Merge pull request #157 from jaredj/add-p0f-headers

Add some p0f results to message headers
This commit is contained in:
Matt Simerson 2014-11-21 14:59:21 -08:00
commit ea2f1e89dd
2 changed files with 56 additions and 0 deletions

View File

@ -107,6 +107,18 @@ Example entry:
ident/p0f /tmp/.p0f_socket smite_os windows
=head2 add_headers <true|false>
Add message headers with p0f data
ident/p0f [ add_headers (true|false) ]
Example entry disabling header addition
ident/p0f /tmp/.p0f_socket add_headers false
Default: true
=head1 Environment requirements
p0f v3 requires only the remote IP.
@ -154,6 +166,10 @@ sub register {
foreach (keys %args) {
$self->{_args}->{$_} = $args{$_};
}
my $enabled = $self->{_args}{add_headers};
$enabled = 'true' if ! defined $enabled;
return if $enabled =~ /false/i;
$self->register_hook( data_post => 'add_headers' );
}
sub hook_connect {
@ -174,6 +190,21 @@ sub hook_connect {
return DECLINED;
}
sub add_headers {
my ( $self, $txn ) = @_;
my $p0f = $self->connection->notes('p0f') or return DECLINED;
$self->add_p0f_header( 'X-P0F-Genre' => $p0f->{genre} );
$self->add_p0f_header( 'X-P0F-Link-Type' => $p0f->{link_type} );
return DECLINED;
}
sub add_p0f_header {
my ( $self, $tag, $value ) = @_;
return if ! $value;
$self->transaction->header->delete( $tag );
$self->transaction->header->add( $tag, $value, 0 );
}
sub get_v2_query {
my $self = shift;

View File

@ -8,12 +8,37 @@ use Qpsmtpd::Constants;
sub register_tests {
my $self = shift;
$self->register_test('test_add_headers');
$self->register_test('test_get_v2_query');
$self->register_test('test_get_v3_query');
$self->register_test('test_store_v2_results');
$self->register_test('test_store_v3_results');
}
sub test_add_headers {
my ( $self ) = @_;
$self->connection->notes( 'p0f',
{
genre => 'test genre',
link_type => 'test link_type',
}
);
my $header = $self->transaction->header( Mail::Header->new );
my @tags = (qw( X-P0F-Genre X-P0F-Link-Type ));
$header->add( $_ => 'DELETETHIS' ) for @tags;
$self->add_headers($self->transaction);
is( $self->all_headers('X-P0F-Genre'), 'test genre',
'X-P0F-Genre header added' );
is( $self->all_headers('X-P0F-Link-Type'), 'test link_type',
'X-P0F-Link-Type header added' );
}
sub all_headers {
# Return all instances of a given message header
my ( $self, $tag ) = @_;
return join " | ", map { chomp $_; $_ } $self->transaction->header->get($tag);
}
sub test_query_p0f_v2 {
#TODO
# get path to p0f socket