YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

[fix] False positive on blacklist due to search in resovconf

Browse source
This commit is contained in:
ljf 2020-04-19 21:45:46 +02:00 committed by Alexandre Aubin
parent 69938c3feb
commit c6c85556ac
2 changed files with 34 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
data/hooks/diagnosis/24-mail.py
View file

@ -13,6 +13,7 @@ from moulinette.utils.filesystem import read_yaml
from yunohost.diagnosis import Diagnoser from yunohost.diagnosis import Diagnoser
from yunohost.domain import _get_maindomain, domain_list from yunohost.domain import _get_maindomain, domain_list
from yunohost.settings import settings_get from yunohost.settings import settings_get
from yunohost.utils.network import dig
DEFAULT_DNS_BLACKLIST = "/usr/share/yunohost/other/dnsbl_list.yml" DEFAULT_DNS_BLACKLIST = "/usr/share/yunohost/other/dnsbl_list.yml"
@ -155,26 +156,25 @@ class MailDiagnoser(Diagnoser):
if not blacklist[item_type]: if not blacklist[item_type]:
continue continue
# Determine if we are listed on this RBL # Build the query for DNSBL
try:
subdomain = item subdomain = item
if item_type != "domain": if item_type != "domain":
rev = dns.reversename.from_address(item) rev = dns.reversename.from_address(item)
subdomain = str(rev.split(3)[0]) subdomain = str(rev.split(3)[0])
query = subdomain + '.' + blacklist['dns_server'] query = subdomain + '.' + blacklist['dns_server']
# TODO add timeout lifetime
dns.resolver.query(query, "A") # Do the DNS Query
except (dns.resolver.NXDOMAIN, dns.resolver.NoNameservers, dns.resolver.NoAnswer, status, answers = dig(query, 'A')
dns.exception.Timeout): if status != 'ok':
continue continue
# Try to get the reason # Try to get the reason
details = [] details = []
try: status, answers = dig(query, 'TXT')
reason = str(dns.resolver.query(query, "TXT")[0])
details.append("diagnosis_mail_blacklist_reason")
except Exception:
reason = "-" reason = "-"
if status == 'ok':
reason = ', '.join(answers)
details.append("diagnosis_mail_blacklist_reason")
details.append("diagnosis_mail_blacklist_website") details.append("diagnosis_mail_blacklist_website")

19
src/yunohost/utils/network.py
View file

@ -21,6 +21,7 @@
import os import os
import re import re
import logging import logging
import dns.resolver
from moulinette.utils.network import download_text from moulinette.utils.network import download_text
from moulinette.utils.process import check_output from moulinette.utils.process import check_output
@ -84,6 +85,24 @@ def get_gateway():
return addr.popitem()[1] if len(addr) == 1 else None return addr.popitem()[1] if len(addr) == 1 else None
def dig(qname, rdtype="A", timeout=5, resolvers=["127.0.0.1"], edns_size=1500):
"""
Do a quick DNS request and avoid the "search" trap inside /etc/resolv.conf
"""
resolver = dns.resolver.Resolver(configure=False)
resolver.use_edns(0, 0, edns_size)
resolver.nameservers = resolvers
resolver.timeout = timeout
try:
answers = resolver.query(qname, rdtype)
except (dns.resolver.NXDOMAIN, dns.resolver.NoNameservers, dns.resolver.NoAnswer,
dns.exception.Timeout) as e:
return ("nok", e.__class__.__name__, e)
return ("ok", [(answer.to_text(), answer) for answer in answers])
def _extract_inet(string, skip_netmask=False, skip_loopback=True): def _extract_inet(string, skip_netmask=False, skip_loopback=True):
""" """
Extract IP addresses (v4 and/or v6) from a string limited to one Extract IP addresses (v4 and/or v6) from a string limited to one