Mirrors/yggmail
1
0
Fork 0
mirror of https://github.com/neilalexander/yggmail.git synced 2026-05-08 04:46:28 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix origin check

Browse Source
This commit is contained in:
Neil Alexander
2021-07-08 22:31:48 +01:00
parent ea3a94a1ce
commit 73ec35d5fa
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/smtpserver/backend.go
View File

@@ -6,6 +6,7 @@ import (
"log" "log"
"github.com/emersion/go-smtp" "github.com/emersion/go-smtp"
"github.com/jxskiss/base62"
"github.com/neilalexander/yggmail/internal/config" "github.com/neilalexander/yggmail/internal/config"
"github.com/neilalexander/yggmail/internal/smtpsender" "github.com/neilalexander/yggmail/internal/smtpsender"
"github.com/neilalexander/yggmail/internal/storage" "github.com/neilalexander/yggmail/internal/storage"
@@ -58,14 +59,13 @@ func (b *Backend) AnonymousLogin(state *smtp.ConnectionState) (smtp.Session, err
case BackendModeExternal: case BackendModeExternal:
// The connection came from our overlay listener, so we should check // The connection came from our overlay listener, so we should check
// that they are who they claim to be // that they are who they claim to be
if state.Hostname != state.RemoteAddr.String() {
return nil, fmt.Errorf("You are not who you claim to be")
}
pks, err := hex.DecodeString(state.RemoteAddr.String()) pks, err := hex.DecodeString(state.RemoteAddr.String())
if err != nil { if err != nil {
return nil, fmt.Errorf("hex.DecodeString: %w", err) return nil, fmt.Errorf("hex.DecodeString: %w", err)
} }
if state.Hostname != base62.EncodeToString(pks) {
return nil, fmt.Errorf("You are not who you claim to be")
}
b.Log.Println("Incoming SMTP session from", state.RemoteAddr.String()) b.Log.Println("Incoming SMTP session from", state.RemoteAddr.String())
return &SessionRemote{ return &SessionRemote{