mirror
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Fork 0
Code Issues Releases Wiki Activity

DMARC: fixed SPF prefix length

This commit is contained in:
M66B 2023-11-12 22:14:35 +01:00
parent 10a1d19b18
commit a5ded5f7ad
1 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
app/src/main/java/eu/faircode/email/ActivityDmarc.java
View File

@ -287,7 +287,7 @@ public class ActivityDmarc extends ActivityBase {
else if (ip.startsWith("+"))
ip = ip.substring(1);
// TDO ptr
// https://datatracker.ietf.org/doc/html/rfc7208#section-5
if (ip.startsWith("ip4:") || ip.startsWith("ip6:")) {
String[] net = ip.substring(4).split("/");
if (net.length > 2)
@ -308,8 +308,6 @@ public class ActivityDmarc extends ActivityBase {
String[] net = domain.split("/");
Integer prefix = (net.length > 1
? Helper.parseInt(net[1]) : null);
if (prefix == null)
prefix = 32;
List<DnsHelper.DnsRecord> as = new ArrayList<>();
try {
as.addAll(Arrays.asList(DnsHelper.lookup(context, net[0], "a")));
@ -320,10 +318,18 @@ public class ActivityDmarc extends ActivityBase {
} catch (UnknownHostException ignored) {
}
for (DnsHelper.DnsRecord a : as)
if (ConnectionHelper.inSubnet(text, a.response, prefix)) {
valid = true;
because = ip + " in " + domain + "/" + prefix;
break;
if (prefix == null) {
if (text.equals(a.response)) {
valid = true;
because = ip + " in " + domain;
break;
}
} else {
if (ConnectionHelper.inSubnet(text, a.response, prefix)) {
valid = true;
because = ip + " in " + domain + "/" + prefix;
break;
}
}
if (valid)
break;
@ -334,8 +340,6 @@ public class ActivityDmarc extends ActivityBase {
String[] net = domain.split("/");
Integer prefix = (net.length > 1
? Helper.parseInt(net[1]) : null);
if (prefix == null)
prefix = 32;
DnsHelper.DnsRecord[] mxs =
DnsHelper.lookup(context, net[0], "mx");
for (DnsHelper.DnsRecord mx : mxs) {
@ -349,10 +353,18 @@ public class ActivityDmarc extends ActivityBase {
} catch (UnknownHostException ignored) {
}
for (DnsHelper.DnsRecord a : as)
if (ConnectionHelper.inSubnet(text, a.response, prefix)) {
valid = true;
because = ip + " in " + domain + "/" + prefix;
break;
if (prefix == null) {
if (text.equals(a.response)) {
valid = true;
because = ip + " in " + domain;
break;
}
} else {
if (ConnectionHelper.inSubnet(text, a.response, prefix)) {
valid = true;
because = ip + " in " + domain + "/" + prefix;
break;
}
}
if (valid)
break;