spf 0.0.51 → 0.0.54
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -13
- data/Gemfile +2 -2
- data/Gemfile.lock +47 -34
- data/lib/spf/eval.rb +38 -45
- data/lib/spf/model.rb +11 -3
- data/lib/spf/version.rb +1 -1
- data/spf.gemspec +3 -1
- metadata +23 -22
checksums.yaml
CHANGED
@@ -1,15 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
|
5
|
-
data.tar.gz: !binary |-
|
6
|
-
ZmZjZjhkNGU3NTNjNTUwNTdjZDFiOWRlNzEzM2I5Y2QzZTYwZjQ3Nw==
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 8e8afc8e375d137af56775cbd41cfd3d3105cf45
|
4
|
+
data.tar.gz: 75a7ca24ee85ebf0a4e1986a0b5af7c4ee263bde
|
7
5
|
SHA512:
|
8
|
-
metadata.gz:
|
9
|
-
|
10
|
-
NWE2ODc1ZDA2OTRlNzQ5YjYzZjUzNDY2MmJjMTZhMWNlMmQ5ODdjOWMzYTIx
|
11
|
-
N2YzYWFhMjAyZjQyMzBkZmUyMDc0YjUxMzIyM2ZkY2IwYzhhOGI=
|
12
|
-
data.tar.gz: !binary |-
|
13
|
-
YzBjYTc5ZDA5MzRlMjQ2N2RlNDQ4ZjlhZmU2YzQ1ODYwMWJhMjY4NGU0MDVk
|
14
|
-
Yjg0N2RiNDNiMmQ4NTBkNjExN2NjYjRiZTI1Zjk1M2M3NjBkZmMwOTNmNGE1
|
15
|
-
Y2M0M2MyNzJhMWNmZThmOTg2ZGNhNTBjMzNmY2M4MWFhNDc1Y2Y=
|
6
|
+
metadata.gz: 1d67198fa465bafabb7e1de1d929c75d92ae12f422c815762456758cbea43f99f40c903c4b07c25109a21c7f0247f6a9a8dce4e9b2e75829b92dfdc58bb42fdd
|
7
|
+
data.tar.gz: 8e1d403dd518403d70bed335c2c19fb03bb026d226db073b095b54dc0fe90aa26c2705426a646ad14d7603ef5877ff940068dfd845b4100ab71e6ea7ac53cd82
|
data/Gemfile
CHANGED
@@ -9,8 +9,8 @@ gem "ruby-ip", "~> 0.9.1"
|
|
9
9
|
# Include everything needed to run rake, tests, features, etc.
|
10
10
|
group :development do
|
11
11
|
gem "rspec", "~> 2.9"
|
12
|
-
gem "rdoc", "~> 3"
|
12
|
+
gem "rdoc", "~> 4.3"
|
13
13
|
gem "bundler", "~> 1.2"
|
14
|
-
gem "jeweler", "~>
|
14
|
+
gem "jeweler", "~> 2.3", ">= 2.3.9"
|
15
15
|
gem "simplecov", :require => false, :group => :test
|
16
16
|
end
|
data/Gemfile.lock
CHANGED
@@ -1,47 +1,55 @@
|
|
1
1
|
GEM
|
2
2
|
remote: http://rubygems.org/
|
3
3
|
specs:
|
4
|
-
addressable (2.
|
5
|
-
builder (3.2.
|
4
|
+
addressable (2.4.0)
|
5
|
+
builder (3.2.4)
|
6
|
+
descendants_tracker (0.0.4)
|
7
|
+
thread_safe (~> 0.3, >= 0.3.1)
|
6
8
|
diff-lcs (1.2.5)
|
7
9
|
docile (1.1.5)
|
8
|
-
faraday (0.
|
9
|
-
multipart-post (
|
10
|
-
git (1.
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
10
|
+
faraday (0.9.2)
|
11
|
+
multipart-post (>= 1.2, < 3)
|
12
|
+
git (1.7.0)
|
13
|
+
rchardet (~> 1.8)
|
14
|
+
github_api (0.16.0)
|
15
|
+
addressable (~> 2.4.0)
|
16
|
+
descendants_tracker (~> 0.0.4)
|
17
|
+
faraday (~> 0.8, < 0.10)
|
18
|
+
hashie (>= 3.4)
|
19
|
+
mime-types (>= 1.16, < 3.0)
|
20
|
+
oauth2 (~> 1.0)
|
21
|
+
hashie (4.1.0)
|
22
|
+
highline (2.0.3)
|
23
|
+
jeweler (2.3.9)
|
21
24
|
builder
|
22
|
-
bundler
|
25
|
+
bundler
|
23
26
|
git (>= 1.2.5)
|
24
|
-
github_api (
|
27
|
+
github_api (~> 0.16.0)
|
25
28
|
highline (>= 1.6.15)
|
26
|
-
nokogiri (
|
29
|
+
nokogiri (>= 1.5.10)
|
30
|
+
psych
|
27
31
|
rake
|
28
32
|
rdoc
|
29
|
-
|
30
|
-
jwt (
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
33
|
+
semver2
|
34
|
+
jwt (2.2.2)
|
35
|
+
mime-types (2.99.3)
|
36
|
+
mini_portile2 (2.4.0)
|
37
|
+
multi_json (1.15.0)
|
38
|
+
multi_xml (0.6.0)
|
39
|
+
multipart-post (2.1.1)
|
40
|
+
nokogiri (1.10.10)
|
41
|
+
mini_portile2 (~> 2.4.0)
|
42
|
+
oauth2 (1.4.4)
|
43
|
+
faraday (>= 0.8, < 2.0)
|
44
|
+
jwt (>= 1.0, < 3.0)
|
38
45
|
multi_json (~> 1.3)
|
39
46
|
multi_xml (~> 0.5)
|
40
|
-
rack (
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
47
|
+
rack (>= 1.2, < 3)
|
48
|
+
psych (3.1.0)
|
49
|
+
rack (2.2.3)
|
50
|
+
rake (13.0.1)
|
51
|
+
rchardet (1.8.0)
|
52
|
+
rdoc (4.3.0)
|
45
53
|
rspec (2.99.0)
|
46
54
|
rspec-core (~> 2.99.0)
|
47
55
|
rspec-expectations (~> 2.99.0)
|
@@ -51,19 +59,24 @@ GEM
|
|
51
59
|
diff-lcs (>= 1.1.3, < 2.0)
|
52
60
|
rspec-mocks (2.99.3)
|
53
61
|
ruby-ip (0.9.3)
|
62
|
+
semver2 (3.4.2)
|
54
63
|
simplecov (0.9.2)
|
55
64
|
docile (~> 1.1.0)
|
56
65
|
multi_json (~> 1.0)
|
57
66
|
simplecov-html (~> 0.9.0)
|
58
67
|
simplecov-html (0.9.0)
|
68
|
+
thread_safe (0.3.6)
|
59
69
|
|
60
70
|
PLATFORMS
|
61
71
|
ruby
|
62
72
|
|
63
73
|
DEPENDENCIES
|
64
74
|
bundler (~> 1.2)
|
65
|
-
jeweler (~>
|
66
|
-
rdoc (~> 3)
|
75
|
+
jeweler (~> 2.3, >= 2.3.9)
|
76
|
+
rdoc (~> 4.3)
|
67
77
|
rspec (~> 2.9)
|
68
78
|
ruby-ip (~> 0.9.1)
|
69
79
|
simplecov
|
80
|
+
|
81
|
+
BUNDLED WITH
|
82
|
+
1.17.3
|
data/lib/spf/eval.rb
CHANGED
@@ -188,75 +188,62 @@ class SPF::Server
|
|
188
188
|
query_count = 0
|
189
189
|
dns_errors = []
|
190
190
|
|
191
|
-
# Query for
|
192
|
-
if
|
193
|
-
@query_rr_types & QUERY_RR_TYPE_SPF)
|
191
|
+
# Query for TXT-type RRs first:
|
192
|
+
if @query_rr_types != QUERY_RR_TYPE_SPF
|
194
193
|
begin
|
195
194
|
query_count += 1
|
196
|
-
packet = self.dns_lookup(domain, '
|
195
|
+
packet = self.dns_lookup(domain, 'TXT')
|
197
196
|
matches = self.get_acceptable_records_from_packet(
|
198
|
-
packet, '
|
197
|
+
packet, 'TXT', versions, scope, domain, loose_match)
|
199
198
|
records << matches[0]
|
200
199
|
loose_records << matches[1]
|
201
200
|
rescue SPF::DNSError => e
|
202
201
|
dns_errors << e
|
203
|
-
#rescue SPF::DNSTimeout => e
|
204
|
-
# # FIXME: Ignore DNS timeouts on SPF type lookups?
|
205
|
-
# # Apparently some brain-dead DNS servers time out on SPF-type queries.
|
206
202
|
end
|
207
203
|
end
|
208
204
|
|
209
|
-
if
|
210
|
-
@query_rr_types == QUERY_RR_TYPE_ALL or
|
211
|
-
@query_rr_types & QUERY_RR_TYPE_TXT)
|
212
|
-
# NOTE:
|
213
|
-
# This deliberately violates RFC 4406 (Sender ID), 4.4/3 (4.4.1):
|
214
|
-
# TXT-type RRs are still tried if there _are_ SPF-type RRs but all
|
215
|
-
# of them are inapplicable (e.g. "Hi!", or even "spf2/pra" for an
|
216
|
-
# 'mfrom' scope request). This conforms to the spirit of the more
|
217
|
-
# sensible algorithm in RFC 4408 (SPF), 4.5.
|
218
|
-
# Implication: Sender ID processing may make use of existing TXT-
|
219
|
-
# type records where a result of "None" would normally be returned
|
220
|
-
# under a strict interpretation of RFC 4406.
|
221
|
-
|
205
|
+
if records.flatten.empty? && @query_rr_types != QUERY_RR_TYPE_TXT
|
222
206
|
begin
|
223
207
|
query_count += 1
|
224
|
-
packet = self.dns_lookup(domain, '
|
208
|
+
packet = self.dns_lookup(domain, 'SPF')
|
225
209
|
matches = self.get_acceptable_records_from_packet(
|
226
|
-
packet, '
|
210
|
+
packet, 'SPF', versions, scope, domain, loose_match)
|
227
211
|
records << matches[0]
|
228
212
|
loose_records << matches[1]
|
229
213
|
rescue SPF::DNSError => e
|
230
214
|
dns_errors << e
|
215
|
+
#rescue SPF::DNSTimeout => e
|
216
|
+
# # FIXME: Ignore DNS timeouts on SPF type lookups?
|
217
|
+
# # Apparently some brain-dead DNS servers time out on SPF-type queries.
|
231
218
|
end
|
219
|
+
end
|
232
220
|
|
233
|
-
|
234
|
-
|
221
|
+
# Unless at least one query succeeded, re-raise the first DNS error that occured.
|
222
|
+
raise dns_errors[0] unless dns_errors.length < query_count
|
235
223
|
|
236
|
-
|
237
|
-
|
224
|
+
records.flatten!
|
225
|
+
loose_records.flatten!
|
238
226
|
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
# Discard all records but the highest acceptable version:
|
246
|
-
preferred_record_class = records[0].class
|
227
|
+
if records.empty?
|
228
|
+
# RFC 4408, 4.5/7
|
229
|
+
raise SPF::NoAcceptableRecordError.new('No applicable sender policy available',
|
230
|
+
loose_records)
|
231
|
+
end
|
247
232
|
|
248
|
-
|
233
|
+
# Discard all records but the highest acceptable version:
|
234
|
+
preferred_record_class = records[0].class
|
249
235
|
|
250
|
-
|
251
|
-
# RFC 4408, 4.5/6
|
252
|
-
raise SPF::RedundantAcceptableRecordsError.new(
|
253
|
-
"Redundant applicable '#{preferred_record_class.version_tag}' sender policies found",
|
254
|
-
records
|
255
|
-
)
|
256
|
-
end
|
236
|
+
records = records.select { |record| preferred_record_class === record }
|
257
237
|
|
258
|
-
|
238
|
+
if records.length != 1
|
239
|
+
# RFC 4408, 4.5/6
|
240
|
+
raise SPF::RedundantAcceptableRecordsError.new(
|
241
|
+
"Redundant applicable '#{preferred_record_class.version_tag}' sender policies found",
|
242
|
+
records
|
243
|
+
)
|
259
244
|
end
|
245
|
+
|
246
|
+
return records[0]
|
260
247
|
end
|
261
248
|
|
262
249
|
def get_acceptable_records_from_packet(packet, rr_type, versions, scope, domain, loose_match)
|
@@ -275,7 +262,13 @@ class SPF::Server
|
|
275
262
|
versions.each do |version|
|
276
263
|
klass = RECORD_CLASSES_BY_VERSION[version]
|
277
264
|
begin
|
278
|
-
|
265
|
+
options = {:raise_exceptions => @raise_exceptions}
|
266
|
+
# A MacroString object for domain indicates this is a nested record.
|
267
|
+
# Storing the domain.text maintains an association to the include domain.
|
268
|
+
if domain.class == SPF::MacroString
|
269
|
+
options[:record_domain] = domain.text
|
270
|
+
end
|
271
|
+
record = klass.new_from_string(text, options)
|
279
272
|
rescue SPF::InvalidRecordVersionError => error
|
280
273
|
if text =~ /#{LOOSE_SPF_MATCH_PATTERN}/
|
281
274
|
possible_matches << text
|
data/lib/spf/model.rb
CHANGED
@@ -86,7 +86,7 @@ class SPF::Term
|
|
86
86
|
::
|
87
87
|
"
|
88
88
|
|
89
|
-
attr_reader :errors, :ip_netblocks, :ip_address, :ip_network, :ipv4_prefix_length, :ipv6_prefix_length, :domain_spec, :raw_params
|
89
|
+
attr_reader :errors, :ip_netblocks, :ip_address, :ip_network, :ipv4_prefix_length, :ipv6_prefix_length, :domain_spec, :raw_params, :record_domain
|
90
90
|
|
91
91
|
def initialize(options = {})
|
92
92
|
@ip_address = nil
|
@@ -97,6 +97,7 @@ class SPF::Term
|
|
97
97
|
@errors = []
|
98
98
|
@ip_netblocks = []
|
99
99
|
@text = options[:text]
|
100
|
+
@record_domain = options[:record_domain]
|
100
101
|
@raise_exceptions = options.has_key?(:raise_exceptions) ? options[:raise_exceptions] : true
|
101
102
|
end
|
102
103
|
|
@@ -117,6 +118,8 @@ class SPF::Term
|
|
117
118
|
domain_spec = $1
|
118
119
|
domain_spec.sub!(/^(.*?)\.?$/, $1)
|
119
120
|
@domain_spec = SPF::MacroString.new({:text => domain_spec})
|
121
|
+
elsif record_domain
|
122
|
+
@domain_spec = SPF::MacroString.new({:text => record_domain})
|
120
123
|
elsif required
|
121
124
|
error(SPF::TermDomainSpecExpectedError.new(
|
122
125
|
"Missing required domain-spec in '#{@text}'"))
|
@@ -844,6 +847,7 @@ class SPF::Record
|
|
844
847
|
@global_mods ||= {}
|
845
848
|
@errors = []
|
846
849
|
@ip_netblocks = []
|
850
|
+
@record_domain = options[:record_domain]
|
847
851
|
@raise_exceptions = options.has_key?(:raise_exceptions) ? options[:raise_exceptions] : true
|
848
852
|
end
|
849
853
|
|
@@ -914,7 +918,11 @@ class SPF::Record
|
|
914
918
|
error(exception)
|
915
919
|
mech_class = SPF::Mech
|
916
920
|
end
|
917
|
-
|
921
|
+
options = {:raise_exceptions => @raise_exceptions}
|
922
|
+
if instance_variable_defined?("@record_domain")
|
923
|
+
options[:record_domain] = @record_domain
|
924
|
+
end
|
925
|
+
term = mech = mech_class.new_from_string(mech_text, options)
|
918
926
|
term.errors << exception if exception
|
919
927
|
@ip_netblocks << mech.ip_netblocks if mech.ip_netblocks
|
920
928
|
@terms << mech
|
@@ -987,7 +995,7 @@ class SPF::Record
|
|
987
995
|
if mech.match(server, request, request.ip_address != nil)
|
988
996
|
result_name = RESULTS_BY_QUALIFIER[mech.qualifier]
|
989
997
|
result_class = server.result_class(result_name)
|
990
|
-
result = result_class.new([server, request, "Mechanism '#{term}' matched"])
|
998
|
+
result = result_class.new([server, request, "Mechanism '#{term.text}' matched"])
|
991
999
|
mech.explain(server, request, result)
|
992
1000
|
raise result if want_result
|
993
1001
|
end
|
data/lib/spf/version.rb
CHANGED
data/spf.gemspec
CHANGED
@@ -3,10 +3,12 @@
|
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
5
|
# stub: spf 0.0.48 ruby lib
|
6
|
+
$:.unshift File.expand_path("../lib", __FILE__)
|
7
|
+
require 'spf/version'
|
6
8
|
|
7
9
|
Gem::Specification.new do |s|
|
8
10
|
s.name = "spf"
|
9
|
-
s.version =
|
11
|
+
s.version = SPF::VERSION
|
10
12
|
|
11
13
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
14
|
s.require_paths = ["lib"]
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: spf
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.54
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Flury
|
8
8
|
- Julian Mehnle
|
9
9
|
- Jacob Rideout
|
10
|
-
autorequire:
|
10
|
+
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
13
|
date: 2015-04-29 00:00:00.000000000 Z
|
@@ -16,74 +16,75 @@ dependencies:
|
|
16
16
|
name: ruby-ip
|
17
17
|
requirement: !ruby/object:Gem::Requirement
|
18
18
|
requirements:
|
19
|
-
- - ~>
|
19
|
+
- - "~>"
|
20
20
|
- !ruby/object:Gem::Version
|
21
21
|
version: 0.9.1
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
25
25
|
requirements:
|
26
|
-
- - ~>
|
26
|
+
- - "~>"
|
27
27
|
- !ruby/object:Gem::Version
|
28
28
|
version: 0.9.1
|
29
29
|
- !ruby/object:Gem::Dependency
|
30
30
|
name: rspec
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
32
32
|
requirements:
|
33
|
-
- - ~>
|
33
|
+
- - "~>"
|
34
34
|
- !ruby/object:Gem::Version
|
35
35
|
version: '2.9'
|
36
36
|
type: :development
|
37
37
|
prerelease: false
|
38
38
|
version_requirements: !ruby/object:Gem::Requirement
|
39
39
|
requirements:
|
40
|
-
- - ~>
|
40
|
+
- - "~>"
|
41
41
|
- !ruby/object:Gem::Version
|
42
42
|
version: '2.9'
|
43
43
|
- !ruby/object:Gem::Dependency
|
44
44
|
name: rdoc
|
45
45
|
requirement: !ruby/object:Gem::Requirement
|
46
46
|
requirements:
|
47
|
-
- - ~>
|
47
|
+
- - "~>"
|
48
48
|
- !ruby/object:Gem::Version
|
49
49
|
version: '3'
|
50
50
|
type: :development
|
51
51
|
prerelease: false
|
52
52
|
version_requirements: !ruby/object:Gem::Requirement
|
53
53
|
requirements:
|
54
|
-
- - ~>
|
54
|
+
- - "~>"
|
55
55
|
- !ruby/object:Gem::Version
|
56
56
|
version: '3'
|
57
57
|
- !ruby/object:Gem::Dependency
|
58
58
|
name: bundler
|
59
59
|
requirement: !ruby/object:Gem::Requirement
|
60
60
|
requirements:
|
61
|
-
- - ~>
|
61
|
+
- - "~>"
|
62
62
|
- !ruby/object:Gem::Version
|
63
63
|
version: '1.2'
|
64
64
|
type: :development
|
65
65
|
prerelease: false
|
66
66
|
version_requirements: !ruby/object:Gem::Requirement
|
67
67
|
requirements:
|
68
|
-
- - ~>
|
68
|
+
- - "~>"
|
69
69
|
- !ruby/object:Gem::Version
|
70
70
|
version: '1.2'
|
71
71
|
- !ruby/object:Gem::Dependency
|
72
72
|
name: jeweler
|
73
73
|
requirement: !ruby/object:Gem::Requirement
|
74
74
|
requirements:
|
75
|
-
- - ~>
|
75
|
+
- - "~>"
|
76
76
|
- !ruby/object:Gem::Version
|
77
77
|
version: '1.8'
|
78
78
|
type: :development
|
79
79
|
prerelease: false
|
80
80
|
version_requirements: !ruby/object:Gem::Requirement
|
81
81
|
requirements:
|
82
|
-
- - ~>
|
82
|
+
- - "~>"
|
83
83
|
- !ruby/object:Gem::Version
|
84
84
|
version: '1.8'
|
85
|
-
description:
|
86
|
-
|
85
|
+
description: |2
|
86
|
+
An object-oriented Ruby implementation of the Sender Policy Framework (SPF)
|
87
|
+
e-mail sender authentication system, fully compliant with RFC 4408.
|
87
88
|
email:
|
88
89
|
- code@agari.com
|
89
90
|
- aflury@agari.com
|
@@ -94,8 +95,8 @@ extensions: []
|
|
94
95
|
extra_rdoc_files:
|
95
96
|
- README.rdoc
|
96
97
|
files:
|
97
|
-
- .document
|
98
|
-
- .rspec
|
98
|
+
- ".document"
|
99
|
+
- ".rspec"
|
99
100
|
- Gemfile
|
100
101
|
- Gemfile.lock
|
101
102
|
- README.rdoc
|
@@ -117,24 +118,24 @@ homepage: https://github.com/agaridata/spf-ruby
|
|
117
118
|
licenses:
|
118
119
|
- none (all rights reserved)
|
119
120
|
metadata: {}
|
120
|
-
post_install_message:
|
121
|
+
post_install_message:
|
121
122
|
rdoc_options: []
|
122
123
|
require_paths:
|
123
124
|
- lib
|
124
125
|
required_ruby_version: !ruby/object:Gem::Requirement
|
125
126
|
requirements:
|
126
|
-
- -
|
127
|
+
- - ">="
|
127
128
|
- !ruby/object:Gem::Version
|
128
129
|
version: '0'
|
129
130
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
130
131
|
requirements:
|
131
|
-
- -
|
132
|
+
- - ">="
|
132
133
|
- !ruby/object:Gem::Version
|
133
134
|
version: '0'
|
134
135
|
requirements: []
|
135
|
-
rubyforge_project:
|
136
|
-
rubygems_version: 2.
|
137
|
-
signing_key:
|
136
|
+
rubyforge_project:
|
137
|
+
rubygems_version: 2.5.1
|
138
|
+
signing_key:
|
138
139
|
specification_version: 4
|
139
140
|
summary: Implementation of the Sender Policy Framework
|
140
141
|
test_files: []
|