aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2017-03-10 15:19:32 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2017-03-10 16:06:30 +0000
commit087dcad963c1e39f9cbeb7d6d166de33eccf62ce (patch)
treeba23f877dcea373d0992507413acf062cd043a0e
parent57df6d019a3b99c8a49e73b4ea4bbc0ff4086b91 (diff)
downloadrspamd-087dcad963c1e39f9cbeb7d6d166de33eccf62ce.tar.gz
rspamd-087dcad963c1e39f9cbeb7d6d166de33eccf62ce.zip
[Fix] Do not use local_addrs in proxy
-rw-r--r--src/libutil/addr.c5
-rw-r--r--src/libutil/addr.h3
-rw-r--r--src/lua/lua_ip.c9
-rw-r--r--src/plugins/dkim_check.c3
-rw-r--r--src/plugins/spf.c3
-rw-r--r--src/rspamd_proxy.c5
6 files changed, 20 insertions, 8 deletions
diff --git a/src/libutil/addr.c b/src/libutil/addr.c
index 27ccbc4db..463706aea 100644
--- a/src/libutil/addr.c
+++ b/src/libutil/addr.c
@@ -1664,7 +1664,8 @@ rspamd_inet_address_equal (gconstpointer a, gconstpointer b)
#endif
gboolean
-rspamd_inet_address_is_local (const rspamd_inet_addr_t *addr)
+rspamd_inet_address_is_local (const rspamd_inet_addr_t *addr,
+ gboolean check_laddrs)
{
if (addr == NULL) {
return FALSE;
@@ -1689,7 +1690,7 @@ rspamd_inet_address_is_local (const rspamd_inet_addr_t *addr)
}
}
- if (local_addrs) {
+ if (check_laddrs && local_addrs) {
if (radix_find_compressed_addr (local_addrs, addr) != RADIX_NO_VALUE) {
return TRUE;
}
diff --git a/src/libutil/addr.h b/src/libutil/addr.h
index 2d31e4f23..a50786adc 100644
--- a/src/libutil/addr.h
+++ b/src/libutil/addr.h
@@ -274,7 +274,8 @@ gboolean rspamd_inet_address_equal (gconstpointer a, gconstpointer b);
/**
* Returns TRUE if an address belongs to some local address
*/
-gboolean rspamd_inet_address_is_local (const rspamd_inet_addr_t *addr);
+gboolean rspamd_inet_address_is_local (const rspamd_inet_addr_t *addr,
+ gboolean check_laddrs);
/**
* Returns size of storage required to store a complete IP address
diff --git a/src/lua/lua_ip.c b/src/lua/lua_ip.c
index 0086e2b7a..6499a657d 100644
--- a/src/lua/lua_ip.c
+++ b/src/lua/lua_ip.c
@@ -496,9 +496,16 @@ static gint
lua_ip_is_local (lua_State *L)
{
struct rspamd_lua_ip *ip = lua_check_ip (L, 1);
+ gboolean check_laddrs = TRUE;
if (ip && ip->addr) {
- lua_pushboolean (L, rspamd_inet_address_is_local (ip->addr));
+
+ if (lua_type (L, 2) == LUA_TBOOLEAN) {
+ check_laddrs = lua_toboolean (L, 2);
+ }
+
+ lua_pushboolean (L, rspamd_inet_address_is_local (ip->addr,
+ check_laddrs));
}
else {
lua_pushnil (L);
diff --git a/src/plugins/dkim_check.c b/src/plugins/dkim_check.c
index 11d6f2c9a..808b19f17 100644
--- a/src/plugins/dkim_check.c
+++ b/src/plugins/dkim_check.c
@@ -858,7 +858,8 @@ dkim_symbol_callback (struct rspamd_task *task, void *unused)
/* First check if plugin should be enabled */
if ((!dkim_module_ctx->check_authed && task->user != NULL)
- || (!dkim_module_ctx->check_local && rspamd_inet_address_is_local (task->from_addr))) {
+ || (!dkim_module_ctx->check_local &&
+ rspamd_inet_address_is_local (task->from_addr, TRUE))) {
msg_info_task ("skip DKIM checks for local networks and authorized users");
return;
}
diff --git a/src/plugins/spf.c b/src/plugins/spf.c
index a3103d699..aa63c8018 100644
--- a/src/plugins/spf.c
+++ b/src/plugins/spf.c
@@ -557,7 +557,8 @@ spf_symbol_callback (struct rspamd_task *task, void *unused)
}
if ((!spf_module_ctx->check_authed && task->user != NULL)
- || (!spf_module_ctx->check_local && rspamd_inet_address_is_local (task->from_addr))) {
+ || (!spf_module_ctx->check_local &&
+ rspamd_inet_address_is_local (task->from_addr, TRUE))) {
msg_info_task ("skip SPF checks for local networks and authorized users");
return;
}
diff --git a/src/rspamd_proxy.c b/src/rspamd_proxy.c
index ea8964d85..8be244229 100644
--- a/src/rspamd_proxy.c
+++ b/src/rspamd_proxy.c
@@ -1074,7 +1074,8 @@ proxy_open_mirror_connections (struct rspamd_proxy_session *session)
}
if (m->local ||
- rspamd_inet_address_is_local (rspamd_upstream_addr (bk_conn->up))) {
+ rspamd_inet_address_is_local (
+ rspamd_upstream_addr (bk_conn->up), FALSE)) {
if (session->fname) {
rspamd_http_message_add_header (msg, "File", session->fname);
@@ -1278,7 +1279,7 @@ retry:
if (backend->local ||
rspamd_inet_address_is_local (
- rspamd_upstream_addr (session->master_conn->up))) {
+ rspamd_upstream_addr (session->master_conn->up), FALSE)) {
if (session->fname) {
rspamd_http_message_add_header (msg, "File", session->fname);