Merge pull request #81 from msimerson/helo

helo: added IPv6 support to invalid_localhost
This commit is contained in:
Matt Simerson 2014-09-10 16:15:16 -07:00
commit 8b7a7973ae
3 changed files with 36 additions and 30 deletions

View File

@ -152,7 +152,7 @@ sub connect_handler {
return DECLINED if $self->is_immune(); return DECLINED if $self->is_immune();
# run a couple cheap tests before the more expensive DNS tests # run a couple cheap tests before the more expensive DNS tests
foreach my $test (qw/ invalid_localhost is_not_fqdn /) { foreach my $test (qw/ is_valid_localhost is_not_fqdn /) {
$self->$test() or return DECLINED; $self->$test() or return DECLINED;
} }
@ -163,19 +163,24 @@ sub connect_handler {
return DECLINED; return DECLINED;
} }
sub invalid_localhost { sub is_valid_localhost {
my ($self) = @_; my ($self) = @_;
return 1 if lc $self->qp->connection->remote_host ne 'localhost';
if ( $self->qp->connection->remote_ip ne '127.0.0.1' if (Qpsmtpd::Utils->is_localhost($self->qp->connection->remote_ip)) {
&& $self->qp->connection->remote_ip ne '::1') $self->adjust_karma(1);
{ $self->log(LOGDEBUG, "pass, is localhost");
$self->adjust_karma(-1); return 1;
$self->log(LOGINFO, "fail, not localhost"); };
return;
} my $rh = $self->qp->connection->remote_host;
$self->adjust_karma(1); if ($rh && lc $self->qp->connection->remote_host eq 'localhost') {
$self->log(LOGDEBUG, "pass, is localhost"); $self->log(LOGDEBUG, "pass, remote_host is localhost");
return 1; return 1;
};
$self->adjust_karma(-1);
$self->log(LOGINFO, "fail, not localhost");
return;
} }
sub is_not_fqdn { sub is_not_fqdn {

View File

@ -339,12 +339,14 @@ sub is_regex_match {
sub invalid_localhost { sub invalid_localhost {
my ($self, $host) = @_; my ($self, $host) = @_;
return if lc $host ne 'localhost'; if (Qpsmtpd::Utils->is_localhost($self->qp->connection->remote_ip)) {
my $ip = $self->qp->connection->remote_ip;
if ($ip && ($ip eq '127.0.0.1' || $ip eq '::1')) {
$self->log(LOGDEBUG, "pass, is localhost"); $self->log(LOGDEBUG, "pass, is localhost");
return; return;
} }
if ($host && lc $host eq 'localhost') {
$self->log(LOGDEBUG, "pass, host is localhost");
return;
};
#$self->log( LOGINFO, "fail, not localhost" ); #$self->log( LOGINFO, "fail, not localhost" );
return ("You are not localhost", "invalid localhost"); return ("You are not localhost", "invalid localhost");

View File

@ -11,7 +11,7 @@ sub register_tests {
$self->register_test('test_init_resolver', 2); $self->register_test('test_init_resolver', 2);
$self->register_test('test_is_in_badhelo', 2); $self->register_test('test_is_in_badhelo', 2);
$self->register_test('test_is_regex_match', 3); $self->register_test('test_is_regex_match', 3);
$self->register_test('test_invalid_localhost', 5); $self->register_test('test_invalid_localhost', 8);
$self->register_test('test_is_plain_ip', 3); $self->register_test('test_is_plain_ip', 3);
$self->register_test('test_is_address_literal', 3); $self->register_test('test_is_address_literal', 3);
$self->register_test('test_no_forward_dns', 2); $self->register_test('test_no_forward_dns', 2);
@ -50,7 +50,7 @@ sub test_is_regex_match {
my ($err, $why) = $self->is_regex_match('yahoo.com', 'ya.oo\.com$' ); my ($err, $why) = $self->is_regex_match('yahoo.com', 'ya.oo\.com$' );
ok( $err, "yahoo.com, $why"); ok( $err, "yahoo.com, $why");
($err, $why) = $self->is_regex_match('yoda.com', 'ya.oo\.com$' ); ($err, $why) = $self->is_regex_match('yoda.com', 'ya.oo\.com$' );
ok( ! $err, "yahoo.com"); ok( ! $err, "yahoo.com");
@ -61,21 +61,20 @@ sub test_is_regex_match {
sub test_invalid_localhost { sub test_invalid_localhost {
my $self = shift; my $self = shift;
$self->qp->connection->remote_ip(undef); my ($err, $why);
my ($err, $why) = $self->invalid_localhost('localhost' ); foreach my $ip ( undef, '', '192.0.99.5' ) {
ok( $err, "localhost, undefined remote IP: $why"); $self->qp->connection->remote_ip(undef);
($err, $why) = $self->invalid_localhost('localhost' );
$self->qp->connection->remote_ip(''); ok(!$err, "host: localhost, remote ip: $ip");
($err, $why) = $self->invalid_localhost('localhost' );
ok( $err, "localhost, empty remote IP: $why");
$self->qp->connection->remote_ip('192.0.99.5'); $self->qp->connection->remote_ip(undef);
($err, $why) = $self->invalid_localhost('localhost'); ($err, $why) = $self->invalid_localhost('not-localhost');
ok( $err, "localhost, invalid remote IP: $why"); ok($err, "host: not-localhost, remote ip: $ip");
};
foreach my $ip (qw/ ::1 127.0.0.1 / ) { foreach my $ip (qw/ ::1 127.0.0.1 / ) {
$self->qp->connection->remote_ip($ip); $self->qp->connection->remote_ip($ip);
($err, $why) = $self->invalid_localhost('localhost'); ($err, $why) = $self->invalid_localhost('not-localhost');
ok( ! $err, "localhost, correct remote IP ($ip)"); ok( ! $err, "localhost, correct remote IP ($ip)");
} }
}; };
@ -111,7 +110,7 @@ sub test_no_forward_dns {
my ($err, $why) = $self->no_forward_dns('perl.org'); my ($err, $why) = $self->no_forward_dns('perl.org');
ok( ! $err, "perl.org"); ok( ! $err, "perl.org");
# reserved .test TLD: http://tools.ietf.org/html/rfc2606 # reserved .test TLD: http://tools.ietf.org/html/rfc2606
($err, $why) = $self->no_forward_dns('perl.org.test'); ($err, $why) = $self->no_forward_dns('perl.org.test');
ok( $err, "test.perl.org.test"); ok( $err, "test.perl.org.test");