backporting security fix of issue 9129 (smtpd module vulnerable to DoS attacks in case of connection bashing)
diff --git a/Lib/smtpd.py b/Lib/smtpd.py
index c3bd6a5..94bd8e6 100755
--- a/Lib/smtpd.py
+++ b/Lib/smtpd.py
@@ -121,7 +121,15 @@
self.__rcpttos = []
self.__data = ''
self.__fqdn = socket.getfqdn()
- self.__peer = conn.getpeername()
+ try:
+ self.__peer = conn.getpeername()
+ except socket.error as err:
+ # a race condition may occur if the other end is closing
+ # before we can get the peername
+ self.close()
+ if err.args[0] != errno.ENOTCONN:
+ raise
+ return
print >> DEBUGSTREAM, 'Peer:', repr(self.__peer)
self.push('220 %s %s' % (self.__fqdn, __version__))
self.set_terminator('\r\n')
@@ -291,7 +299,20 @@
localaddr, remoteaddr)
def handle_accept(self):
- conn, addr = self.accept()
+ try:
+ conn, addr = self.accept()
+ except TypeError:
+ # sometimes accept() might return None
+ return
+ except socket.error as err:
+ # ECONNABORTED might be thrown
+ if err.args[0] != errno.ECONNABORTED:
+ raise
+ return
+ else:
+ # sometimes addr == None instead of (ip, port)
+ if addr == None:
+ return
print >> DEBUGSTREAM, 'Incoming connection from %s' % repr(addr)
channel = SMTPChannel(self, conn, addr)