summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/fuzzy_storage.c68
-rw-r--r--src/libutil/addr.c10
-rw-r--r--src/lua/lua_ip.c15
-rw-r--r--src/rspamd.c2
4 files changed, 67 insertions, 28 deletions
diff --git a/src/fuzzy_storage.c b/src/fuzzy_storage.c
index 569b6112e..385018565 100644
--- a/src/fuzzy_storage.c
+++ b/src/fuzzy_storage.c
@@ -252,6 +252,10 @@ rspamd_fuzzy_check_ratelimit (struct fuzzy_session *session)
struct rspamd_leaky_bucket_elt *elt;
ev_tstamp now;
+ if (!session->addr) {
+ return TRUE;
+ }
+
if (session->ctx->ratelimit_whitelist != NULL) {
if (rspamd_match_radix_map_addr (session->ctx->ratelimit_whitelist,
session->addr) != NULL) {
@@ -358,7 +362,7 @@ rspamd_fuzzy_check_write (struct fuzzy_session *session)
return FALSE;
}
- if (session->ctx->update_ips != NULL) {
+ if (session->ctx->update_ips != NULL && session->addr) {
if (rspamd_match_radix_map_addr (session->ctx->update_ips,
session->addr) == NULL) {
return FALSE;
@@ -870,7 +874,12 @@ rspamd_fuzzy_check_callback (struct rspamd_fuzzy_reply *result, void *ud)
/* function */
lua_rawgeti (L, LUA_REGISTRYINDEX, session->ctx->lua_post_handler_cbref);
/* client IP */
- rspamd_lua_ip_push (L, session->addr);
+ if (session->addr) {
+ rspamd_lua_ip_push(L, session->addr);
+ }
+ else {
+ lua_pushnil (L);
+ }
/* client command */
lua_pushinteger (L, cmd->cmd);
/* command value (push as rspamd_text) */
@@ -1114,7 +1123,7 @@ rspamd_fuzzy_process_command (struct fuzzy_session *session)
return;
}
- if (session->key_stat) {
+ if (session->key_stat && session->addr) {
ip_stat = rspamd_lru_hash_lookup (session->key_stat->last_ips,
session->addr, -1);
@@ -1575,6 +1584,13 @@ fuzzy_session_destroy (gpointer d)
#define MSGVEC_LEN 1
#endif
+union sa_union {
+ struct sockaddr sa;
+ struct sockaddr_in s4;
+ struct sockaddr_in6 s6;
+ struct sockaddr_un su;
+ struct sockaddr_storage ss;
+};
/*
* Accept new connection and construct task
*/
@@ -1587,7 +1603,7 @@ accept_fuzzy_socket (EV_P_ ev_io *w, int revents)
guint64 *nerrors;
struct iovec iovs[MSGVEC_LEN];
guint8 bufs[MSGVEC_LEN][FUZZY_INPUT_BUFLEN];
- struct sockaddr_storage peer_sa[MSGVEC_LEN];
+ union sa_union peer_sa[MSGVEC_LEN];
socklen_t salen = sizeof (peer_sa[0]);
#ifdef HAVE_RECVMMSG
#define MSG_FIELD(msg, field) msg.msg_hdr.field
@@ -1643,13 +1659,17 @@ accept_fuzzy_socket (EV_P_ ev_io *w, int revents)
for (int i = 0; i < r; i ++) {
rspamd_inet_addr_t *client_addr;
- client_addr = rspamd_inet_address_from_sa (MSG_FIELD(msg[i], msg_name),
- MSG_FIELD(msg[i], msg_namelen));
-
- if (!rspamd_fuzzy_check_client (worker->ctx, client_addr)) {
- /* Disallow forbidden clients silently */
- rspamd_inet_address_free (client_addr);
- continue;
+ if (MSG_FIELD(msg[i], msg_namelen) >= sizeof(struct sockaddr)) {
+ client_addr = rspamd_inet_address_from_sa(MSG_FIELD(msg[i], msg_name),
+ MSG_FIELD(msg[i], msg_namelen));
+ if (!rspamd_fuzzy_check_client (worker->ctx, client_addr)) {
+ /* Disallow forbidden clients silently */
+ rspamd_inet_address_free (client_addr);
+ continue;
+ }
+ }
+ else {
+ client_addr = NULL;
}
session = g_malloc0 (sizeof (*session));
@@ -1676,18 +1696,20 @@ accept_fuzzy_socket (EV_P_ ev_io *w, int revents)
session->ctx->stat.invalid_requests ++;
msg_debug ("invalid fuzzy command of size %z received", r);
- nerrors = rspamd_lru_hash_lookup (session->ctx->errors_ips,
- session->addr, -1);
-
- if (nerrors == NULL) {
- nerrors = g_malloc (sizeof (*nerrors));
- *nerrors = 1;
- rspamd_lru_hash_insert (session->ctx->errors_ips,
- rspamd_inet_address_copy(session->addr, NULL),
- nerrors, -1, -1);
- }
- else {
- *nerrors = *nerrors + 1;
+ if (session->addr) {
+ nerrors = rspamd_lru_hash_lookup(session->ctx->errors_ips,
+ session->addr, -1);
+
+ if (nerrors == NULL) {
+ nerrors = g_malloc(sizeof(*nerrors));
+ *nerrors = 1;
+ rspamd_lru_hash_insert(session->ctx->errors_ips,
+ rspamd_inet_address_copy(session->addr, NULL),
+ nerrors, -1, -1);
+ }
+ else {
+ *nerrors = *nerrors + 1;
+ }
}
}
diff --git a/src/libutil/addr.c b/src/libutil/addr.c
index d5502fce0..63e92c801 100644
--- a/src/libutil/addr.c
+++ b/src/libutil/addr.c
@@ -1060,6 +1060,13 @@ rspamd_inet_address_connect (const rspamd_inet_addr_t *addr, gint type,
if (addr->af == AF_UNIX) {
sa = (const struct sockaddr *)&addr->u.un->addr;
+
+ struct sockaddr_un ssun;
+ strcpy(ssun.sun_path, tmpnam(NULL));
+ ssun.sun_len = SUN_LEN(&ssun);
+ ssun.sun_family = AF_UNIX;
+ /* Also bind unix client sockets to allow unconnected reply from that side */
+ r = bind (fd, &ssun, ssun.sun_len);
}
else {
sa = &addr->u.in.addr.sa;
@@ -1249,6 +1256,9 @@ rspamd_inet_address_sendto (gint fd, const void *buf, gsize len, gint fl,
const struct sockaddr *sa;
if (addr == NULL) {
+#ifdef EADDRNOTAVAIL
+ errno = EADDRNOTAVAIL;
+#endif
return -1;
}
diff --git a/src/lua/lua_ip.c b/src/lua/lua_ip.c
index ad2e2e8b0..8abb91a1e 100644
--- a/src/lua/lua_ip.c
+++ b/src/lua/lua_ip.c
@@ -588,11 +588,16 @@ rspamd_lua_ip_push (lua_State *L, rspamd_inet_addr_t *addr)
{
struct rspamd_lua_ip *ip, **pip;
- ip = g_malloc0 (sizeof (struct rspamd_lua_ip));
- ip->addr = rspamd_inet_address_copy(addr, NULL);
- pip = lua_newuserdata (L, sizeof (struct rspamd_lua_ip *));
- rspamd_lua_setclass (L, "rspamd{ip}", -1);
- *pip = ip;
+ if (addr) {
+ ip = g_malloc0(sizeof(struct rspamd_lua_ip));
+ ip->addr = rspamd_inet_address_copy(addr, NULL);
+ pip = lua_newuserdata(L, sizeof(struct rspamd_lua_ip *));
+ rspamd_lua_setclass(L, "rspamd{ip}", -1);
+ *pip = ip;
+ }
+ else {
+ lua_pushnil (L);
+ }
}
void
diff --git a/src/rspamd.c b/src/rspamd.c
index 230206add..3779e7f8e 100644
--- a/src/rspamd.c
+++ b/src/rspamd.c
@@ -451,6 +451,8 @@ systemd_get_socket (struct rspamd_main *rspamd_main, const gchar *fdname)
union {
struct sockaddr_storage ss;
struct sockaddr sa;
+ struct sockaddr_un sun;
+ struct sockaddr_in6 s6;
} addr_storage;
socklen_t slen = sizeof (addr_storage);
gint stype;