From 151729af08d3dd672c87fbb073ad372883439606 Mon Sep 17 00:00:00 2001 From: Mechiel Lukkien Date: Sun, 23 Feb 2025 11:33:31 +0100 Subject: [PATCH] in dns.ParseDomain, don't allow ipv4 addresses (ipv6 addresses were already rejected) we are expecting a DNS domain name there. also highlighted a wrong test in the smtp server. --- dns/dns.go | 7 +++++++ smtpserver/server_test.go | 9 ++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/dns/dns.go b/dns/dns.go index f792149..edb122d 100644 --- a/dns/dns.go +++ b/dns/dns.go @@ -20,6 +20,7 @@ var ( errTrailingDot = errors.New("dns name has trailing dot") errUnderscore = errors.New("domain name with underscore") errIDNA = errors.New("idna") + errIPNotName = errors.New("ip address while name required") ) // Domain is a domain name, with one or more labels, with at least an ASCII @@ -96,6 +97,12 @@ func ParseDomain(s string) (Domain, error) { return Domain{}, errTrailingDot } + // IPv4 addresses would be accepted by idna lookups. TLDs cannot be all numerical, + // so IP addresses are not valid DNS names. + if net.ParseIP(s) != nil { + return Domain{}, errIPNotName + } + ascii, err := idna.Lookup.ToASCII(s) if err != nil { return Domain{}, fmt.Errorf("%w: to ascii: %v", errIDNA, err) diff --git a/smtpserver/server_test.go b/smtpserver/server_test.go index 5e7564c..d32dd90 100644 --- a/smtpserver/server_test.go +++ b/smtpserver/server_test.go @@ -530,7 +530,14 @@ func TestDelivery(t *testing.T) { ts.run(func(client *smtpclient.Client) { mailFrom := "remote@example.org" - rcptTo := "mjl@127.0.0.10" + rcptTo := "mjl@[127.0.0.10]" + err := client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(deliverMessage)), strings.NewReader(deliverMessage), false, false, false) + ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SeAddr1UnknownDestMailbox1}) + }) + + ts.run(func(client *smtpclient.Client) { + mailFrom := "remote@example.org" + rcptTo := "mjl@[IPv6:::1]" err := client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(deliverMessage)), strings.NewReader(deliverMessage), false, false, false) ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SeAddr1UnknownDestMailbox1}) })