gboolean one_shot_mode; /**< rules add only one symbol */
gboolean check_text_attachements; /**< check text attachements as text */
gboolean convert_config; /**< convert config to XML format */
+ gboolean strict_protocol_headers; /**< strictly check protocol headers */
gsize max_diff; /**< maximum diff size for text parts */
G_STRUCT_OFFSET (struct config_file, history_file), RSPAMD_CL_FLAG_STRING_PATH);
rspamd_rcl_add_default_handler (sub, "use_mlock", rspamd_rcl_parse_struct_boolean,
G_STRUCT_OFFSET (struct config_file, mlock_statfile_pool), 0);
+ rspamd_rcl_add_default_handler (sub, "strict_protocol_headers", rspamd_rcl_parse_struct_boolean,
+ G_STRUCT_OFFSET (struct config_file, strict_protocol_headers), 0);
/**
* Metric section
}
else {
msg_info ("wrong header: %s", headern);
- return FALSE;
+ res = FALSE;
}
break;
case 'd':
task->from_addr.ipv6 = TRUE;
}
else {
- msg_info ("bad ip header: '%s'", tmp);
+ msg_err ("bad ip header: '%s'", tmp);
return FALSE;
}
task->from_addr.has_addr = TRUE;
task->from_addr.ipv6 = TRUE;
}
else {
- msg_info ("bad ip header: '%s'", tmp);
+ msg_err ("bad ip header: '%s'", tmp);
return FALSE;
}
}
}
#else
if (!inet_aton (tmp, &task->from_addr)) {
- msg_info ("bad ip header: '%s'", tmp);
+ msg_err ("bad ip header: '%s'", tmp);
return FALSE;
}
#endif
}
break;
default:
- if (!task->is_http) {
- msg_info ("wrong header: %s", headern);
- res = FALSE;
- }
+ msg_info ("wrong header: %s", headern);
+ res = FALSE;
+ break;
}
- return res || task->is_http;
+ if (!res && task->cfg->strict_protocol_headers) {
+ msg_err ("deny processing of a request with incorrect or unknown headers");
+ return FALSE;
+ }
+
+ return TRUE;
}
gboolean
projects / rspamd.git / commitdiff