Author: dbkr
Date: 2006-08-03 23:47:12 +0000 (Thu, 03 Aug 2006)
New Revision: 9875
Modified:
trunk/apps/Freemail/src/freemail/AccountManager.java
trunk/apps/Freemail/src/freemail/Freemail.java
trunk/apps/Freemail/src/freemail/InboundContact.java
trunk/apps/Freemail/src/freemail/MailMessage.java
trunk/apps/Freemail/src/freemail/Postman.java
trunk/apps/Freemail/src/freemail/RTSFetcher.java
trunk/apps/Freemail/src/freemail/utils/EmailAddress.java
Log:
'From' checking
Modified: trunk/apps/Freemail/src/freemail/AccountManager.java
===================================================================
--- trunk/apps/Freemail/src/freemail/AccountManager.java 2006-08-03
21:37:33 UTC (rev 9874)
+++ trunk/apps/Freemail/src/freemail/AccountManager.java 2006-08-03
23:47:12 UTC (rev 9875)
@@ -37,7 +37,7 @@
private static final int ASYM_KEY_CERTAINTY = 80;
public static final String MAILSITE_SUFFIX = "mailsite";
- public static final String MAILSITE_VERSION = "1";
+ public static final String MAILSITE_VERSION = "-1";
public static void Create(String username) throws IOException {
Modified: trunk/apps/Freemail/src/freemail/Freemail.java
===================================================================
--- trunk/apps/Freemail/src/freemail/Freemail.java 2006-08-03 21:37:33 UTC
(rev 9874)
+++ trunk/apps/Freemail/src/freemail/Freemail.java 2006-08-03 23:47:12 UTC
(rev 9875)
@@ -118,7 +118,7 @@
e.printStackTrace();
return;
}
- System.out.println("Your short Freemail address is:
'anything"+alias+".freemail'. Your long address will continue to work.");
+ System.out.println("Your short Freemail address is:
'anything@"+alias+".freemail'. Your long address will continue to work.");
return;
}
Modified: trunk/apps/Freemail/src/freemail/InboundContact.java
===================================================================
--- trunk/apps/Freemail/src/freemail/InboundContact.java 2006-08-03
21:37:33 UTC (rev 9874)
+++ trunk/apps/Freemail/src/freemail/InboundContact.java 2006-08-03
23:47:12 UTC (rev 9875)
@@ -7,11 +7,15 @@
import java.io.PrintStream;
import java.io.IOException;
import java.io.FileNotFoundException;
+import java.net.MalformedURLException;
import freemail.FreenetURI;
import freemail.utils.PropsFile;
+import freemail.utils.EmailAddress;
import freemail.fcp.HighLevelFCPClient;
+import org.archive.util.Base32;
+
public class InboundContact extends Postman implements SlotSaveCallback {
private static final String IBCT_PROPSFILE = "props";
// how many slots should we poll past the last occupied one?
@@ -137,6 +141,47 @@
this.ibct_props.put("slots", s);
}
+ public boolean validateFrom(EmailAddress from) throws IOException {
+ String sd = from.getSubDomain();
+
+ if (from.is_ssk_address()) {
+ return
Base32.encode(this.ibct_dir.getName().getBytes()).equalsIgnoreCase(sd);
+ } else {
+ // try to fetch that KSK redirect address
+ HighLevelFCPClient cli = new HighLevelFCPClient();
+
+ // quick sanity check
+ if (sd.indexOf("\r") > 0 || sd.indexOf("\n") > 0)
return false;
+
+ File result =
cli.fetch("KSK@"+sd+MailSite.ALIAS_SUFFIX);
+
+ if (result == null) {
+ // we just received the message so we can
assume our
+ // network connection is healthy, and the
mailsite
+ // ought to be easily retrievable, so fail.
+ // If this proves to be an issue, change it.
+ return false;
+ }
+ if (result.length() > 512) {
+ result.delete();
+ return false;
+ }
+ BufferedReader br = new BufferedReader(new
FileReader(result));
+
+ String line = br.readLine();
+ br.close();
+ result.delete();
+ FreenetURI furi;
+ try {
+ furi = new FreenetURI(line);
+ } catch (MalformedURLException mfue) {
+ return false;
+ }
+ return
this.ibct_dir.getName().equals(furi.getKeyBody());
+ }
+ }
+
+
private class MessageLog {
private static final String LOGFILE = "log";
private final File logfile;
Modified: trunk/apps/Freemail/src/freemail/MailMessage.java
===================================================================
--- trunk/apps/Freemail/src/freemail/MailMessage.java 2006-08-03 21:37:33 UTC
(rev 9874)
+++ trunk/apps/Freemail/src/freemail/MailMessage.java 2006-08-03 23:47:12 UTC
(rev 9875)
@@ -78,6 +78,45 @@
return buf.toString();
}
+ public String[] getHeadersAsArray(String name) {
+ Vector hdrs = new Vector();
+
+ Enumeration e = this.headers.elements();
+
+ while (e.hasMoreElements()) {
+ MailMessageHeader h = (MailMessageHeader)
e.nextElement();
+
+ if (h.name.equalsIgnoreCase(name)) {
+ hdrs.add(h.val);
+ }
+ }
+
+ String[] retval = new String[hdrs.size()];
+
+ e = hdrs.elements();
+
+ int i = 0;
+ while (e.hasMoreElements()) {
+ retval[i] = (String)e.nextElement();
+ i++;
+ }
+
+ return retval;
+ }
+
+ public void removeHeader(String name, String val) {
+ int i;
+
+ for (i = 0; i < this.headers.size(); i++) {
+ MailMessageHeader h = (MailMessageHeader)
this.headers.elementAt(i);
+
+ if (h.name.equalsIgnoreCase(name) &&
h.val.equalsIgnoreCase(val)) {
+ this.headers.remove(i);
+ i--;
+ }
+ }
+ }
+
public PrintStream writeHeadersAndGetStream() throws
FileNotFoundException {
this.os = new FileOutputStream(this.file);
this.ps = new PrintStream(this.os);
Modified: trunk/apps/Freemail/src/freemail/Postman.java
===================================================================
--- trunk/apps/Freemail/src/freemail/Postman.java 2006-08-03 21:37:33 UTC
(rev 9874)
+++ trunk/apps/Freemail/src/freemail/Postman.java 2006-08-03 23:47:12 UTC
(rev 9875)
@@ -9,6 +9,8 @@
import java.io.PrintStream;
import java.io.IOException;
+import freemail.utils.EmailAddress;
+
/** A postman is any class that delivers mail to an inbox. Simple,
* if not politically correct.
*/
@@ -26,6 +28,20 @@
newmsg.readHeaders(brdr);
+ // validate the from header - or headers. There could be
several.
+ String[] froms = newmsg.getHeadersAsArray("From");
+
+ int i;
+ for (i = 0; i < froms.length; i++) {
+ EmailAddress addr = new EmailAddress(froms[i]);
+
+ if (!this.validateFrom(addr)) {
+ newmsg.removeHeader("From", froms[i]);
+ newmsg.addHeader("From", "**SPOOFED!**
"+froms[i]);
+ }
+ }
+
+
PrintStream ps = newmsg.writeHeadersAndGetStream();
String line;
@@ -136,4 +152,9 @@
}
return null;
}
+
+ public boolean validateFrom(EmailAddress from) throws IOException {
+ // override me!
+ return true;
+ }
}
Modified: trunk/apps/Freemail/src/freemail/RTSFetcher.java
===================================================================
--- trunk/apps/Freemail/src/freemail/RTSFetcher.java 2006-08-03 21:37:33 UTC
(rev 9874)
+++ trunk/apps/Freemail/src/freemail/RTSFetcher.java 2006-08-03 23:47:12 UTC
(rev 9875)
@@ -31,6 +31,8 @@
import freenet.support.io.LineReadingInputStream;
import freenet.support.io.TooLongException;
+import org.archive.util.Base32;
+
public class RTSFetcher implements SlotSaveCallback {
private String rtskey;
private File contact_dir;
@@ -339,8 +341,15 @@
}
String our_domain_alias = this.accprops.get("domain_alias");
+ FreenetURI mailsite_furi;
+ try {
+ mailsite_furi = new FreenetURI(our_mailsite_keybody);
+ } catch (MalformedURLException mfe) {
+ return false;
+ }
+ String our_subdomain =
Base32.encode(mailsite_furi.getKeyBody().getBytes());
- if (!rtsprops.get("to").equals(our_mailsite_keybody) &&
our_domain_alias != null && !rtsprops.get("to").equals(our_domain_alias)) {
+ if (!rtsprops.get("to").equalsIgnoreCase(our_subdomain) &&
our_domain_alias != null && !rtsprops.get("to").equals(our_domain_alias)) {
System.out.println("Recieved an RTS message that was
not intended for the recipient. Discarding.");
msfile.delete();
rtsfile.delete();
Modified: trunk/apps/Freemail/src/freemail/utils/EmailAddress.java
===================================================================
--- trunk/apps/Freemail/src/freemail/utils/EmailAddress.java 2006-08-03
21:37:33 UTC (rev 9874)
+++ trunk/apps/Freemail/src/freemail/utils/EmailAddress.java 2006-08-03
23:47:12 UTC (rev 9875)
@@ -95,13 +95,8 @@
public String getMailpageKey() {
if (this.is_ssk_address()) {
- System.out.println("detected ssk address");
-
return "USK@"+new String
(Base32.decode(this.getSubDomain()))+"/"+AccountManager.MAILSITE_SUFFIX+"/"+AccountManager.MAILSITE_VERSION+"/"+MailSite.MAILPAGE;
} else {
- System.out.println("detected ksk address");
-
System.out.println("KSK@"+this.getSubDomain()+MailSite.ALIAS_SUFFIX);
-
return "KSK@"+this.getSubDomain()+MailSite.ALIAS_SUFFIX;
}
}
