[CalendarServer-changes] [14958] CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip

source_changes at macosforge.org source_changes at macosforge.org
Mon Jul 13 13:20:02 PDT 2015 

Revision: 14958
          http://trac.calendarserver.org//changeset/14958
Author:   cdaboo at apple.com
Date:     2015-07-13 13:20:01 -0700 (Mon, 13 Jul 2015)
Log Message:
-----------
Make sure iMIP message-ids use the configured server host name as the domain portion of the id.

Modified Paths:
--------------
    CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/inbound.py
    CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/outbound.py
    CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/smtpsender.py
    CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/test/test_outbound.py

Modified: CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/inbound.py
===================================================================
--- CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/inbound.py	2015-07-10 20:00:04 UTC (rev 14957)
+++ CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/inbound.py	2015-07-13 20:20:01 UTC (rev 14958)
@@ -27,7 +27,6 @@
 from twisted.internet import protocol, defer, ssl
 from twisted.internet.defer import inlineCallbacks, returnValue, succeed
 from twisted.mail import pop3client, imap4
-from twisted.mail.smtp import messageid
 
 from twistedcaldav.config import config
 from twistedcaldav.ical import Property, Component
@@ -392,7 +391,7 @@
             del msg["To"]
             msg["To"] = toAddr
             log.warn("Mail gateway forwarding reply back to organizer")
-            yield smtpSender.sendMessage(fromAddr, toAddr, messageid(), msg.as_string())
+            yield smtpSender.sendMessage(fromAddr, toAddr, SMTPSender.betterMessageID(), msg.as_string())
             returnValue(self.REPLY_FORWARDED_TO_ORGANIZER)
 
         # Process the imip attachment; inject to calendar server

Modified: CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/outbound.py
===================================================================
--- CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/outbound.py	2015-07-10 20:00:04 UTC (rev 14957)
+++ CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/outbound.py	2015-07-13 20:20:01 UTC (rev 14958)
@@ -32,7 +32,7 @@
 from twext.enterprise.jobqueue import WorkItem
 from twext.python.log import Logger
 from twisted.internet.defer import inlineCallbacks, returnValue
-from twisted.mail.smtp import messageid, rfc822date
+from twisted.mail.smtp import rfc822date
 from twisted.web.microdom import Text as DOMText, Element as DOMElement
 from twisted.web.microdom import parseString
 from twisted.web.template import XMLString, TEMPLATE_NAMESPACE, Element, renderer, flattenString, tags
@@ -558,7 +558,7 @@
         msg["Reply-To"] = replyToAddress
         msg["To"] = toAddress
         msg["Date"] = rfc822date()
-        msgId = messageid()
+        msgId = SMTPSender.betterMessageID()
         msg["Message-ID"] = msgId
 
         msgAlt = MIMEMultipart("alternative")

Modified: CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/smtpsender.py
===================================================================
--- CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/smtpsender.py	2015-07-10 20:00:04 UTC (rev 14957)
+++ CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/smtpsender.py	2015-07-13 20:20:01 UTC (rev 14958)
@@ -24,7 +24,8 @@
 from twext.internet.gaiendpoint import GAIEndpoint
 from twext.python.log import Logger
 from twisted.internet import defer, ssl, reactor as _reactor
-from twisted.mail.smtp import ESMTPSenderFactory
+from twisted.mail.smtp import ESMTPSenderFactory, messageid
+from twistedcaldav.config import config
 
 log = Logger()
 
@@ -81,3 +82,15 @@
         deferred.addCallback(_success, msgId, fromAddr, toAddr)
         deferred.addErrback(_failure, msgId, fromAddr, toAddr)
         return deferred
+
+
+    @staticmethod
+    def betterMessageID():
+        """
+        Strip out the domain in the default Twisted Message-ID value and replace with our configured
+        server host name. That will avoid leaking internal app-server host names in a multi-host setup.
+
+        @return: our safe message-id value
+        @rtype: L{str}
+        """
+        return "{}@{}>".format(messageid().split("@")[0], config.ServerHostName)

Modified: CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/test/test_outbound.py
===================================================================
--- CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/test/test_outbound.py	2015-07-10 20:00:04 UTC (rev 14957)
+++ CalendarServer/trunk/txdav/caldav/datastore/scheduling/imip/test/test_outbound.py	2015-07-13 20:20:01 UTC (rev 14958)
@@ -585,6 +585,7 @@
             txn, inputOriginator, inputRecipient,
             Component.fromString(inputCalendar.replace("\n", "\r\n")),
             onlyAfter=DateTime(2010, 1, 1, 0, 0, 0))
+        yield txn.commit()
 
         # Verify we didn't create a new token...
         txn = self.store.newTransaction()
@@ -634,6 +635,17 @@
         self.assertEquals(actualTypes, expectedTypes)
 
 
+    def test_messageID(self):
+        """
+        L{SMTPSender.betterMessageID} generates a Message-ID domain matching
+        the L{config.ServerHostName} value.
+        """
+        self.patch(config, "ServerHostName", "calendar.example.com")
+        msgID, message = self.generateSampleEmail()
+        self.assertEquals(message['Message-ID'], msgID)
+        self.assertEqual(msgID[:-1].split("@")[1], config.ServerHostName)
+
+
     def test_alwaysIncludeTimezones(self):
         """
         L{MailHandler.generateEmail} generates a MIME-formatted email with a
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20150713/6c1777c0/attachment.html>

More information about the calendarserver-changes mailing list