Fix tests and logic.

Indeed, from on:
  1. We strip out IPs.
  2. We strip out "potential" INVALID that:
     - doesn't contains dots
     - contains at least 2 consecutive dots
     - looks like an IP.

From now on an acceptable subject shall:
  1. have at least 1 dot.
  2. NOT be an IPv4 or IPv6
  3. NOT look like an IP. (Example: 258.300.10.3)
This commit is contained in:
funilrys
2023-09-06 21:52:52 +02:00
parent 272659110c
commit 65ebac6bf8
2 changed files with 8 additions and 7 deletions

View File

@@ -842,8 +842,7 @@ class TestNormalizeRule(BaseStdout):
"128.0.0.1", "128.0.0.1",
"::1", "::1",
"0.0.0.0 128.0.0.2", "0.0.0.0 128.0.0.2",
"0.0.0 google", "0.1.2.3 foo/bar",
"0.1.2.3.4 foo/bar",
"0.0.0.0 https", "0.0.0.0 https",
"0.0.0.0 https..", "0.0.0.0 https..",
]: ]:
@@ -894,16 +893,16 @@ class TestNormalizeRule(BaseStdout):
def test_two_ips(self): def test_two_ips(self):
for target_ip in ("0.0.0.0", "127.0.0.1", "8.8.8.8"): for target_ip in ("0.0.0.0", "127.0.0.1", "8.8.8.8"):
rule = "127.0.0.1 11.22.33.44 foo" rule = "127.0.0.1 11.22.33.44 foo"
expected = ("11.22.33.44", str(target_ip) + " 11.22.33.44\n")
actual = normalize_rule( actual = normalize_rule(
rule, target_ip=target_ip, keep_domain_comments=False rule, target_ip=target_ip, keep_domain_comments=False
) )
self.assertEqual(actual, expected) self.assertEqual(actual, (None, None))
# Nothing gets printed if there's a match.
output = sys.stdout.getvalue() output = sys.stdout.getvalue()
self.assertEqual(output, "")
expected = "==>" + rule + "<=="
self.assertIn(expected, output)
sys.stdout = StringIO() sys.stdout = StringIO()

View File

@@ -1127,6 +1127,7 @@ def normalize_rule(rule, target_ip, keep_domain_comments):
is_ip(hostname) is_ip(hostname)
or re.search(static_ip_regex, hostname) or re.search(static_ip_regex, hostname)
or "." not in hostname or "." not in hostname
or ".." in hostname
or ":" in hostname or ":" in hostname
): ):
# Example: 0.0.0.0 127.0.0.1 # Example: 0.0.0.0 127.0.0.1
@@ -1143,9 +1144,10 @@ def normalize_rule(rule, target_ip, keep_domain_comments):
if ( if (
not re.search(static_ip_regex, split_rule[0]) not re.search(static_ip_regex, split_rule[0])
and ":" not in split_rule[0] and ":" not in split_rule[0]
and ".." not in split_rule[0]
and "." in split_rule[0] and "." in split_rule[0]
): ):
# Deny anything that looks like an IP & doesn't container dots. # Deny anything that looks like an IP; doesn't container dots or INVALID.
try: try:
hostname, suffix = split_rule hostname, suffix = split_rule