Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge pull request #602 from msimerson/fcrdns

fcrdns: handle a null hostname
  • Loading branch information...
commit 8807499908ed9e4619eca60f3a8410cb0441ed1b 2 parents 2f9ffa8 + 735311e
@smfreegard smfreegard authored
View
4 net_utils.js
@@ -126,10 +126,12 @@ exports.ip_to_long = function (ip) {
var d = ip.split('.');
return ((((((+d[0])*256)+(+d[1]))*256)+(+d[2]))*256)+(+d[3]);
}
-}
+};
exports.is_ip_in_str = function(ip, str) {
// Only IPv4 for now
+ if (!str) { return false; }
+ if (!ip) { return false; }
if (net.isIPv4(ip)) {
var host_part = (this.split_hostname(str,1))[0].toString();
var ip_split = ip.split('.');
View
32 plugins/connect.fcrdns.js
@@ -3,6 +3,21 @@ var dns = require('dns'),
utils = require('./utils'),
net_utils = require('./net_utils');
+exports.register = function () {
+ var plugin = this;
+ var load_config = function () {
+ plugin.cfg = plugin.config.get('connect.fcrdns.ini', {
+ booleans: [
+ '-reject.no_rdns',
+ '-reject.no_fcrdns',
+ '-reject.invalid_tld',
+ '-reject.generic_rdns',
+ ]
+ }, load_config);
+ };
+ load_config();
+};
+
exports.hook_lookup_rdns = function (next, connection) {
var plugin = this;
var rip = connection.remote_ip;
@@ -161,6 +176,7 @@ exports.check_fcrdns = function(connection, results, do_next) {
var plugin = this;
for (var fdom in results) { // mail.example.com
+ if (!fdom) continue;
var org_domain = net_utils.get_organizational_domain(fdom); // example.com
// Multiple domains?
@@ -195,6 +211,7 @@ exports.check_fcrdns = function(connection, results, do_next) {
exports.ptr_compare = function (ip_list, connection, domain) {
var plugin = this;
+ if (!ip_list) return false;
if (!ip_list.length) return false;
if (ip_list.indexOf(connection.remote_ip) !== -1) {
@@ -235,6 +252,8 @@ exports.save_auth_results = function (connection) {
exports.is_generic_rdns = function (connection, domain) {
var plugin = this;
// IP in rDNS? (Generic rDNS)
+ if (!domain) return false;
+
if (!net_utils.is_ip_in_str(connection.remote_ip, domain)) {
connection.results.add(plugin, {pass: 'is_generic_rdns'});
return false;
@@ -273,19 +292,6 @@ exports.log_summary = function (connection) {
exports.refresh_config = function (connection) {
var plugin = this;
- plugin.cfg = plugin.config.get('connect.fcrdns.ini', {
- booleans: [
- '-reject.no_rdns',
- '-reject.no_fcrdns',
- '-reject.invalid_tld',
- '-reject.generic_rdns',
- ]
- });
-
- var defaults = {
- timeout: 30,
- };
-
// allow rdns_acccess whitelist to override
if (connection.notes.rdns_access && connection.notes.rdns_access === 'white') {
plugin.cfg.reject.no_rdns = 0;
View
46 tests/plugins/connect.fcrdns.js
@@ -18,6 +18,7 @@ function _set_up(callback) {
this.plugin.config = config;
this.plugin.loginfo = stub();
this.plugin.logerror = stub();
+ this.plugin.register();
this.connection = Connection.createConnection();
this.connection.results = new ResultStore(this.connection);
@@ -36,11 +37,6 @@ function _tear_down(callback) {
exports.refresh_config = {
setUp : _set_up,
tearDown : _tear_down,
- 'none': function (test) {
- test.expect(1);
- test.equal(undefined, this.plugin.cfg);
- test.done();
- },
'defaults return': function (test) {
test.expect(4);
var r = this.plugin.refresh_config(this.connection);
@@ -211,6 +207,12 @@ exports.is_generic_rdns = {
test.equal(false, this.plugin.is_generic_rdns(this.connection, 'c-76-121-96-159.business.wa.comcast.net'));
test.done();
},
+ 'null': function (test) {
+ test.expect(1);
+ this.connection.remote_ip='192.168.1.1';
+ test.equal(false, this.plugin.is_generic_rdns(this.connection, null));
+ test.done();
+ },
};
exports.save_auth_results = {
@@ -255,3 +257,37 @@ exports.ptr_compare = {
test.done();
},
};
+
+exports.check_fcrdns = {
+ setUp : _set_up,
+ tearDown : _tear_down,
+ 'fail, tolerate': function (test) {
+ test.expect(1);
+ var cb = function (rc, msg) {
+ test.equal(rc, undefined);
+ test.done();
+ };
+ this.connection.remote_ip = '10.1.1.1';
+ this.connection.results.add(this.plugin, {
+ fcrdns: [], invalid_tlds: [], other_ips: [], ptr_names: [],
+ ptr_multidomain: false, has_rdns: false, ptr_name_has_ips: false,
+ ptr_name_to_ip: {},
+ });
+ this.plugin.check_fcrdns(this.connection, ['foo.example.com'], cb);
+ },
+ 'null host': function (test) {
+ // this result was experienced "in the wild"
+ test.expect(1);
+ var cb = function (rc, msg) {
+ test.equal(rc, undefined);
+ test.done();
+ };
+ this.connection.remote_ip = '10.1.1.1';
+ this.connection.results.add(this.plugin, {
+ fcrdns: [], invalid_tlds: [], other_ips: [], ptr_names: [],
+ ptr_multidomain: false, has_rdns: false, ptr_name_has_ips: false,
+ ptr_name_to_ip: {},
+ });
+ this.plugin.check_fcrdns(this.connection, ['foo.example.com','', null], cb);
+ },
+};
Please sign in to comment.
Something went wrong with that request. Please try again.