7623 – sa-update files with mirrors containing paths (or ports)

Bug 7623 - sa-update files with mirrors containing paths (or ports)

Summary: sa-update files with mirrors containing paths (or ports)

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	sa-update (show other bugs)
Version:	unspecified
Hardware:	PC Linux

Importance:	P2 blocker
Target Milestone:	3.4.3
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2018-09-18 12:02 UTC by Manuel Mausz
Modified:	2018-09-29 10:21 UTC (History)
CC List:	3 users (show)

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Manuel Mausz 2018-09-18 12:02:04 UTC

The DNS query introduced in https://github.com/apache/spamassassin/commit/83bc5ea4062948f399ca1b96ea906314717850fe fails if the update URL contains paths or ports. According to https://wiki.apache.org/spamassassin/PublishingRuleUpdates this should be supported.

Right now only the trailing slash + leading scheme will be removed. Optional paths or ports will be passed together with the domain to do_dns_query. e.g. "http://sa.zmi.at/sa-update-german/" will result in do_dns_query("sa.zmi.at/sa-update-german"). Obviously this can't work and the mirror will be marked as failed.

A quick fix would be using the URI module: $mirror = URI->new($mirror)->host

Do not know if this is available in all supported perl versions.

Comment 1 andrew 2018-09-27 16:10:16 UTC

The following patch does work for me.

diff -ruN Mail-SpamAssassin-3.4.2.orig/sa-update.raw Mail-SpamAssassin-3.4.2/sa-update.raw
--- Mail-SpamAssassin-3.4.2.orig/sa-update.raw	2018-09-14 03:27:51.000000000 +0200
+++ Mail-SpamAssassin-3.4.2/sa-update.raw	2018-09-27 18:07:22.339001090 +0200
@@ -1659,6 +1659,7 @@
     my($a_rr, $aaaa_rr);
       # RFC 3986:  scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." )
     $mirror =~ s{^[a-z][a-z0-9.+-]*://}{}si;  # strip scheme like http://
+    $mirror =~ s{(:[0-9]+)?(/.*)?$}{}si;      # strip port and path like :8090/updatestage/
     return 1 if $have_inet4 && do_dns_query($mirror, "A");
     return 1 if $have_inet6 && do_dns_query($mirror, "AAAA");
     return 0;

Comment 2 Henrik Krohns 2018-09-29 09:41:27 UTC

Fixed

Sending        spamassassin-3.4/sa-update.raw
Sending        trunk/sa-update.raw
Transmitting file data ..done
Committing transaction...
Committed revision 1842303.

Comment 3 Henrik Krohns 2018-09-29 10:21:28 UTC

Ok might as well do it properly, before someone thinks of using IPv4 or IPv6 IP-address literals..

Sending        spamassassin-3.4/sa-update.raw
Sending        trunk/sa-update.raw
Transmitting file data ..done
Committing transaction...
Committed revision 1842321.