From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 27 Apr 2020 20:52:03 +0000 (+0000)
Subject: accounts: Reject subdomains of blacklisted domains, too
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=52e32ba0b24293b9ce0b1801bd3b34c4f36d76d5;p=ipfire.org.git

accounts: Reject subdomains of blacklisted domains, too

Fixes: #12333
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/backend/accounts.py b/src/backend/accounts.py
index 584a8658..2c9f4608 100644
--- a/src/backend/accounts.py
+++ b/src/backend/accounts.py
@@ -362,7 +362,7 @@ class Accounts(Object):
 
 	def domain_is_blacklisted(self, domain):
 		res = self.db.get("SELECT TRUE AS found FROM blacklisted_domains \
-			WHERE domain = %s", domain)
+			WHERE domain = %s OR %s LIKE '%%.' || domain", domain, domain)
 
 		if res and res.found:
 			return True