Skip to content

net/smtp: parse EHLO extension keywords case-insensitively#80039

Open
alitavanaei98-droid wants to merge 1 commit into
golang:masterfrom
alitavanaei98-droid:smtp-ehlo-case-insensitive
Open

net/smtp: parse EHLO extension keywords case-insensitively#80039
alitavanaei98-droid wants to merge 1 commit into
golang:masterfrom
alitavanaei98-droid:smtp-ehlo-case-insensitive

Conversation

@alitavanaei98-droid

Copy link
Copy Markdown

RFC 5321 requires EHLO keywords to be recognized case-insensitively. Normalize extension names to upper case when parsing the EHLO response so Extension, StartTLS, and other callers detect capabilities advertised with mixed case (for example "starttls").

Fixes #78749

Change-Id: I72350651fe8bc8508c075e60bfa0eb884ac75de9

This PR will be imported into Gerrit with the title and first
comment (this text) used to generate the subject and body of
the Gerrit change.

Please ensure you adhere to every item in this list.

More info can be found at https://go.dev/wiki/CommitMessage

  • The PR title is formatted as follows: net/http: frob the quux before blarfing
    • The package name goes before the colon
    • The part after the colon uses the verb tense + phrase that completes the blank in,
      "This change modifies Go to ___________"
    • Lowercase verb after the colon
    • No trailing period
    • Keep the title as short as possible, ideally 72 characters or shorter
  • No Markdown
  • The first PR comment (this one) is wrapped at around 72 characters, unless it's
    really needed (ASCII art, table, or long link)
  • If there is a corresponding issue, add either Fixes #1234 or Updates #1234
    (the latter if this is not a complete fix) to this comment
  • If referring to a repo other than golang/go you can use the
    owner/repo#issue_number syntax: Fixes golang/vscode-go#1234
  • We do not use Signed-off-by lines in Go. Please don't add them.
    Our Gerrit server & GitHub bots enforce CLA compliance instead.
  • Delete these instructions once you have read and applied them

RFC 5321 requires EHLO keywords to be recognized case-insensitively.
Normalize extension names to upper case when parsing the EHLO response
so Extension, StartTLS, and other callers detect capabilities advertised
with mixed case (for example "starttls").

Fixes golang#78749

Change-Id: I72350651fe8bc8508c075e60bfa0eb884ac75de9
@gopherbot

Copy link
Copy Markdown
Contributor

This PR (HEAD: 0588715) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/go/+/791600.

Important tips:

  • Don't comment on this PR. All discussion takes place in Gerrit.
  • You need a Gmail or other Google account to log in to Gerrit.
  • To change your code in response to feedback:
    • Push a new commit to the branch used by your GitHub PR.
    • A new "patch set" will then appear in Gerrit.
    • Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
    • Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
    • Multiple commits in the PR will be squashed by GerritBot.
  • The title and description of the GitHub PR are used to construct the final commit message.
    • Edit these as needed via the GitHub web interface (not via Gerrit or git).
    • You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
  • See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

@gopherbot

Copy link
Copy Markdown
Contributor

Message from Gopher Robot:

Patch Set 1:

(1 comment)


Please don’t reply on this GitHub thread. Visit golang.org/cl/791600.
After addressing review feedback, remember to publish your drafts!

@gopherbot

Copy link
Copy Markdown
Contributor

Message from Gopher Robot:

Patch Set 1:

Congratulations on opening your first change. Thank you for your contribution!

Next steps:
A maintainer will review your change and provide feedback. See
https://go.dev/doc/contribute#review for more info and tips to get your
patch through code review.

Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.

During May-July and Nov-Jan the Go project is in a code freeze, during which
little code gets reviewed or merged. If a reviewer responds with a comment like
R=go1.11 or adds a tag like "wait-release", it means that this CL will be
reviewed as part of the next development cycle. See https://go.dev/s/release
for more details.


Please don’t reply on this GitHub thread. Visit golang.org/cl/791600.
After addressing review feedback, remember to publish your drafts!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

net/smtp: harden against STARTTLS case-sensitivity downgrade

2 participants