Archived
1
0

generate compliant From headers, more tolerance to non-compliant From headers, other fixups

This commit is contained in:
cathugger 2018-12-11 22:56:29 +00:00
parent 0994940ae3
commit 7e6f143108
No known key found for this signature in database
GPG Key ID: 9BADDA2DAF6F01A8
4 changed files with 51 additions and 26 deletions

View File

@ -19,6 +19,7 @@ import (
"log" "log"
"mime" "mime"
"net/http" "net/http"
"net/mail"
"strings" "strings"
"time" "time"
) )
@ -829,7 +830,10 @@ func (self *httpFrontend) handle_postRequest(pr *postRequest, b bannedFunc, e er
msgid = genMessageID(pr.Frontend) msgid = genMessageID(pr.Frontend)
} }
nntp.headers.Set("From", nntpSanitize(fmt.Sprintf("%s <poster@%s>", name, pr.Frontend))) nntp.headers.Set("From", (&mail.Address{
Name: name,
Address: "poster@" + pr.Frontend,
}).String())
nntp.headers.Set("Message-ID", msgid) nntp.headers.Set("Message-ID", msgid)
// set message // set message

View File

@ -135,7 +135,7 @@ func (self *nntpArticle) Reset() {
self.boundary = "" self.boundary = ""
self.message = "" self.message = ""
if self.attachments != nil { if self.attachments != nil {
for idx, _ := range self.attachments { for idx := range self.attachments {
self.attachments[idx].Reset() self.attachments[idx].Reset()
self.attachments[idx] = nil self.attachments[idx] = nil
} }
@ -156,7 +156,10 @@ func newPlaintextArticle(message, email, subject, name, instance, message_id, ne
nntp := &nntpArticle{ nntp := &nntpArticle{
headers: make(ArticleHeaders), headers: make(ArticleHeaders),
} }
nntp.headers.Set("From", fmt.Sprintf("%s <%s>", name, email)) nntp.headers.Set("From", (&mail.Address{
Name: name,
Address: email,
}).String())
nntp.headers.Set("Subject", subject) nntp.headers.Set("Subject", subject)
if isSage(subject) { if isSage(subject) {
nntp.headers.Set("X-Sage", "1") nntp.headers.Set("X-Sage", "1")
@ -296,18 +299,30 @@ func (self *nntpArticle) Newsgroup() string {
func (self *nntpArticle) Name() string { func (self *nntpArticle) Name() string {
const defname = "Anonymous" const defname = "Anonymous"
from := strings.TrimSpace(self.headers.Get("From", "")) from := strings.TrimSpace(self.headers.Get("From", ""))
if from == "" { if from == "" {
return defname return defname
} }
a, e := mail.ParseAddress(from) a, e := mail.ParseAddress(from)
var name string
if e != nil { if e != nil {
return fmt.Sprintf("[Invalid From header: %v]", e) // try older method - some nodes generate non-compliant stuff
if i := strings.IndexByte(from, '<'); i > 1 {
name = from[:i]
} else {
return "[Invalid From header]"
} }
name := strings.TrimSpace(a.Name) } else {
name = a.Name
}
name = safeHeader(name)
if name == "" { if name == "" {
return defname return defname
} }
return name return name
} }

View File

@ -550,13 +550,6 @@ func (self *nntpConnection) checkMIMEHeaderNoAuth(daemon *NNTPDaemon, hdr textpr
return return
} }
var overReplacer = strings.NewReplacer("\t", " ", "\n", " ", "\r", "", "\000", "")
// safeOver cleans string for OVER/XOVER output
func safeOver(s string) string {
return strings.TrimSpace(overReplacer.Replace(s))
}
func (self *nntpConnection) handleLine(daemon *NNTPDaemon, code int, line string, conn *textproto.Conn) (err error) { func (self *nntpConnection) handleLine(daemon *NNTPDaemon, code int, line string, conn *textproto.Conn) (err error) {
parts := strings.Split(line, " ") parts := strings.Split(line, " ")
var msgid string var msgid string
@ -935,11 +928,11 @@ func (self *nntpConnection) handleLine(daemon *NNTPDaemon, code int, line string
fmt.Fprintf(dw, fmt.Fprintf(dw,
"%.6d\t%s\t\"%s\" <%s@%s>\t%s\t%s\t%s\r\n", "%.6d\t%s\t\"%s\" <%s@%s>\t%s\t%s\t%s\r\n",
model.NNTPID(), model.NNTPID(),
safeOver(model.Subject()), safeHeader(model.Subject()),
safeOver(model.Name()), safeOver(model.Name()), safeOver(model.Frontend()), safeHeader(model.Name()), safeHeader(model.Name()), safeHeader(model.Frontend()),
safeOver(model.Date()), safeHeader(model.Date()),
safeOver(model.MessageID()), safeHeader(model.MessageID()),
safeOver(model.Reference())) safeHeader(model.Reference()))
} }
} }
} }

View File

@ -26,6 +26,7 @@ import (
"strconv" "strconv"
"strings" "strings"
"time" "time"
"unicode"
) )
func DelFile(fname string) { func DelFile(fname string) {
@ -161,6 +162,18 @@ func nntpSanitize(data string) (ret string) {
return ret return ret
} }
var safeHeaderReplacer = strings.NewReplacer(
"\t", " ",
"\n", string(unicode.ReplacementChar),
"\r", string(unicode.ReplacementChar),
"\000", string(unicode.ReplacementChar))
// safeHeader replaces dangerous stuff from header,
// also replaces space with tab for XOVER/OVER output
func safeHeader(s string) string {
return strings.TrimSpace(safeHeaderReplacer.Replace(s))
}
type int64Sorter []int64 type int64Sorter []int64
func (self int64Sorter) Len() int { func (self int64Sorter) Len() int {