From 95a24ff47020b0b7f08ec2872057408db7a0b691 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Fri, 25 Oct 2019 09:30:11 +0100
Subject: [PATCH] [Feature] Spf: Add limits configuration support

---
 src/plugins/spf.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/src/plugins/spf.c b/src/plugins/spf.c
index 841d74e2c..119d79b69 100644
--- a/src/plugins/spf.c
+++ b/src/plugins/spf.c
@@ -62,6 +62,10 @@ struct spf_ctx {
 
 	gboolean check_local;
 	gboolean check_authed;
+
+	guint max_dns_nesting;
+	guint max_dns_requests;
+	guint min_cache_ttl;
 };
 
 static void spf_symbol_callback (struct rspamd_task *task,
@@ -99,6 +103,9 @@ spf_module_init (struct rspamd_config *cfg, struct module_ctx **ctx)
 	spf_module_ctx = rspamd_mempool_alloc0 (cfg->cfg_pool,
 			sizeof (*spf_module_ctx));
 	*ctx = (struct module_ctx *)spf_module_ctx;
+	spf_module_ctx->min_cache_ttl = SPF_MIN_CACHE_TTL;
+	spf_module_ctx->max_dns_nesting = SPF_MAX_NESTING;
+	spf_module_ctx->max_dns_requests = SPF_MAX_DNS_REQUESTS;
 
 	rspamd_rcl_add_doc_by_path (cfg,
 			NULL,
@@ -192,6 +199,34 @@ spf_module_init (struct rspamd_config *cfg, struct module_ctx **ctx)
 			NULL,
 			0);
 
+	rspamd_rcl_add_doc_by_path (cfg,
+			"spf",
+			"Minimum cached records TTL, 0 to disable (default: 5min)",
+			"min_cache_ttl",
+			UCL_INT,
+			NULL,
+			RSPAMD_CL_FLAG_UINT,
+			NULL,
+			0);
+	rspamd_rcl_add_doc_by_path (cfg,
+			"spf",
+			"Maximum number of nested requests (default: " G_STRINGIFY(SPF_MAX_NESTING) ")",
+			"max_dns_nesting",
+			UCL_INT,
+			NULL,
+			RSPAMD_CL_FLAG_UINT,
+			NULL,
+			0);
+	rspamd_rcl_add_doc_by_path (cfg,
+			"spf",
+			"Maximum number of dns requests to resolve SPF (default: " G_STRINGIFY(SPF_MAX_DNS_REQUESTS) ")",
+			"max_dns_requests",
+			UCL_INT,
+			NULL,
+			RSPAMD_CL_FLAG_UINT,
+			NULL,
+			0);
+
 	return 0;
 }
 
@@ -292,6 +327,23 @@ spf_module_config (struct rspamd_config *cfg)
 		cache_size = DEFAULT_CACHE_SIZE;
 	}
 
+	if ((value =
+				 rspamd_config_get_module_opt (cfg, "spf", "min_cache_ttl")) != NULL) {
+		spf_module_ctx->min_cache_ttl = ucl_obj_toint (value);
+	}
+	if ((value =
+				  rspamd_config_get_module_opt (cfg, "spf", "max_dns_nesting")) != NULL) {
+		spf_module_ctx->max_dns_nesting = ucl_obj_toint (value);
+	}
+	if ((value =
+				 rspamd_config_get_module_opt (cfg, "spf", "max_dns_requests")) != NULL) {
+		spf_module_ctx->max_dns_requests = ucl_obj_toint (value);
+	}
+
+	spf_library_config (spf_module_ctx->max_dns_nesting,
+			spf_module_ctx->max_dns_requests,
+			spf_module_ctx->min_cache_ttl);
+
 	if ((value =
 		rspamd_config_get_module_opt (cfg, "spf", "whitelist")) != NULL) {
 
-- 
2.39.5