Permalink
Browse files

Preempt SPF queries

  • Loading branch information...
1 parent b9f41a6 commit fa85c712fad9f04647215e08f2219f2bef0a736f @andrenth committed Jun 28, 2012
Showing with 55 additions and 69 deletions.
  1. +3 −1 _oasis
  2. +6 −7 _tags
  3. +1 −0 lib_test/test.ml
  4. +4 −32 setup.ml
  5. +39 −27 src/policy.ml
  6. +2 −2 src/spf_slave.ml
View
4 _oasis
@@ -39,12 +39,14 @@ Executable "spf-slave"
BuildDepends: spf,
str,
unix,
+ threads,
uint.uint32,
uint.uint128,
release,
lwt,
lwt.unix,
- lwt.syntax
+ lwt.syntax,
+ lwt.preemptive
Executable spf_test
Path: lib_test
View
13 _tags
@@ -1,5 +1,5 @@
# OASIS_START
-# DO NOT EDIT (digest: 49dee584e93d7b1c34bc9adcf227f405)
+# DO NOT EDIT (digest: 2ef7a905deefe83c079671bf685681cc)
# Library spf
"lib": include
<lib/*.ml{,i}>: oasis_library_spf_ccopt
@@ -15,22 +15,20 @@
<src/spf_slave.{native,byte}>: pkg_unix
<src/spf_slave.{native,byte}>: pkg_uint.uint32
<src/spf_slave.{native,byte}>: pkg_uint.uint128
+<src/spf_slave.{native,byte}>: pkg_threads
<src/spf_slave.{native,byte}>: pkg_str
<src/spf_slave.{native,byte}>: pkg_release
<src/spf_slave.{native,byte}>: pkg_lwt.unix
<src/spf_slave.{native,byte}>: pkg_lwt.syntax
+<src/spf_slave.{native,byte}>: pkg_lwt.preemptive
<src/spf_slave.{native,byte}>: pkg_lwt
+<src/*.ml{,i}>: pkg_threads
+<src/*.ml{,i}>: pkg_lwt.preemptive
# Executable spf_test
<lib_test/test.{native,byte}>: use_spf
<lib_test/test.{native,byte}>: pkg_unix
<lib_test/*.ml{,i}>: use_spf
<lib_test/*.ml{,i}>: pkg_unix
-# Executable postfix-policyd-spf-ocaml
-<src/policyd.{native,byte}>: use_spf
-<src/policyd.{native,byte}>: pkg_unix
-<src/policyd.{native,byte}>: pkg_uint.uint32
-<src/policyd.{native,byte}>: pkg_uint.uint128
-<src/policyd.{native,byte}>: pkg_str
# Executable spfd
<src/spfd.{native,byte}>: use_spf
<src/spfd.{native,byte}>: pkg_unix
@@ -53,5 +51,6 @@
# OASIS_STOP
<*/*.ml>: annot
<*/*.ml>: warn_error
+<src/policy.ml>: syntax_camlp4o
<src/spfd.ml>: syntax_camlp4o
<src/spf_slave.ml>: syntax_camlp4o
View
@@ -39,6 +39,7 @@ let () =
(Spf.received_spf r)
(Spf.received_spf_value r)
(Spf.header_comment r);
+ printf ">>>\n%!";
match Spf.result r with
| Spf.Neutral c
| Spf.Fail c
View
@@ -1,7 +1,7 @@
(* setup.ml generated for the first time by OASIS v0.2.0 *)
(* OASIS_START *)
-(* DO NOT EDIT (digest: 90cde8cd14daa3629a88c9f270c20285) *)
+(* DO NOT EDIT (digest: 5b0e8de0abca789ef65ba3f01ae8a901) *)
(*
Regenerated by OASIS v0.2.0
Visit http://oasis.forge.ocamlcore.org for more information and
@@ -5058,12 +5058,14 @@ let setup_t =
InternalLibrary "spf";
FindlibPackage ("str", None);
FindlibPackage ("unix", None);
+ FindlibPackage ("threads", None);
FindlibPackage ("uint.uint32", None);
FindlibPackage ("uint.uint128", None);
FindlibPackage ("release", None);
FindlibPackage ("lwt", None);
FindlibPackage ("lwt.unix", None);
- FindlibPackage ("lwt.syntax", None)
+ FindlibPackage ("lwt.syntax", None);
+ FindlibPackage ("lwt.preemptive", None)
];
bs_build_tools = [ExternalTool "ocamlbuild"];
bs_c_sources = [];
@@ -5103,36 +5105,6 @@ let setup_t =
{exec_custom = false; exec_main_is = "test.ml"; });
Executable
({
- cs_name = "postfix-policyd-spf-ocaml";
- cs_data = PropList.Data.create ();
- cs_plugin_data = [];
- },
- {
- bs_build = [(OASISExpr.EBool true, true)];
- bs_install = [(OASISExpr.EBool true, true)];
- bs_path = "src";
- bs_compiled_object = Best;
- bs_build_depends =
- [
- InternalLibrary "spf";
- FindlibPackage ("str", None);
- FindlibPackage ("unix", None);
- FindlibPackage ("uint.uint32", None);
- FindlibPackage ("uint.uint128", None)
- ];
- bs_build_tools = [ExternalTool "ocamlbuild"];
- bs_c_sources = [];
- bs_data_files = [];
- bs_ccopt = [(OASISExpr.EBool true, [])];
- bs_cclib = [(OASISExpr.EBool true, [])];
- bs_dlllib = [(OASISExpr.EBool true, [])];
- bs_dllpath = [(OASISExpr.EBool true, [])];
- bs_byteopt = [(OASISExpr.EBool true, [])];
- bs_nativeopt = [(OASISExpr.EBool true, [])];
- },
- {exec_custom = false; exec_main_is = "policyd.ml"; });
- Executable
- ({
cs_name = "spfd";
cs_data = PropList.Data.create ();
cs_plugin_data = [];
View
@@ -1,3 +1,4 @@
+open Lwt
open Printf
type response
@@ -14,7 +15,7 @@ type cache =
; mutable timestamp : float
}
-type handler = string * (Postfix.attrs -> cache -> response)
+type handler = (Postfix.attrs -> cache -> response Lwt.t)
let new_cache_entry instance =
{ instance = instance
@@ -42,13 +43,12 @@ let exempt_localhost attrs cache =
let addr = attrs.Postfix.client_address in
if addr <> "" && List.mem (Unix.inet_addr_of_string addr) localhost_addresses
then
- Prepend "X-Comment: SPF not applicable to localhost connection"
+ return (Prepend "X-Comment: SPF not applicable to localhost connection")
else
- Dunno
+ return Dunno
let relay_addresses =
- [ "187.73.32.128/25"
- ]
+ [ "187.73.32.128/25" ]
let exempt_relay attrs cache =
let addr = attrs.Postfix.client_address in
@@ -63,9 +63,9 @@ let exempt_relay attrs cache =
Prepend "X-Comment: SPF skipped for whitelisted relay"
else
exempt rest in
- exempt relay_addresses
+ return (exempt relay_addresses)
else
- Dunno
+ return Dunno
let spf_server = Spf.server Spf.Dns_cache
@@ -128,41 +128,53 @@ let handle_from_response cache =
end else
Dunno
+let check_helo server addr helo =
+ Lwt_preemptive.detach (fun () -> Spf.check_helo server addr helo) ()
+
let process_helo client_addr helo_name sender cache =
- (if cache.helo_response = None then
- let res = Spf.check_helo spf_server client_addr helo_name in
- let res = unbox_spf_response res in
- cache.helo_response <- Some res);
- handle_helo_response sender cache
+ lwt () = if cache.helo_response = None then begin
+ lwt res = check_helo spf_server client_addr helo_name in
+ let res' = unbox_spf_response res in
+ cache.helo_response <- Some res';
+ return ()
+ end else
+ return () in
+ return (handle_helo_response sender cache)
+
+let check_from server addr helo sender =
+ Lwt_preemptive.detach (fun () -> Spf.check_from server addr helo sender) ()
let process_from client_addr helo_name sender cache =
- (if cache.from_response = None then
- let res = Spf.check_from spf_server client_addr helo_name sender in
+ lwt () = if cache.from_response = None then begin
+ lwt res = check_from spf_server client_addr helo_name sender in
let res = unbox_spf_response res in
- cache.from_response <- Some res);
- handle_from_response cache
+ cache.from_response <- Some res;
+ return ()
+ end else
+ return () in
+ return (handle_from_response cache)
let sender_policy_framework attrs cache =
let client_addr = attrs.Postfix.client_address in
let helo_name = attrs.Postfix.helo_name in
let sender = attrs.Postfix.sender in
let addr = Unix.inet_addr_of_string client_addr in
- match process_helo addr helo_name sender cache with
+ match_lwt process_helo addr helo_name sender cache with
| Dunno -> process_from addr helo_name sender cache
- | other -> other
+ | other -> return other
let handlers =
- [ "exempt_localhost", exempt_localhost
- ; "exempt_relay", exempt_relay
- ; "sender_policy_framework", sender_policy_framework
+ [ exempt_localhost
+ ; exempt_relay
+ ; sender_policy_framework
]
let rec until p f z = function
| [] ->
- z
+ return z
| h::t ->
- let x = f h in
- if p x then x else until p f z t
+ lwt x = f h in
+ if p x then return x else until p f z t
let get_cache instance =
match !results_cache with
@@ -179,15 +191,15 @@ let get_cache instance =
cache
end
-let handle attrs cache (name, handler) =
+let handle attrs cache handler =
handler attrs cache
let handle_attrs attrs =
let cache = get_cache attrs.Postfix.instance in
let not_default = ((<>) default_response) in
- let response =
+ lwt response =
until not_default (handle attrs cache) default_response handlers in
- string_of_response response
+ return (string_of_response response)
let lookup_timeout =
string_of_response (Defer_if_permit "SPF-Result=Timeout handling SPF lookup")
View
@@ -63,8 +63,8 @@ let spf_handler fd =
| None ->
return ()
| Some attrs ->
- let action = sprintf "action=%s\n\n" (Policy.handle_attrs attrs) in
- Release_io.write fd (B.of_string action)
+ lwt action = Policy.handle_attrs attrs in
+ Release_io.write fd (B.of_string (sprintf "action=%s\n\n" action))
let main fd =
ignore (Lwt_unix.on_signal Sys.sigterm handle_sigterm);

0 comments on commit fa85c71

Please sign in to comment.