You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jm...@apache.org on 2007/01/04 23:34:28 UTC
svn commit: r492784 - in /spamassassin/trunk: lib/Mail/SpamAssassin/Conf.pm
lib/Mail/SpamAssassin/Conf/Parser.pm
lib/Mail/SpamAssassin/Message/Metadata/Received.pm
lib/Mail/SpamAssassin/NetSet.pm t/trust_path.t
Author: jm
Date: Thu Jan 4 14:34:28 2007
New Revision: 492784
URL: http://svn.apache.org/viewvc?view=rev&rev=492784
Log:
bug 5259: revert vetoed change which made 127/8 always trusted and always internal
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
spamassassin/trunk/lib/Mail/SpamAssassin/Conf/Parser.pm
spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm
spamassassin/trunk/t/trust_path.t
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm?view=diff&rev=492784&r1=492783&r2=492784
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm Thu Jan 4 14:34:28 2007
@@ -635,11 +635,6 @@
will result in all those networks becoming trusted. To clear out the
existing entries, use C<clear_trusted_networks>.
-The loopback C<127/8> network (127.*.*.*) is always trusted, unless explicitly
-rendered untrusted using
-
- trusted_networks !127/8
-
If C<trusted_networks> is not set and C<internal_networks> is, the value
of C<internal_networks> will be used for this parameter.
@@ -692,7 +687,7 @@
setting => 'clear_trusted_networks',
code => sub {
my ($self, $key, $value, $line) = @_;
- $self->{trusted_networks} = $self->new_netset();
+ $self->{trusted_networks} = Mail::SpamAssassin::NetSet->new();
}
});
@@ -720,11 +715,6 @@
Every entry in C<internal_networks> must appear in C<trusted_networks>; in
other words, C<internal_networks> is always a subset of the trusted set.
-The loopback C<127/8> network (127.*.*.*) is always internal, unless explicitly
-rendered external using something like
-
- internal_networks !127/8
-
=cut
push (@cmds, {
@@ -750,7 +740,7 @@
setting => 'clear_internal_networks',
code => sub {
my ($self, $key, $value, $line) = @_;
- $self->{internal_networks} = $self->new_netset();
+ $self->{internal_networks} = Mail::SpamAssassin::NetSet->new();
}
});
@@ -2723,8 +2713,8 @@
$self->{more_spam_to} = { };
$self->{all_spam_to} = { };
- $self->{trusted_networks} = $self->new_netset();
- $self->{internal_networks} = $self->new_netset();
+ $self->{trusted_networks} = Mail::SpamAssassin::NetSet->new();
+ $self->{internal_networks} = Mail::SpamAssassin::NetSet->new();
# Make sure we add in X-Spam-Checker-Version
$self->{headers_spam}->{"Checker-Version"} =
@@ -3135,13 +3125,6 @@
delete $self->{source_file};
delete $self->{meta_dependencies};
}
-}
-
-sub new_netset {
- my ($self) = @_;
- my $set = Mail::SpamAssassin::NetSet->new();
- $set->add_cidr ('127/8');
- return $set;
}
###########################################################################
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Conf/Parser.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Conf/Parser.pm?view=diff&rev=492784&r1=492783&r2=492784
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Conf/Parser.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Conf/Parser.pm Thu Jan 4 14:34:28 2007
@@ -934,7 +934,7 @@
# check that all internal_networks are listed in trusted_networks
# too.
- if ($ni->get_num_nets() > 1 && $nt->get_num_nets() > 1) {
+ if ($ni->get_num_nets() > 0 && $nt->get_num_nets() > 0) {
my $replace_nets;
my @valid_ni = ();
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm?view=diff&rev=492784&r1=492783&r2=492784
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm Thu Jan 4 14:34:28 2007
@@ -82,19 +82,19 @@
my $in_trusted = 1;
my $in_internal = 1;
- if ($trusted->get_num_nets() > 1 && $internal->get_num_nets() > 1) {
+ if ($trusted->get_num_nets() > 0 && $internal->get_num_nets() > 0) {
# good; we can use both reliably.
}
- elsif ($trusted->get_num_nets() <= 1 && $internal->get_num_nets() > 1) {
+ elsif ($trusted->get_num_nets() <= 0 && $internal->get_num_nets() > 0) {
$trusted = $internal; # use 'internal' for 'trusted'
}
- elsif ($trusted->get_num_nets() > 1 && $internal->get_num_nets() <= 1) {
+ elsif ($trusted->get_num_nets() > 0 && $internal->get_num_nets() <= 0) {
# use 'trusted' for 'internal'; compatibility with SpamAssassin 2.60
$internal = $trusted;
}
- my $did_user_specify_trust = ($trusted->get_num_nets() > 1);
- my $did_user_specify_internal = ($internal->get_num_nets() > 1);
+ my $did_user_specify_trust = ($trusted->get_num_nets() > 0);
+ my $did_user_specify_internal = ($internal->get_num_nets() > 0);
my $IP_PRIVATE = IP_PRIVATE;
my $LOCALHOST = LOCALHOST;
@@ -146,11 +146,8 @@
}
} else {
# if the user didn't specify it, assume we immediately transition
- # to the external network (the internet) once we leave the
- # (default) internal IP list (127/8).
- if (!$internal->contains_ip ($relay->{ip})) {
- $in_internal = 0;
- }
+ # to the external network (the internet) once we leave this host.
+ $in_internal = 0;
}
# note: you can't be in internal networks, but not be in a trusted
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm?view=diff&rev=492784&r1=492783&r2=492784
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm Thu Jan 4 14:34:28 2007
@@ -73,34 +73,15 @@
}
$bits = 32 if (!defined $bits);
- my $mask = 0xFFffFFff ^ ((2 ** (32-$bits)) - 1);
- my $ipaton = (Mail::SpamAssassin::Util::my_inet_aton($ip) & $mask);
- # if this is the _exact_ opposite of an existing entry, then replace that
- # original entry with a no-op. (Don't just remove it, since the number of
- # entries found is used to determine if any were specified.)
- foreach my $i (0 .. (scalar @{$self->{nets}} - 1)) {
- my $ent = $self->{nets}->[$i];
-
- if (defined $ent->{ip}
- && $ipaton == $ent->{ip}
- && $mask == $ent->{mask}
- && $exclude == ($ent->{exclude} ? 0 : 1))
- {
- splice @{$self->{nets}}, $i, 1, {
- mask => undef,
- exclude => undef,
- ip => undef,
- as_string => "REMOVED"
- };
- next;
- }
- }
+ next if ($self->is_net_declared($ip, $bits, $exclude, 0));
+
+ my $mask = 0xFFffFFff ^ ((2 ** (32-$bits)) - 1);
push @{$self->{nets}}, {
mask => $mask,
exclude => $exclude,
- ip => $ipaton,
+ ip => (Mail::SpamAssassin::Util::my_inet_aton($ip) & $mask),
as_string => $_
};
$numadded++;
@@ -121,18 +102,12 @@
return 0 unless (defined $self->{nets});
- # a defined net always contains the 'REMOVED' one
- if (!defined $network && !defined $mask) {
- return 1;
- }
-
$exclude = 0 if (!defined $exclude);
$quiet = 0 if (!defined $quiet);
$declared = 0 if (!defined $declared);
foreach my $net (@{$self->{nets}}) {
# a net can not be contained by a (smaller) net with a larger mask
- next if (!defined $net->{ip});
next if ($net->{mask} > $mask);
# check to see if the new network is contained by the old network
@@ -169,9 +144,7 @@
$ip = Mail::SpamAssassin::Util::my_inet_aton($ip);
foreach my $net (@{$self->{nets}}) {
- if (defined $net->{ip} && ($ip & $net->{mask}) == $net->{ip}) {
- return !$net->{exclude};
- }
+ return !$net->{exclude} if (($ip & $net->{mask}) == $net->{ip});
}
0;
}
Modified: spamassassin/trunk/t/trust_path.t
URL: http://svn.apache.org/viewvc/spamassassin/trunk/t/trust_path.t?view=diff&rev=492784&r1=492783&r2=492784
==============================================================================
--- spamassassin/trunk/t/trust_path.t (original)
+++ spamassassin/trunk/t/trust_path.t Thu Jan 4 14:34:28 2007
@@ -18,7 +18,7 @@
use lib '.'; use lib 't';
use SATest; sa_t_init("trust_path");
-use Test; BEGIN { plan tests => 45 };
+use Test; BEGIN { plan tests => 24 };
use strict;
@@ -27,115 +27,6 @@
# ---------------------------------------------------------------------------
-# 127/8 implicitly trusted as default
-q{
-
- Received: from sender.net (127.0.1.2) by receiver.net
- with SMTP; 10 Nov 2005 00:00:00 -0000
-
-} => q{
-
-Trusted: [ ip=127.0.1.2 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= ]
-Untrusted:
-
-},
-
-# ---------------------------------------------------------------------------
-
-# 127/8 explicitly trusted
-q{
-
- trusted_networks 127/8
- Received: from sender.net (127.0.1.2) by receiver.net
- with SMTP; 10 Nov 2005 00:00:00 -0000
-
-} => q{
-
-Trusted: [ ip=127.0.1.2 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= ]
-Untrusted:
-
-},
-
-# 127/8 explicitly trusted along with others
-q{
-
- trusted_networks 127/8 1.2.2.1
- Received: from sender.net (127.0.1.2) by receiver.net
- with SMTP; 10 Nov 2005 00:00:00 -0000
-
-} => q{
-
-Trusted: [ ip=127.0.1.2 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= ]
-Untrusted:
-
-},
-
-# ---------------------------------------------------------------------------
-
-# 127/8 explicitly untrusted
-q{
-
- trusted_networks 1.2/16 !127/8
- internal_networks 1.2/16 !127/8
- Received: from sender.net (127.0.1.2) by receiver.net
- with SMTP; 10 Nov 2005 00:00:00 -0000
-
-} => q{
-
-Trusted:
-Untrusted: [ ip=127.0.1.2 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=0 id= auth= ]
-
-},
-
-# ---------------------------------------------------------------------------
-
-# 127/8 implicitly trusted
-q{
-
- trusted_networks 1.2/16
- Received: from sender.net (127.0.1.2) by receiver.net
- with SMTP; 10 Nov 2005 00:00:00 -0000
-
-} => q{
-
-Trusted: [ ip=127.0.1.2 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= ]
-Untrusted:
-
-},
-
-# ---------------------------------------------------------------------------
-
-# trusted, then not
-q{
-
- trusted_networks 1.2/16 !1.2/16
- Received: from sender.net (1.2.3.2) by receiver.net
- with SMTP; 10 Nov 2005 00:00:00 -0000
-
-} => q{
-
-Trusted:
-Untrusted: [ ip=1.2.3.2 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=0 id= auth= ]
-
-},
-
-# ---------------------------------------------------------------------------
-
-q{
-
- trusted_networks 1.2/16
- Received: from sender.net (1.1.1.2) by receiver.net
- with SMTP; 10 Nov 2005 00:00:00 -0000
-
-} => q{
-
-Trusted:
-Untrusted: [ ip=1.1.1.2 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=0 id= auth= ]
-
-},
-
-# ---------------------------------------------------------------------------
-
q{
trusted_networks 1.1/16
@@ -290,12 +181,10 @@
"clear_trusted_networks\n".
"clear_internal_networks\n";
- if ($hdrs =~ s/^\s*(trusted_networks\s+[^\n]*)//gs) {
- $conf .= $1."\n";
- }
- if ($hdrs =~ s/^\s*(internal_networks\s+[^\n]*)//gs) {
- if ($1) { $conf .= $1."\n"; }
- }
+ $hdrs =~ s/^\s*(trusted_networks\s+[^\n]*)//gs;
+ if ($1) { $conf .= $1."\n"; }
+ $hdrs =~ s/^\s*(internal_networks\s+[^\n]*)//gs;
+ if ($1) { $conf .= $1."\n"; }
tstprefs ($conf);
@@ -339,7 +228,7 @@
print "expected: $expected\n";
print "got : $relays\n\n";
- # die "dying on first test failure";
+ die "dying on first test failure";
}
$status->finish();