Skip to content

Commit

Permalink
[Fix] Lua_auth_results: Quote potentially bad values in AR header
Browse files Browse the repository at this point in the history
  • Loading branch information
@vstakhov
vstakhov committed Oct 12, 2020
1 parent 1296520 commit 7b8f580
Showing 1 changed file with 18 additions and 16 deletions.
34 changes: 18 additions & 16 deletions lualib/lua_auth_results.lua
View file
Expand Up @@ -16,6 +16,7 @@ limitations under the License.
]]--

local rspamd_util = require "rspamd_util"
local lua_util = require "lua_util"

local default_settings = {
spf_symbols = {
Expand Down Expand Up @@ -127,19 +128,19 @@ local function gen_auth_results(task, settings)
hdr[1] = string.format('dkim=%s', ar_string)

if dres.fail_reason then
hdr[#hdr + 1] = string.format('(%s)', dres.fail_reason)
hdr[#hdr + 1] = string.format('(%s)', lua_util.maybe_smtp_quote_value(dres.fail_reason))
end

if dres.domain then
hdr[#hdr + 1] = string.format('header.d=%s', dres.domain)
hdr[#hdr + 1] = string.format('header.d=%s', lua_util.maybe_smtp_quote_value(dres.domain))
end

if dres.selector then
hdr[#hdr + 1] = string.format('header.s=%s', dres.selector)
hdr[#hdr + 1] = string.format('header.s=%s', lua_util.maybe_smtp_quote_value(dres.selector))
end

if dres.bhash then
hdr[#hdr + 1] = string.format('header.b=%s', dres.bhash)
hdr[#hdr + 1] = string.format('header.b=%s', lua_util.maybe_smtp_quote_value(dres.bhash))
end

table.insert(hdr_parts, table.concat(hdr, ' '))
Expand All @@ -161,52 +162,53 @@ local function gen_auth_results(task, settings)
if key == 'reject' or key == 'quarantine' or key == 'softfail' then
hdr = hdr .. 'fail'
else
hdr = hdr .. key
hdr = hdr .. lua_util.maybe_smtp_quote_value(key)
end
if key == 'pass' then
hdr = hdr .. ' (policy=' .. opts[2] .. ')'
hdr = hdr .. ' header.from=' .. opts[1]
hdr = hdr .. ' (policy=' .. lua_util.maybe_smtp_quote_value(opts[2]) .. ')'
hdr = hdr .. ' header.from=' .. lua_util.maybe_smtp_quote_value(opts[1])
elseif key ~= 'none' then
local t = {opts[1]:match('^([^%s]+) : (.*)$')}
if #t > 0 then
local dom = t[1]
local rsn = t[2]
if rsn then
hdr = hdr .. ' reason="' .. rsn .. '"'
hdr = hdr .. ' reason="' .. lua_util.maybe_smtp_quote_value(rsn) .. '"'
end
hdr = hdr .. ' header.from=' .. dom
hdr = hdr .. ' header.from=' .. lua_util.maybe_smtp_quote_value(dom)
end
if key == 'softfail' then
hdr = hdr .. ' (policy=none)'
else
hdr = hdr .. ' (policy=' .. key .. ')'
hdr = hdr .. ' (policy=' .. lua_util.maybe_smtp_quote_value(key) .. ')'
end
end
table.insert(hdr_parts, hdr)
elseif auth_type == 'arc' then
if common.symbols[auth_types['arc'][key]][1] then
local opts = common.symbols[auth_types['arc'][key]][1]['options'] or {}
for _, v in ipairs(opts) do
hdr = hdr .. auth_type .. '=' .. key .. ' (' .. v .. ')'
hdr = string.format('%s%s=%s (%s)', hdr, auth_type,
lua_util.maybe_smtp_quote_value(key), lua_util.maybe_smtp_quote_value(v))
table.insert(hdr_parts, hdr)
end
end
elseif auth_type == 'spf' then
-- Main type
local sender
local sender_type
local smtp_from = task:get_from('smtp')
local smtp_from = lua_util.maybe_smtp_quote_value(task:get_from('smtp'))

if smtp_from and
smtp_from[1] and
smtp_from[1]['addr'] ~= '' and
smtp_from[1]['addr'] ~= nil then
sender = smtp_from[1]['addr']
sender = lua_util.maybe_smtp_quote_value(smtp_from[1]['addr'])
sender_type = 'smtp.mailfrom'
else
local helo = task:get_helo()
if helo then
sender = helo
sender = lua_util.maybe_smtp_quote_value(helo)
sender_type = 'smtp.helo'
end
end
Expand Down Expand Up @@ -252,10 +254,10 @@ local function gen_auth_results(task, settings)
local hdr = {[1] = 'auth=pass'}

if settings['add_smtp_user'] then
table.insert(hdr,'smtp.auth=' .. u)
table.insert(hdr,'smtp.auth=' .. lua_util.maybe_smtp_quote_value(u))
end
if smtp_from[1]['addr'] then
table.insert(hdr,'smtp.mailfrom=' .. smtp_from[1]['addr'])
table.insert(hdr,'smtp.mailfrom=' .. lua_util.maybe_smtp_quote_value(smtp_from[1]['addr']))
end

table.insert(hdr_parts, table.concat(hdr,' '))
Expand Down

0 comments on commit 7b8f580

Please sign in to comment.