Commit 21892b5e authored by ale's avatar ale
Browse files

documentation fixes

parent d1d38748
......@@ -50,13 +50,15 @@ type MxInfo struct {
// * It stores TLS connection parameters for every mail server
// that was contacted.
//
// * It detects TLS errors and outputs the server name to the
// 'mxErrCh' channel. When such an error is detected, the
// mx certificate cache is invalidated, and all the domains
// that are related to this mx are updated (via outch).
// * It detects TLS errors. When a TLS connection error to a 'known'
// mail server is found, the mail server's certificate is
// invalidated, and all the domains that are related to this mx are
// updated (via outch). This will cause a new policy computation,
// which will generate a conflict.
//
// Since the output channels can be very verbose, and they are used as
// an update signal, it is advised to use Batch() to coalesce them.
// Since the Scanner is stateless (except for the mx tracking), it
// will output domain names repeatedly, once for each delivery; it is
// usually necessary to deduplicate the output using Batch().
//
type Scanner struct {
db Database
......@@ -77,6 +79,7 @@ func NewScanner(db Database, outCh chan string, whitelist RegexpList, blacklist
func (s *Scanner) Close() {
}
// Handle a successful TLS connection log.
func (s *Scanner) handleTlsConnection(m []string) {
session := s.db.Session()
defer session.Close()
......@@ -84,10 +87,14 @@ func (s *Scanner) handleTlsConnection(m []string) {
session.Set(mxSeenTable, m[2], time.Now())
}
// Handle a TLS connection error.
func (s *Scanner) handleTlsError(m []string) {
session := s.db.Session()
defer session.Close()
// Ignore delivery errors for mail servers to which we have
// never connected successfully. This has the effect of
// ignoring errors for domains that we're not managing.
if !session.Get(mxSeenTable, m[1], nil) {
return
}
......@@ -105,7 +112,8 @@ func (s *Scanner) handleTlsError(m []string) {
}
}
func (s *Scanner) handleRelay(m []string) {
// Handle an email delivery log.
func (s *Scanner) handleDelivery(m []string) {
if (s.domainWhitelist != nil && !s.domainWhitelist.Match(m[1])) || (s.domainBlacklist != nil && s.domainBlacklist.Match(m[1])) {
return
}
......@@ -168,7 +176,10 @@ func GetDomainsForMX(session Session, mx string) []string {
}
// HandleLog parses a single log line (it tries its best to ignore the
// actual syslog format used).
// actual syslog format used). Note that since no attempts are made at
// parsing the log timestamp, the current time is always used -- this
// means that if we're batch processing a large log file, expirations
// won't work as expected (not a big deal anyway).
func (s *Scanner) HandleLog(line string) {
if !strings.Contains(line, "postfix/") {
return
......@@ -179,7 +190,7 @@ func (s *Scanner) HandleLog(line string) {
} else if m := tlsErrorRx.FindStringSubmatch(line); m != nil {
s.handleTlsError(m)
} else if m := deliverRx.FindStringSubmatch(line); m != nil {
s.handleRelay(m)
s.handleDelivery(m)
}
}
......@@ -194,6 +205,7 @@ func (s *Scanner) Scan(r io.Reader) error {
return scanner.Err()
}
// UpdateBatch is simply a set of unique strings.
type UpdateBatch map[string]struct{}
type batcher struct {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment