s, "503 %s %s: Already identified", - esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), - esc_description(ESC_INVALID_COMMAND)); - return 0; - } - if (args == NULL) { smtp_reply(s, "501 %s %s: EHLO requires domain name", esc_code(ESC_STATUS_PERMFAIL, ESC_INVALID_COMMAND), @@ -1770,6 +1763,13 @@ smtp_proceed_ehlo(struct smtp_session *s, const char *args) s->flags |= SF_EHLO; s->flags |= SF_8BITMIME; + /* EHLO should behave like a RSET */ + if (s->tx) { + if (s->tx->msgid) + smtp_tx_rollback(s->tx); + smtp_tx_free(s->tx); + } + smtp_report_link_identify(s, "EHLO", s->helo); smtp_enter_state(s, STATE_HELO);