coppertone 0.0.1

data/lib/coppertone/dns/resolv_client.rb

@@ -0,0 +1,110 @@
+require 'resolv'
+require 'resolv/dns/resource/in/spf'
+
+module Coppertone
+  module DNS
+    # An adapter client for the internal Resolv DNS client.
+    class ResolvClient
+      def fetch_a_records(domain)
+        fetch_a_type_records(domain, 'A')
+      end
+
+      def fetch_aaaa_records(domain)
+        fetch_a_type_records(domain, 'AAAA')
+      end
+
+      def fetch_mx_records(domain)
+        fetch_records(domain, 'MX') do |record|
+          {
+            type: 'MX',
+            exchange: record.exchange.to_s
+          }
+        end
+      end
+
+      def fetch_ptr_records(arpa_address)
+        fetch_records(arpa_address, 'PTR') do |record|
+          {
+            type: 'PTR',
+            name: record.name.to_s
+          }
+        end
+      end
+
+      def fetch_txt_records(domain)
+        fetch_txt_type_records(domain, 'TXT')
+      end
+
+      def fetch_spf_records(domain)
+        fetch_txt_type_records(domain, 'SPF')
+      end
+
+      private
+
+      def fetch_a_type_records(domain, type)
+        fetch_records(domain, type) do |record|
+          {
+            type: type,
+            address: record.address.to_s
+          }
+        end
+      end
+
+      def fetch_txt_type_records(domain, type)
+        fetch_records(domain, type) do |record|
+          {
+            type: type,
+            # Use strings.join('') to avoid JRuby issue where
+            # data only returns the first string
+            text: record.strings.join('')
+          }
+        end
+      end
+
+      def fetch_records(domain, type, &block)
+        records = dns_lookup(domain, type)
+        records.map(&block)
+      end
+
+      TRAILING_DOT_REGEXP = /\.\z/
+      def normalize_domain(domain)
+        (domain.sub(TRAILING_DOT_REGEXP, '') || domain).downcase
+      end
+
+      def dns_lookup(domain, rr_type)
+        domain = normalize_domain(domain)
+        resources = getresources(domain, rr_type)
+
+        unless resources
+          fail Coppertone::DNS::Error,
+               "Unknown error on DNS '#{rr_type}' lookup of '#{domain}'"
+        end
+
+        resources
+      end
+
+      def getresources(domain, rr_type)
+        rr_class = self.class.type_class(rr_type)
+        dns_resolver.getresources(domain, rr_class)
+      rescue Resolv::ResolvTimeout
+        raise Coppertone::DNS::TimeoutError,
+              "Time-out on DNS '#{rr_type}' lookup of '#{domain}'"
+      rescue Resolv::ResolvError
+        raise Coppertone::DNS::Error, "Error on DNS lookup of '#{domain}'"
+      end
+
+      SUPPORTED_RR_TYPES = %w(A AAAA MX PTR TXT SPF)
+      def self.type_class(rr_type)
+        if SUPPORTED_RR_TYPES.include?(rr_type)
+          Resolv::DNS::Resource::IN.const_get(rr_type)
+        else
+          fail ArgumentError, "Unknown RR type: #{rr_type}"
+        end
+      end
+
+      def dns_resolver
+        @dns_resolver ||= Resolv::DNS.new
+      end
+    end
+  end
+end

data/lib/coppertone/dns.rb

@@ -0,0 +1,3 @@
+require 'coppertone/dns/error'
+require 'coppertone/dns/resolv_client'
+require 'coppertone/dns/mock_client'

data/lib/coppertone/domain_spec.rb

@@ -0,0 +1,45 @@
+require 'coppertone/macro_string'
+require 'coppertone/utils'
+
+module Coppertone
+  # A domain spec, as defined in the SPF specification.
+  class DomainSpec < MacroString
+    def initialize(s)
+      begin
+        super
+      rescue Coppertone::MacroStringParsingError
+        raise Coppertone::DomainSpecParsingError
+      end
+      validate_domain_spec_restrictions
+    end
+
+    def validate_domain_spec_restrictions
+      return if only_allowed_macros? && ends_in_allowed_term?
+      fail Coppertone::DomainSpecParsingError
+    end
+
+    EXP_ONLY_MACRO_LETTERS = %w(c r t)
+    def only_allowed_macros?
+      @macros.select { |m| m.is_a?(Coppertone::MacroString::MacroExpand) }
+             .none? { |m| EXP_ONLY_MACRO_LETTERS.include?(m.macro_letter) }
+    end
+
+    def ends_in_allowed_term?
+      lm = @macros.last
+      return true unless lm
+      return false if lm.is_a?(Coppertone::MacroString::MacroStaticExpand)
+      return true if lm.is_a?(Coppertone::MacroString::MacroExpand)
+      ends_with_top_label?
+    end
+
+    def ends_with_top_label?
+      ends_with = @macros.last.to_s
+      ends_with = ends_with[0..-2] if ends_with[-1] == '.'
+      _, match, tail = ends_with.rpartition('.')
+      return false if match.blank?
+      hostname = Coppertone::Utils::DomainUtils.valid_hostname_label?(tail)
+      return false unless hostname
+      true
+    end
+  end
+end

data/lib/coppertone/error.rb

@@ -0,0 +1,29 @@
+module Coppertone
+  class Error < ::StandardError
+  end
+
+  class TemperrorError < Coppertone::Error; end
+  class PermerrorError < Coppertone::Error; end
+
+  class InvalidSenderError < Coppertone::Error; end
+  class MissingNameError < Coppertone::PermerrorError; end
+  class MissingQualifierError < Coppertone::PermerrorError; end
+
+  class MacroStringParsingError < Coppertone::PermerrorError; end
+  class DomainSpecParsingError < MacroStringParsingError; end
+
+  class RecordParsingError < Coppertone::PermerrorError; end
+  class InvalidMechanismError < Coppertone::RecordParsingError; end
+  class InvalidModifierError < Coppertone::RecordParsingError; end
+
+  class MissingSpfRecordError < Coppertone::Error; end
+  class AmbiguousSpfRecordError < Coppertone::PermerrorError; end
+
+  class NoneIncludeResultError < Coppertone::PermerrorError; end
+  class InvalidRedirectError < Coppertone::PermerrorError; end
+
+  class LimitExceededError < Coppertone::PermerrorError; end
+  class TermLimitExceededError < PermerrorError; end
+  class VoidLimitExceededError < PermerrorError; end
+  class MXLimitExceededError < PermerrorError; end
+end

data/lib/coppertone/ip_address_wrapper.rb

@@ -0,0 +1,75 @@
+require 'ipaddr'
+
+module Coppertone
+  # A wrapper class for the IP address of the SMTP client that is emitting
+  # the email and is being validated by the SPF process.  This class
+  # contains a number of helper methods designed to support the use
+  # of IPs in mechanism evaluation and macro string evaluation.
+  #
+  # Note: This class should only be used with a single IP address, and
+  # will fail if passed an address with a prefix
+  class IPAddressWrapper
+    attr_reader :string_representation, :ip
+    def initialize(s)
+      @ip = self.class.parse(s)
+      fail ArgumentError unless @ip
+      @string_representation = s
+    end
+
+    def self.parse(s)
+      return nil unless s
+      return nil if s.index('/')
+      ip_addr = IPAddr.new(s)
+      normalize_ip(ip_addr)
+    rescue IPAddr::InvalidAddressError
+      nil
+    end
+
+    def self.normalize_ip(parsed_ip)
+      return parsed_ip unless parsed_ip && parsed_ip.ipv6?
+      parsed_ip.ipv4_mapped? ? parsed_ip.native : parsed_ip
+    end
+
+    def to_dotted_notation
+      if original_ipv6?
+        format('%.32x', @ip.to_i).split(//).join('.').upcase
+      elsif original_ipv4?
+        @ip.to_s
+      end
+    end
+    alias_method :i, :to_dotted_notation
+
+    def to_human_readable
+      @ip.to_s
+    end
+    alias_method :c, :to_human_readable
+
+    def v
+      original_ipv4? ? 'in-addr' : 'ip6'
+    end
+
+    def p
+      fail NotImplementedError
+    end
+
+    def ip_v4
+      original_ipv4? ? @ip : nil
+    end
+
+    def ip_v6
+      original_ipv6? ? @ip : nil
+    end
+
+    def original_ipv4?
+      @ip.ipv4?
+    end
+
+    def original_ipv6?
+      @ip.ipv6?
+    end
+
+    def to_s
+      @string_representation
+    end
+  end
+end

data/lib/coppertone/macro_context.rb

@@ -0,0 +1,67 @@
+require 'active_support/core_ext/module/delegation'
+require 'addressable/uri'
+require 'ostruct'
+require 'uri'
+
+module Coppertone
+  # A context used to evaluate MacroStrings.  Responds to all of the
+  # macro letter directives.
+  class MacroContext
+    attr_reader :domain, :ip_address_wrapper, :sender_identity, :helo_domain
+
+    delegate :s, :l, :o, to: :sender_identity
+    alias_method :d, :domain
+    delegate :i, :p, :v, :c, to: :ip_address_wrapper
+    delegate :ip_v4, :ip_v6, :original_ipv4?, :original_ipv6?,
+             to: :ip_address_wrapper
+    alias_method :h, :helo_domain
+
+    attr_reader :hostname
+    def initialize(domain, ip_as_s, sender, helo_domain = 'unknown',
+                   options = {})
+      @ip_address_wrapper = IPAddressWrapper.new(ip_as_s)
+      @sender_identity = SenderIdentity.new(sender)
+      @domain = domain || @sender_identity.domain
+      @helo_domain = helo_domain
+      @hostname = options[:hostname]
+    end
+
+    UNKNOWN_HOSTNAME = 'unknown'
+    def r
+      if Coppertone::Utils::DomainUtils.valid?(raw_hostname)
+        raw_hostname
+      else
+        UNKNOWN_HOSTNAME
+      end
+    end
+
+    def t
+      Time.now.to_i
+    end
+
+    %w(s l o d i p v h c r t).each do |m|
+      define_method(m.upcase) do
+        unencoded = send(m)
+        if unencoded
+          ::URI.escape(unencoded, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
+        else
+          nil
+        end
+      end
+    end
+
+    def raw_hostname
+      @raw_hostname ||=
+        (hostname || Coppertone.config.hostname ||
+         Coppertone::Utils::HostUtils.hostname)
+    end
+
+    # Generates a new MacroContext with all the same info, but a new
+    # domain
+    def with_domain(new_domain)
+      options = {}
+      options[:hostname] = hostname if hostname
+      MacroContext.new(new_domain, c, s, h, options)
+    end
+  end
+end

data/lib/coppertone/macro_string/macro_expand.rb

@@ -0,0 +1,84 @@
+require 'coppertone/error'
+
+module Coppertone
+  class MacroString
+    # A internal class that represents a term in the MacroString that
+    # may need to be expanded based on the SPF request context.  This
+    # class validates against the Macro Definitions defined in section
+    # 7.2, as well as against the set of delimiters, transformers, and
+    # grammer defined in section 7.1.
+    class MacroExpand
+      MACRO_LETTER_CHAR_SET = '[slodiphcrtvSLODIPHCRTV]'
+      PTR_MACRO_CHAR_SET = %w(p P)
+      DELIMITER_CHAR_SET = '[\.\-\+\,\/\_\=]'
+      VALID_BODY_REGEXP =
+        /\A(#{MACRO_LETTER_CHAR_SET})(\d*)(r?)(#{DELIMITER_CHAR_SET}*)\z/
+
+      attr_reader :macro_letter, :digit_transformers, :reverse,
+                  :delimiter_regexp
+      alias_method :reverse?, :reverse
+      def initialize(s)
+        matches = VALID_BODY_REGEXP.match(s)
+        fail Coppertone::MacroStringParsingError if matches.nil?
+        @macro_letter = matches[1]
+        initialize_digit_transformers(matches[2])
+        @reverse = (matches[3] == 'r')
+        initialize_delimiter(matches[4])
+        @body = s
+      end
+
+      def initialize_digit_transformers(raw_value)
+        return unless raw_value
+        @digit_transformers = raw_value.to_i if raw_value.length > 0
+        return unless @digit_transformers
+        fail Coppertone::MacroStringParsingError if @digit_transformers == 0
+      end
+
+      def ptr_macro?
+        PTR_MACRO_CHAR_SET.include?(@macro_letter)
+      end
+
+      def expand_ptr(context, request)
+        ptr =
+          Coppertone::Utils::ValidatedDomainFinder
+            .new(context, request).find(context.d)
+        return 'unknown' unless ptr
+        @macro_letter == 'P' ? ::Addressable::URI.encode_component(ptr) : ptr
+      end
+
+      def raw_value(context, request)
+        ptr_macro? ? expand_ptr(context, request) : context.send(@macro_letter)
+      end
+
+      def expand(context, request = nil)
+        labels = raw_value(context, request).split(@delimiter_regexp)
+        labels.reverse! if @reverse
+        labels = labels.last(@digit_transformers) if @digit_transformers
+        labels.join(DEFAULT_DELIMITER)
+      end
+
+      def to_s
+        @body
+      end
+
+      def ==(other)
+        return false unless other.instance_of? self.class
+        to_s == other.to_s
+      end
+
+      private
+
+      DEFAULT_DELIMITER = '.'
+      def initialize_delimiter(raw_delimiter)
+        delimiter_chars =
+          if raw_delimiter && raw_delimiter.length >= 1
+            raw_delimiter
+          else
+            DEFAULT_DELIMITER
+          end
+        @delimiter_regexp =
+          Regexp.new("[#{delimiter_chars}]")
+      end
+    end
+  end
+end

data/lib/coppertone/macro_string/macro_literal.rb

@@ -0,0 +1,24 @@
+module Coppertone
+  class MacroString
+    # A internal class that represents a fixed string in the macro template,
+    # whose value will not depend on the SPF request context.
+    class MacroLiteral
+      def initialize(s)
+        @str = s
+      end
+
+      def expand(_context, _request = nil)
+        @str
+      end
+
+      def to_s
+        @str
+      end
+
+      def ==(other)
+        return false unless other.instance_of? self.class
+        to_s == other.to_s
+      end
+    end
+  end
+end

data/lib/coppertone/macro_string/macro_parser.rb

@@ -0,0 +1,62 @@
+require 'coppertone/macro_string/macro_literal'
+require 'coppertone/macro_string/macro_expand'
+require 'coppertone/macro_string/macro_static_expand'
+
+module Coppertone
+  class MacroString
+    # A internal class that parses the macro string template into
+    # an object that can later be evaluated (or 'expanded')
+    # in the context of a particular SPF check.
+    class MacroParser
+      attr_reader :macros
+      def initialize(s)
+        @s = s.dup
+        @macros = []
+        parse_macro_array
+      end
+
+      def parse_macro_array
+        while @s && @s.length > 0
+          if starting_macro?
+            parse_interpolated_macro
+          else
+            parse_macro_literal
+          end
+        end
+      end
+
+      def starting_macro?
+        @s && @s.length >= 1 && (@s[0] == '%')
+      end
+
+      def parse_contextual_interpolated_macro
+        fail MacroStringParsingError unless @s[1] == '{'
+        closing_index = @s.index('}')
+        fail MacroStringParsingError unless closing_index
+        interpolated_body = @s[2, closing_index - 2]
+        @macros << MacroExpand.new(interpolated_body)
+        @s = @s[(closing_index + 1)..-1]
+      end
+
+      SIMPLE_MACRO_LETTERS = %w(% _ -)
+      def parse_interpolated_macro
+        fail MacroStringParsingError if @s.length == 1
+        macro_code = @s[0, 2]
+        if MacroStaticExpand.exists_for?(macro_code)
+          @macros << MacroStaticExpand.macro_for(macro_code)
+          @s = @s[2..-1]
+        else
+          parse_contextual_interpolated_macro
+        end
+      end
+
+      def parse_macro_literal
+        new_idx = @s.index('%')
+        new_idx ||= @s.length
+        @macros << MacroLiteral.new(@s[0, new_idx])
+        @s = @s[new_idx..-1]
+        new_idx
+      end
+    end
+  end
+end

data/lib/coppertone/macro_string/macro_static_expand.rb

@@ -0,0 +1,52 @@
+require 'coppertone/error'
+
+module Coppertone
+  class MacroString
+    # A internal class that represents one of a few special terms in the macro
+    # string definition.  These terms include a '%', but do not depend on the
+    # SPF request context.
+    class MacroStaticExpand
+      def initialize(macro_text, s)
+        @macro_text = macro_text
+        @str = s
+      end
+
+      def expand(_context, _request = nil)
+        @str
+      end
+
+      def to_s
+        @macro_text
+      end
+
+      # Replaces '%%' in a macro string
+      PERCENT_MACRO = new('%%'.freeze, '%'.freeze)
+
+      # Replaces '%_' in a macro string
+      SPACE_MACRO = new('%_'.freeze, ' '.freeze)
+
+      # Replaces '%-' in a macro string
+      URL_ENCODED_SPACE_MACRO = new('%-'.freeze, '%20'.freeze)
+
+      SIMPLE_INTERPOLATED_MACRO_LETTERS = %w(% _ -).freeze
+      def self.exists_for?(x)
+        return false unless x && (x.length == 2) && (x[0] == '%')
+        SIMPLE_INTERPOLATED_MACRO_LETTERS.include?(x[1])
+      end
+
+      def self.macro_for(x)
+        fail Coppertone::MacroStringParsingError unless exists_for?(x)
+        case x[1]
+        when '%'
+          PERCENT_MACRO
+        when '_'
+          SPACE_MACRO
+        when '-'
+          URL_ENCODED_SPACE_MACRO
+        end
+      end
+
+      private_class_method :new
+    end
+  end
+end

data/lib/coppertone/macro_string.rb

@@ -0,0 +1,31 @@
+require 'coppertone/macro_string/macro_parser'
+
+module Coppertone
+  # Instances of this class represent macro-strings, as defined by the
+  # SPF specification (see section 7.1).
+  #
+  # MacroStrings should be evaluated ('expanded') in a particular context,
+  # as the MacroString may use of a number of values available from the
+  # context for interpolation.
+  class MacroString
+    attr_reader :macro_text
+    def initialize(macro_text)
+      @macro_text = macro_text
+      parse_macros
+    end
+
+    def parse_macros
+      # Build an array of expandable macros
+      @macros = MacroParser.new(macro_text).macros
+    end
+
+    def expand(context, request = nil)
+      @macros.map { |m| m.expand(context, request) }.join('')
+    end
+
+    def ==(other)
+      return false unless other.instance_of? self.class
+      macro_text == other.macro_text
+    end
+  end
+end

data/lib/coppertone/mechanism/a.rb

@@ -0,0 +1,16 @@
+require 'coppertone/mechanism/domain_spec_with_dual_cidr'
+require 'coppertone/utils/ip_in_domain_checker'
+
+module Coppertone
+  class Mechanism  # rubocop:disable Style/Documentation
+    # Implements the A mechanism.
+    class A < DomainSpecWithDualCidr
+      def match_target_name(macro_context, request_context, target_name)
+        Coppertone::Utils::IPInDomainChecker
+          .new(macro_context, request_context)
+          .check(target_name, ip_v4_cidr_length, ip_v6_cidr_length)
+      end
+    end
+    register('a', Coppertone::Mechanism::A)
+  end
+end

data/lib/coppertone/mechanism/all.rb

@@ -0,0 +1,24 @@
+module Coppertone
+  class Mechanism  # rubocop:disable Style/Documentation
+    # Implements the All mechanism.  To reduce unnecessary object creation, this
+    # class is a singleton since all All mechanisms behave identically.
+    class All < Mechanism
+      SINGLETON = new
+      private_class_method :new
+
+      def self.create(attributes)
+        fail InvalidMechanismError unless attributes.blank?
+        SINGLETON
+      end
+
+      def self.instance
+        SINGLETON
+      end
+
+      def match?(_macro_context, _request_context)
+        true
+      end
+    end
+    register('all', Coppertone::Mechanism::All)
+  end
+end

data/lib/coppertone/mechanism/cidr_parser.rb

@@ -0,0 +1,14 @@
+module Coppertone
+  class Mechanism  # rubocop:disable Style/Documentation
+    class CidrParser
+      def self.parse(raw_length, max_val)
+        return if raw_length.blank?
+        length_as_i = raw_length.to_i
+        if length_as_i < 0 || length_as_i > max_val
+          fail Coppertone::InvalidMechanismError
+        end
+        length_as_i.to_s
+      end
+    end
+  end
+end

data/lib/coppertone/mechanism/domain_spec_mechanism.rb

@@ -0,0 +1,18 @@
+module Coppertone
+  class Mechanism  # rubocop:disable Style/Documentation
+    class DomainSpecMechanism < Mechanism
+      attr_reader :domain_spec
+
+      def target_name_from_domain_spec(macro_context, request_context)
+        domain =
+          domain_spec.expand(macro_context, request_context) if domain_spec
+        Coppertone::Utils::DomainUtils.macro_expanded_domain(domain)
+      end
+
+      def trim_domain_spec(raw_domain_spec)
+        return nil if raw_domain_spec.blank?
+        raw_domain_spec[1..-1]
+      end
+    end
+  end
+end