From 396eb89d1624f0bad6bc41ee477f40e824be41d9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 6 Feb 2015 14:50:10 +0200 Subject: Polish changes following PR #3573 --- system/libraries/Email.php | 17 ++++++++++++----- user_guide_src/source/changelog.rst | 1 + 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 43dbe28b4..45c5c09b9 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -2171,16 +2171,23 @@ class CI_Email { /** * Get Hostname - * - * There are only two legal types of hostname either a fully qualified domain - * name (eg: "mail.example.com") or an "IP literal" (eg: "[1.2.3.4]"). - * + * + * There are only two legal types of hostname - either a fully + * qualified domain name (eg: "mail.example.com") or an IP literal + * (eg: "[1.2.3.4]"). + * + * @link https://tools.ietf.org/html/rfc5321#section-2.3.5 * @link http://cbl.abuseat.org/namingproblems.html * @return string */ protected function _get_hostname() { - return isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : '[' . $_SERVER['SERVER_ADDR'] . ']'; + if (isset($_SERVER['SERVER_NAME'])) + { + return $_SERVER['SERVER_NAME']; + } + + return isset($_SERVER['SERVER_ADDR']) ? '['.$_SERVER['SERVER_ADDR'].']' : '[127.0.0.1]'; } // -------------------------------------------------------------------- diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 5c5cd5e54..bc3ea34f6 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -767,6 +767,7 @@ Bug fixes for 3.0 - Fixed a bug in :doc:`Zip Library ` internal method ``_get_mod_time()`` where it was not parsing result returned by ``filemtime()``. - Fixed a bug (#3161) - :doc:`Cache Library ` methods `increment()`, `decrement()` didn't auto-create non-existent items when using redis and/or file storage. - Fixed a bug (#3189) - :doc:`Parser Library ` used double replacement on ``key->value`` pairs, exposing a potential template injection vulnerability. +- Fixed a bug (#3573) - :doc:`Email Library ` violated `RFC5321 `_ by sending 'localhost.localdomain' as a hostname. Version 2.2.1 ============= -- cgit v1.2.3-24-g4f1b