1 /* $Cambridge: exim/src/src/host.c,v 1.13 2005/08/22 15:28:20 ph10 Exp $ */
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
7 /* Copyright (c) University of Cambridge 1995 - 2005 */
8 /* See the file NOTICE for conditions of use and distribution. */
10 /* Functions for finding hosts, either by gethostbyname(), gethostbyaddr(), or
11 directly via the DNS. When IPv6 is supported, getipnodebyname() and
12 getipnodebyaddr() may be used instead of gethostbyname() and gethostbyaddr(),
13 if the newer functions are available. This module also contains various other
14 functions concerned with hosts and addresses, and a random number function,
15 used for randomizing hosts with equal MXs but available for use in other parts
22 /* Static variable for preserving the list of interface addresses in case it is
23 used more than once. */
25 static ip_address_item *local_interface_data = NULL;
28 #ifdef USE_INET_NTOA_FIX
29 /*************************************************
30 * Replacement for broken inet_ntoa() *
31 *************************************************/
33 /* On IRIX systems, gcc uses a different structure passing convention to the
34 native libraries. This causes inet_ntoa() to always yield 0.0.0.0 or
35 255.255.255.255. To get round this, we provide a private version of the
36 function here. It is used only if USE_INET_NTOA_FIX is set, which should happen
37 only when gcc is in use on an IRIX system. Code send to me by J.T. Breitner,
41 as seen in comp.sys.sgi.admin
43 August 2005: Apparently this is also needed for AIX systems; USE_INET_NTOA_FIX
44 should now be set for them as well.
46 Arguments: sa an in_addr structure
47 Returns: pointer to static text string
51 inet_ntoa(struct in_addr sa)
53 static uschar addr[20];
54 sprintf(addr, "%d.%d.%d.%d",
65 /*************************************************
66 * Random number generator *
67 *************************************************/
69 /* This is a simple pseudo-random number generator. It does not have to be
70 very good for the uses to which it is put. When running the regression tests,
71 start with a fixed seed.
74 limit: one more than the largest number required
76 Returns: a pseudo-random number in the range 0 to limit-1
80 random_number(int limit)
84 if (running_in_test_harness) random_seed = 42; else
86 int p = (int)getpid();
87 random_seed = (int)time(NULL) ^ ((p << 16) | p);
90 random_seed = 1103515245 * random_seed + 12345;
91 return (unsigned int)(random_seed >> 16) % limit;
96 /*************************************************
97 * Sort addresses when testing *
98 *************************************************/
100 /* This function is called only when running in the test harness. It sorts a
101 number of multihomed host IP addresses into the order, so as to get
102 repeatability. This doesn't have to be efficient. But don't interchange IPv4
106 host -> the first host item
107 last -> the last host item
113 sort_addresses(host_item *host, host_item *last)
120 for (h = host; h != last; h = h->next)
122 if ((Ustrchr(h->address, ':') == NULL) !=
123 (Ustrchr(h->next->address, ':') == NULL))
125 if (Ustrcmp(h->address, h->next->address) > 0)
127 uschar *temp = h->address;
128 h->address = h->next->address;
129 h->next->address = temp;
138 /*************************************************
139 * Build chain of host items from list *
140 *************************************************/
142 /* This function builds a chain of host items from a textual list of host
143 names. It does not do any lookups. If randomize is true, the chain is build in
144 a randomized order. There may be multiple groups of independently randomized
145 hosts; they are delimited by a host name consisting of just "+".
148 anchor anchor for the chain
150 randomize TRUE for randomizing
156 host_build_hostlist(host_item **anchor, uschar *list, BOOL randomize)
159 int fake_mx = MX_NONE; /* This value is actually -1 */
163 if (list == NULL) return;
164 if (randomize) fake_mx--; /* Start at -2 for randomizing */
168 while ((name = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
172 if (name[0] == '+' && name[1] == 0) /* "+" delimits a randomized group */
173 { /* ignore if not randomizing */
174 if (randomize) fake_mx--;
178 h = store_get(sizeof(host_item));
179 h->name = string_copy(name);
183 h->sort_key = randomize? (-fake_mx)*1000 + random_number(1000) : 0;
184 h->status = hstatus_unknown;
185 h->why = hwhy_unknown;
195 host_item *hh = *anchor;
196 if (h->sort_key < hh->sort_key)
203 while (hh->next != NULL && h->sort_key >= (hh->next)->sort_key)
216 /*************************************************
217 * Extract port from address string *
218 *************************************************/
220 /* In the spool file, and in the -oMa and -oMi options, a host plus port is
221 given as an IP address followed by a dot and a port number. This function
224 An alternative format for the -oMa and -oMi options is [ip address]:port which
225 is what Exim 4 uses for output, because it seems to becoming commonly used,
226 whereas the dot form confuses some programs/people. So we recognize that form
230 address points to the string; if there is a port, the '.' in the string
231 is overwritten with zero to terminate the address; if the string
232 is in the [xxx]:ppp format, the address is shifted left and the
235 Returns: 0 if there is no port, else the port number. If there's a syntax
236 error, leave the incoming address alone, and return 0.
240 host_address_extract_port(uschar *address)
245 /* Handle the "bracketed with colon on the end" format */
249 uschar *rb = address + 1;
250 while (*rb != 0 && *rb != ']') rb++;
251 if (*rb++ == 0) return 0; /* Missing ]; leave invalid address */
254 port = Ustrtol(rb + 1, &endptr, 10);
255 if (*endptr != 0) return 0; /* Invalid port; leave invalid address */
257 else if (*rb != 0) return 0; /* Bad syntax; leave invalid address */
258 memmove(address, address + 1, rb - address - 2);
262 /* Handle the "dot on the end" format */
266 int skip = -3; /* Skip 3 dots in IPv4 addresses */
268 while (*(++address) != 0)
271 if (ch == ':') skip = 0; /* Skip 0 dots in IPv6 addresses */
272 else if (ch == '.' && skip++ >= 0) break;
274 if (*address == 0) return 0;
275 port = Ustrtol(address + 1, &endptr, 10);
276 if (*endptr != 0) return 0; /* Invalid port; leave invalid address */
284 /*************************************************
285 * Get port from a host item's name *
286 *************************************************/
288 /* This function is called when finding the IP address for a host that is in a
289 list of hosts explicitly configured, such as in the manualroute router, or in a
290 fallback hosts list. We see if there is a port specification at the end of the
291 host name, and if so, remove it. A minimum length of 3 is required for the
292 original name; nothing shorter is recognized as having a port.
294 We test for a name ending with a sequence of digits; if preceded by colon we
295 have a port if the character before the colon is ] and the name starts with [
296 or if there are no other colons in the name (i.e. it's not an IPv6 address).
298 Arguments: pointer to the host item
299 Returns: a port number or PORT_NONE
303 host_item_get_port(host_item *h)
307 int len = Ustrlen(h->name);
309 if (len < 3 || (p = h->name + len - 1, !isdigit(*p))) return PORT_NONE;
311 /* Extract potential port number */
316 while (p > h->name + 1 && isdigit(*p))
318 port += (*p-- - '0') * x;
322 /* The smallest value of p at this point is h->name + 1. */
324 if (*p != ':') return PORT_NONE;
326 if (p[-1] == ']' && h->name[0] == '[')
327 h->name = string_copyn(h->name + 1, p - h->name - 2);
328 else if (Ustrchr(h->name, ':') == p)
329 h->name = string_copyn(h->name, p - h->name);
330 else return PORT_NONE;
332 DEBUG(D_route|D_host_lookup) debug_printf("host=%s port=%d\n", h->name, port);
338 #ifndef STAND_ALONE /* Omit when standalone testing */
340 /*************************************************
341 * Build sender_fullhost and sender_rcvhost *
342 *************************************************/
344 /* This function is called when sender_host_name and/or sender_helo_name
345 have been set. Or might have been set - for a local message read off the spool
346 they won't be. In that case, do nothing. Otherwise, set up the fullhost string
349 (a) No sender_host_name or sender_helo_name: "[ip address]"
350 (b) Just sender_host_name: "host_name [ip address]"
351 (c) Just sender_helo_name: "(helo_name) [ip address]"
352 (d) The two are identical: "host_name [ip address]"
353 (e) The two are different: "host_name (helo_name) [ip address]"
355 If log_incoming_port is set, the sending host's port number is added to the IP
358 This function also builds sender_rcvhost for use in Received: lines, whose
359 syntax is a bit different. This value also includes the RFC 1413 identity.
360 There wouldn't be two different variables if I had got all this right in the
363 Because this data may survive over more than one incoming SMTP message, it has
364 to be in permanent store.
371 host_build_sender_fullhost(void)
374 int old_pool = store_pool;
376 if (sender_host_address == NULL) return;
378 store_pool = POOL_PERM;
380 /* Set up address, with or without the port. After discussion, it seems that
381 the only format that doesn't cause trouble is [aaaa]:pppp. However, we can't
382 use this directly as the first item for Received: because it ain't an RFC 2822
385 address = string_sprintf("[%s]:%d", sender_host_address, sender_host_port);
386 if ((log_extra_selector & LX_incoming_port) == 0 || sender_host_port <= 0)
387 *(Ustrrchr(address, ':')) = 0;
389 /* Host name is not verified */
391 if (sender_host_name == NULL)
393 uschar *portptr = Ustrstr(address, "]:");
396 int adlen; /* Sun compiler doesn't like ++ in initializers */
398 adlen = (portptr == NULL)? Ustrlen(address) : (++portptr - address);
399 sender_fullhost = (sender_helo_name == NULL)? address :
400 string_sprintf("(%s) %s", sender_helo_name, address);
402 sender_rcvhost = string_cat(NULL, &size, &ptr, address, adlen);
404 if (sender_ident != NULL || sender_helo_name != NULL || portptr != NULL)
407 sender_rcvhost = string_cat(sender_rcvhost, &size, &ptr, US" (", 2);
411 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2, US"port=",
414 if (sender_helo_name != NULL)
415 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2,
416 (firstptr == ptr)? US"helo=" : US" helo=", sender_helo_name);
418 if (sender_ident != NULL)
419 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2,
420 (firstptr == ptr)? US"ident=" : US" ident=", sender_ident);
422 sender_rcvhost = string_cat(sender_rcvhost, &size, &ptr, US")", 1);
425 sender_rcvhost[ptr] = 0; /* string_cat() always leaves room */
427 /* Release store, because string_cat allocated a minimum of 100 bytes that
428 are rarely completely used. */
430 store_reset(sender_rcvhost + ptr + 1);
433 /* Host name is known and verified. */
438 BOOL no_helo = FALSE;
440 /* Comparing a HELO name to a host name is easy */
442 if (sender_helo_name == NULL ||
443 strcmpic(sender_host_name, sender_helo_name) == 0)
446 /* If HELO/EHLO was followed by an IP literal, it's much more messy because
447 of two features of IPv6. Firstly, there's the "IPv6:" prefix (Exim is liberal
448 and doesn't require this, for historical reasons). Secondly, an IPv6 address
449 may not be given in canonical form, so we have to canonicize it before
450 comparing. As it happens, the code works for both IPv4 and IPv6. */
452 else if (sender_helo_name[0] == '[' &&
453 sender_helo_name[(len=Ustrlen(sender_helo_name))-1] == ']')
458 if (strncmpic(sender_helo_name+1, US"IPv6:",5) == 0) offset += 5;
459 helo_ip = string_copyn(sender_helo_name + offset, len - offset - 1);
461 if (string_is_ip_address(helo_ip, NULL) != 0)
465 size = host_aton(helo_ip, x);
466 helo_ip = store_get(48); /* large enough for full IPv6 */
467 (void)host_nmtoa(size, x, -1, helo_ip, ':');
468 if (strcmpic(helo_ip, sender_host_address) == 0) no_helo = TRUE;
474 sender_fullhost = string_sprintf("%s %s", sender_host_name, address);
475 sender_rcvhost = (sender_ident == NULL)?
476 string_sprintf("%s (%s)", sender_host_name, address) :
477 string_sprintf("%s (%s ident=%s)", sender_host_name, address,
482 sender_fullhost = string_sprintf("%s (%s) %s", sender_host_name,
483 sender_helo_name, address);
484 sender_rcvhost = (sender_ident == NULL)?
485 string_sprintf("%s (%s helo=%s)", sender_host_name,
486 address, sender_helo_name) :
487 string_sprintf("%s\n\t(%s helo=%s ident=%s)", sender_host_name,
488 address, sender_helo_name, sender_ident);
492 store_pool = old_pool;
494 DEBUG(D_host_lookup) debug_printf("sender_fullhost = %s\n", sender_fullhost);
495 DEBUG(D_host_lookup) debug_printf("sender_rcvhost = %s\n", sender_rcvhost);
500 /*************************************************
501 * Build host+ident message *
502 *************************************************/
504 /* Used when logging rejections and various ACL and SMTP incidents. The text
505 return depends on whether sender_fullhost and sender_ident are set or not:
507 no ident, no host => U=unknown
508 no ident, host set => H=sender_fullhost
509 ident set, no host => U=ident
510 ident set, host set => H=sender_fullhost U=ident
513 useflag TRUE if first item to be flagged (H= or U=); if there are two
514 items, the second is always flagged
516 Returns: pointer to a string in big_buffer
520 host_and_ident(BOOL useflag)
522 if (sender_fullhost == NULL)
524 (void)string_format(big_buffer, big_buffer_size, "%s%s", useflag? "U=" : "",
525 (sender_ident == NULL)? US"unknown" : sender_ident);
529 uschar *flag = useflag? US"H=" : US"";
530 uschar *iface = US"";
531 if ((log_extra_selector & LX_incoming_interface) != 0 &&
532 interface_address != NULL)
533 iface = string_sprintf(" I=[%s]:%d", interface_address, interface_port);
534 if (sender_ident == NULL)
535 (void)string_format(big_buffer, big_buffer_size, "%s%s%s",
536 flag, sender_fullhost, iface);
538 (void)string_format(big_buffer, big_buffer_size, "%s%s%s U=%s",
539 flag, sender_fullhost, iface, sender_ident);
544 #endif /* STAND_ALONE */
549 /*************************************************
550 * Build list of local interfaces *
551 *************************************************/
553 /* This function interprets the contents of the local_interfaces or
554 extra_local_interfaces options, and creates an ip_address_item block for each
555 item on the list. There is no special interpretation of any IP addresses; in
556 particular, 0.0.0.0 and ::0 are returned without modification. If any address
557 includes a port, it is set in the block. Otherwise the port value is set to
562 name the name of the option being expanded
564 Returns: a chain of ip_address_items, each containing to a textual
565 version of an IP address, and a port number (host order) or
566 zero if no port was given with the address
570 host_build_ifacelist(uschar *list, uschar *name)
575 ip_address_item *yield = NULL;
576 ip_address_item *last = NULL;
577 ip_address_item *next;
579 while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
581 int port = host_address_extract_port(s); /* Leaves just the IP address */
582 if (string_is_ip_address(s, NULL) == 0)
583 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Malformed IP address \"%s\" in %s",
586 /* This use of strcpy() is OK because we have checked that s is a valid IP
587 address above. The field in the ip_address_item is large enough to hold an
590 next = store_get(sizeof(ip_address_item));
592 Ustrcpy(next->address, s);
594 next->v6_include_v4 = FALSE;
596 if (yield == NULL) yield = last = next; else
610 /*************************************************
611 * Find addresses on local interfaces *
612 *************************************************/
614 /* This function finds the addresses of local IP interfaces. These are used
615 when testing for routing to the local host. As the function may be called more
616 than once, the list is preserved in permanent store, pointed to by a static
617 variable, to save doing the work more than once per process.
619 The generic list of interfaces is obtained by calling host_build_ifacelist()
620 for local_interfaces and extra_local_interfaces. This list scanned to remove
621 duplicates (which may exist with different ports - not relevant here). If
622 either of the wildcard IP addresses (0.0.0.0 and ::0) are encountered, they are
623 replaced by the appropriate (IPv4 or IPv6) list of actual local interfaces,
624 obtained from os_find_running_interfaces().
627 Returns: a chain of ip_address_items, each containing to a textual
628 version of an IP address; the port numbers are not relevant
632 /* First, a local subfunction to add an interface to a list in permanent store,
633 but only if there isn't a previous copy of that address on the list. */
635 static ip_address_item *
636 add_unique_interface(ip_address_item *list, ip_address_item *ipa)
638 ip_address_item *ipa2;
639 for (ipa2 = list; ipa2 != NULL; ipa2 = ipa2->next)
640 if (Ustrcmp(ipa2->address, ipa->address) == 0) return list;
641 ipa2 = store_get_perm(sizeof(ip_address_item));
648 /* This is the globally visible function */
651 host_find_interfaces(void)
653 ip_address_item *running_interfaces = NULL;
655 if (local_interface_data == NULL)
657 void *reset_item = store_get(0);
658 ip_address_item *dlist = host_build_ifacelist(local_interfaces,
659 US"local_interfaces");
660 ip_address_item *xlist = host_build_ifacelist(extra_local_interfaces,
661 US"extra_local_interfaces");
662 ip_address_item *ipa;
664 if (dlist == NULL) dlist = xlist; else
666 for (ipa = dlist; ipa->next != NULL; ipa = ipa->next);
670 for (ipa = dlist; ipa != NULL; ipa = ipa->next)
672 if (Ustrcmp(ipa->address, "0.0.0.0") == 0 ||
673 Ustrcmp(ipa->address, "::0") == 0)
675 ip_address_item *ipa2;
676 BOOL ipv6 = ipa->address[0] == ':';
677 if (running_interfaces == NULL)
678 running_interfaces = os_find_running_interfaces();
679 for (ipa2 = running_interfaces; ipa2 != NULL; ipa2 = ipa2->next)
681 if ((Ustrchr(ipa2->address, ':') != NULL) == ipv6)
682 local_interface_data = add_unique_interface(local_interface_data,
688 local_interface_data = add_unique_interface(local_interface_data, ipa);
691 debug_printf("Configured local interface: address=%s", ipa->address);
692 if (ipa->port != 0) debug_printf(" port=%d", ipa->port);
697 store_reset(reset_item);
700 return local_interface_data;
707 /*************************************************
708 * Convert network IP address to text *
709 *************************************************/
711 /* Given an IPv4 or IPv6 address in binary, convert it to a text
712 string and return the result in a piece of new store. The address can
713 either be given directly, or passed over in a sockaddr structure. Note
714 that this isn't the converse of host_aton() because of byte ordering
715 differences. See host_nmtoa() below.
718 type if < 0 then arg points to a sockaddr, else
719 either AF_INET or AF_INET6
720 arg points to a sockaddr if type is < 0, or
721 points to an IPv4 address (32 bits), or
722 points to an IPv6 address (128 bits),
723 in both cases, in network byte order
724 buffer if NULL, the result is returned in gotten store;
725 else points to a buffer to hold the answer
726 portptr points to where to put the port number, if non NULL; only
729 Returns: pointer to character string
733 host_ntoa(int type, const void *arg, uschar *buffer, int *portptr)
737 /* The new world. It is annoying that we have to fish out the address from
738 different places in the block, depending on what kind of address it is. It
739 is also a pain that inet_ntop() returns a const uschar *, whereas the IPv4
740 function inet_ntoa() returns just uschar *, and some picky compilers insist
741 on warning if one assigns a const uschar * to a uschar *. Hence the casts. */
744 uschar addr_buffer[46];
747 int family = ((struct sockaddr *)arg)->sa_family;
748 if (family == AF_INET6)
750 struct sockaddr_in6 *sk = (struct sockaddr_in6 *)arg;
751 yield = (uschar *)inet_ntop(family, &(sk->sin6_addr), CS addr_buffer,
752 sizeof(addr_buffer));
753 if (portptr != NULL) *portptr = ntohs(sk->sin6_port);
757 struct sockaddr_in *sk = (struct sockaddr_in *)arg;
758 yield = (uschar *)inet_ntop(family, &(sk->sin_addr), CS addr_buffer,
759 sizeof(addr_buffer));
760 if (portptr != NULL) *portptr = ntohs(sk->sin_port);
765 yield = (uschar *)inet_ntop(type, arg, CS addr_buffer, sizeof(addr_buffer));
768 /* If the result is a mapped IPv4 address, show it in V4 format. */
770 if (Ustrncmp(yield, "::ffff:", 7) == 0) yield += 7;
772 #else /* HAVE_IPV6 */
778 yield = US inet_ntoa(((struct sockaddr_in *)arg)->sin_addr);
779 if (portptr != NULL) *portptr = ntohs(((struct sockaddr_in *)arg)->sin_port);
782 yield = US inet_ntoa(*((struct in_addr *)arg));
785 /* If there is no buffer, put the string into some new store. */
787 if (buffer == NULL) return string_copy(yield);
789 /* Callers of this function with a non-NULL buffer must ensure that it is
790 large enough to hold an IPv6 address, namely, at least 46 bytes. That's what
791 makes this use of strcpy() OK. */
793 Ustrcpy(buffer, yield);
800 /*************************************************
801 * Convert address text to binary *
802 *************************************************/
804 /* Given the textual form of an IP address, convert it to binary in an
805 array of ints. IPv4 addresses occupy one int; IPv6 addresses occupy 4 ints.
806 The result has the first byte in the most significant byte of the first int. In
807 other words, the result is not in network byte order, but in host byte order.
808 As a result, this is not the converse of host_ntoa(), which expects network
809 byte order. See host_nmtoa() below.
812 address points to the textual address, checked for syntax
813 bin points to an array of 4 ints
815 Returns: the number of ints used
819 host_aton(uschar *address, int *bin)
824 /* Handle IPv6 address, which may end with an IPv4 address. It may also end
825 with a "scope", introduced by a percent sign. This code is NOT enclosed in #if
826 HAVE_IPV6 in order that IPv6 addresses are recognized even if IPv6 is not
829 if (Ustrchr(address, ':') != NULL)
832 uschar *component[8];
833 BOOL ipv4_ends = FALSE;
839 /* If the address starts with a colon, it will start with two colons.
840 Just lose the first one, which will leave a null first component. */
844 /* Split the address into components separated by colons. The input address
845 is supposed to be checked for syntax. There was a case where this was
846 overlooked; to guard against that happening again, check here and crash if
847 there are too many components. */
849 while (*p != 0 && *p != '%')
851 int len = Ustrcspn(p, ":%");
852 if (len == 0) nulloffset = ci;
853 if (ci > 7) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
854 "Internal error: invalid IPv6 address \"%s\" passed to host_aton()",
861 /* If the final component contains a dot, it is a trailing v4 address.
862 As the syntax is known to be checked, just set up for a trailing
863 v4 address and restrict the v6 part to 6 components. */
865 if (Ustrchr(component[ci-1], '.') != NULL)
867 address = component[--ci];
873 /* If there are fewer than 6 or 8 components, we have to insert some
874 more empty ones in the middle. */
878 int insert_count = v6count - ci;
879 for (i = v6count-1; i > nulloffset + insert_count; i--)
880 component[i] = component[i - insert_count];
881 while (i > nulloffset) component[i--] = US"";
884 /* Now turn the components into binary in pairs and bung them
885 into the vector of ints. */
887 for (i = 0; i < v6count; i += 2)
888 bin[i/2] = (Ustrtol(component[i], NULL, 16) << 16) +
889 Ustrtol(component[i+1], NULL, 16);
891 /* If there was no terminating v4 component, we are done. */
893 if (!ipv4_ends) return 4;
896 /* Handle IPv4 address */
898 (void)sscanf(CS address, "%d.%d.%d.%d", x, x+1, x+2, x+3);
899 bin[v4offset] = (x[0] << 24) + (x[1] << 16) + (x[2] << 8) + x[3];
904 /*************************************************
905 * Apply mask to an IP address *
906 *************************************************/
908 /* Mask an address held in 1 or 4 ints, with the ms bit in the ms bit of the
912 count the number of ints
913 binary points to the ints to be masked
914 mask the count of ms bits to leave, or -1 if no masking
920 host_mask(int count, int *binary, int mask)
923 if (mask < 0) mask = 99999;
924 for (i = 0; i < count; i++)
927 if (mask == 0) wordmask = 0;
930 wordmask = (-1) << (32 - mask);
938 binary[i] &= wordmask;
945 /*************************************************
946 * Convert masked IP address in ints to text *
947 *************************************************/
949 /* We can't use host_ntoa() because it assumes the binary values are in network
950 byte order, and these are the result of host_aton(), which puts them in ints in
951 host byte order. Also, we really want IPv6 addresses to be in a canonical
952 format, so we output them with no abbreviation. In a number of cases we can't
953 use the normal colon separator in them because it terminates keys in lsearch
954 files, so we want to use dot instead. There's an argument that specifies what
955 to use for IPv6 addresses.
958 count 1 or 4 (number of ints)
959 binary points to the ints
960 mask mask value; if < 0 don't add to result
961 buffer big enough to hold the result
962 sep component separator character for IPv6 addresses
964 Returns: the number of characters placed in buffer, not counting
969 host_nmtoa(int count, int *binary, int mask, uschar *buffer, int sep)
977 for (i = 24; i >= 0; i -= 8)
979 sprintf(CS tt, "%d.", (j >> i) & 255);
985 for (i = 0; i < 4; i++)
988 sprintf(CS tt, "%04x%c%04x%c", (j >> 16) & 0xffff, sep, j & 0xffff, sep);
993 tt--; /* lose final separator */
999 sprintf(CS tt, "/%d", mask);
1008 /*************************************************
1009 * Check port for tls_on_connect *
1010 *************************************************/
1012 /* This function checks whether a given incoming port is configured for tls-
1013 on-connect. It is called from the daemon and from inetd handling. If the global
1014 option tls_on_connect is already set, all ports operate this way. Otherwise, we
1015 check the tls_on_connect_ports option for a list of ports.
1017 Argument: a port number
1018 Returns: TRUE or FALSE
1022 host_is_tls_on_connect_port(int port)
1026 uschar *list = tls_on_connect_ports;
1029 if (tls_on_connect) return TRUE;
1031 while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
1034 int lport = Ustrtol(s, &end, 10);
1035 if (*end != 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "tls_on_connect_ports "
1036 "contains \"%s\", which is not a port number: exim abandoned", s);
1037 if (lport == port) return TRUE;
1045 /*************************************************
1046 * Check whether host is in a network *
1047 *************************************************/
1049 /* This function checks whether a given IP address matches a pattern that
1050 represents either a single host, or a network (using CIDR notation). The caller
1051 of this function must check the syntax of the arguments before calling it.
1054 host string representation of the ip-address to check
1055 net string representation of the network, with optional CIDR mask
1056 maskoffset offset to the / that introduces the mask in the key
1057 zero if there is no mask
1060 TRUE the host is inside the network
1061 FALSE the host is NOT inside the network
1065 host_is_in_net(uschar *host, uschar *net, int maskoffset)
1071 int size = host_aton(net, address);
1074 /* No mask => all bits to be checked */
1076 if (maskoffset == 0) mlen = 99999; /* Big number */
1077 else mlen = Uatoi(net + maskoffset + 1);
1079 /* Convert the incoming address to binary. */
1081 insize = host_aton(host, incoming);
1083 /* Convert IPv4 addresses given in IPv6 compatible mode, which represent
1084 connections from IPv4 hosts to IPv6 hosts, that is, addresses of the form
1085 ::ffff:<v4address>, to IPv4 format. */
1087 if (insize == 4 && incoming[0] == 0 && incoming[1] == 0 &&
1088 incoming[2] == 0xffff)
1091 incoming[0] = incoming[3];
1094 /* No match if the sizes don't agree. */
1096 if (insize != size) return FALSE;
1098 /* Else do the masked comparison. */
1100 for (i = 0; i < size; i++)
1103 if (mlen == 0) mask = 0;
1106 mask = (-1) << (32 - mlen);
1114 if ((incoming[i] & mask) != (address[i] & mask)) return FALSE;
1122 /*************************************************
1123 * Scan host list for local hosts *
1124 *************************************************/
1126 /* Scan through a chain of addresses and check whether any of them is the
1127 address of an interface on the local machine. If so, remove that address and
1128 any previous ones with the same MX value, and all subsequent ones (which will
1129 have greater or equal MX values) from the chain. Note: marking them as unusable
1130 is NOT the right thing to do because it causes the hosts not to be used for
1131 other domains, for which they may well be correct.
1133 The hosts may be part of a longer chain; we only process those between the
1134 initial pointer and the "last" pointer.
1136 There is also a list of "pseudo-local" host names which are checked against the
1137 host names. Any match causes that host item to be treated the same as one which
1138 matches a local IP address.
1140 If the very first host is a local host, then all MX records had a precedence
1141 greater than or equal to that of the local host. Either there's a problem in
1142 the DNS, or an apparently remote name turned out to be an abbreviation for the
1143 local host. Give a specific return code, and let the caller decide what to do.
1144 Otherwise, give a success code if at least one host address has been found.
1147 host pointer to the first host in the chain
1148 lastptr pointer to pointer to the last host in the chain (may be updated)
1149 removed if not NULL, set TRUE if some local addresses were removed
1153 HOST_FOUND if there is at least one host with an IP address on the chain
1154 and an MX value less than any MX value associated with the
1156 HOST_FOUND_LOCAL if a local host is among the lowest-numbered MX hosts; when
1157 the host addresses were obtained from A records or
1158 gethostbyname(), the MX values are set to -1.
1159 HOST_FIND_FAILED if no valid hosts with set IP addresses were found
1163 host_scan_for_local_hosts(host_item *host, host_item **lastptr, BOOL *removed)
1165 int yield = HOST_FIND_FAILED;
1166 host_item *last = *lastptr;
1167 host_item *prev = NULL;
1170 if (removed != NULL) *removed = FALSE;
1172 if (local_interface_data == NULL) local_interface_data = host_find_interfaces();
1174 for (h = host; h != last->next; h = h->next)
1177 if (hosts_treat_as_local != NULL)
1180 uschar *save = deliver_domain;
1181 deliver_domain = h->name; /* set $domain */
1182 rc = match_isinlist(string_copylc(h->name), &hosts_treat_as_local, 0,
1183 &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
1184 deliver_domain = save;
1185 if (rc == OK) goto FOUND_LOCAL;
1189 /* It seems that on many operating systems, 0.0.0.0 is treated as a synonym
1190 for 127.0.0.1 and refers to the local host. We therefore force it always to
1191 be treated as local. */
1193 if (h->address != NULL)
1195 ip_address_item *ip;
1196 if (Ustrcmp(h->address, "0.0.0.0") == 0) goto FOUND_LOCAL;
1197 for (ip = local_interface_data; ip != NULL; ip = ip->next)
1198 if (Ustrcmp(h->address, ip->address) == 0) goto FOUND_LOCAL;
1199 yield = HOST_FOUND; /* At least one remote address has been found */
1202 /* Update prev to point to the last host item before any that have
1203 the same MX value as the one we have just considered. */
1205 if (h->next == NULL || h->next->mx != h->mx) prev = h;
1208 return yield; /* No local hosts found: return HOST_FOUND or HOST_FIND_FAILED */
1210 /* A host whose IP address matches a local IP address, or whose name matches
1211 something in hosts_treat_as_local has been found. */
1217 HDEBUG(D_host_lookup) debug_printf((h->mx >= 0)?
1218 "local host has lowest MX\n" :
1219 "local host found for non-MX address\n");
1220 return HOST_FOUND_LOCAL;
1223 HDEBUG(D_host_lookup)
1225 debug_printf("local host in host list - removed hosts:\n");
1226 for (h = prev->next; h != last->next; h = h->next)
1227 debug_printf(" %s %s %d\n", h->name, h->address, h->mx);
1230 if (removed != NULL) *removed = TRUE;
1231 prev->next = last->next;
1239 /*************************************************
1240 * Remove duplicate IPs in host list *
1241 *************************************************/
1243 /* You would think that administrators could set up their DNS records so that
1244 one ended up with a list of unique IP addresses after looking up A or MX
1245 records, but apparently duplication is common. So we scan such lists and
1246 remove the later duplicates. Note that we may get lists in which some host
1247 addresses are not set.
1250 host pointer to the first host in the chain
1251 lastptr pointer to pointer to the last host in the chain (may be updated)
1257 host_remove_duplicates(host_item *host, host_item **lastptr)
1259 while (host != *lastptr)
1261 if (host->address != NULL)
1263 host_item *h = host;
1264 while (h != *lastptr)
1266 if (h->next->address != NULL &&
1267 Ustrcmp(h->next->address, host->address) == 0)
1269 DEBUG(D_host_lookup) debug_printf("duplicate IP address %s (MX=%d) "
1270 "removed\n", host->address, h->next->mx);
1271 if (h->next == *lastptr) *lastptr = h;
1272 h->next = h->next->next;
1277 /* If the last item was removed, host may have become == *lastptr */
1278 if (host != *lastptr) host = host->next;
1285 /*************************************************
1286 * Find sender host name by gethostbyaddr() *
1287 *************************************************/
1289 /* This used to be the only way it was done, but it turns out that not all
1290 systems give aliases for calls to gethostbyaddr() - or one of the modern
1291 equivalents like getipnodebyaddr(). Fortunately, multiple PTR records are rare,
1292 but they can still exist. This function is now used only when a DNS lookup of
1293 the IP address fails, in order to give access to /etc/hosts.
1296 Returns: OK, DEFER, FAIL
1300 host_name_lookup_byaddr(void)
1304 struct hostent *hosts;
1305 struct in_addr addr;
1307 /* Lookup on IPv6 system */
1310 if (Ustrchr(sender_host_address, ':') != NULL)
1312 struct in6_addr addr6;
1313 if (inet_pton(AF_INET6, CS sender_host_address, &addr6) != 1)
1314 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "unable to parse \"%s\" as an "
1315 "IPv6 address", sender_host_address);
1316 #if HAVE_GETIPNODEBYADDR
1317 hosts = getipnodebyaddr(CS &addr6, sizeof(addr6), AF_INET6, &h_errno);
1319 hosts = gethostbyaddr(CS &addr6, sizeof(addr6), AF_INET6);
1324 if (inet_pton(AF_INET, CS sender_host_address, &addr) != 1)
1325 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "unable to parse \"%s\" as an "
1326 "IPv4 address", sender_host_address);
1327 #if HAVE_GETIPNODEBYADDR
1328 hosts = getipnodebyaddr(CS &addr, sizeof(addr), AF_INET, &h_errno);
1330 hosts = gethostbyaddr(CS &addr, sizeof(addr), AF_INET);
1334 /* Do lookup on IPv4 system */
1337 addr.s_addr = (S_ADDR_TYPE)inet_addr(CS sender_host_address);
1338 hosts = gethostbyaddr(CS(&addr), sizeof(addr), AF_INET);
1341 /* Failed to look up the host. */
1345 HDEBUG(D_host_lookup) debug_printf("IP address lookup failed: h_errno=%d\n",
1347 return (h_errno == TRY_AGAIN || h_errno == NO_RECOVERY) ? DEFER : FAIL;
1350 /* It seems there are some records in the DNS that yield an empty name. We
1351 treat this as non-existent. In some operating systems, this is returned as an
1352 empty string; in others as a single dot. */
1354 if (hosts->h_name[0] == 0 || hosts->h_name[0] == '.')
1356 HDEBUG(D_host_lookup) debug_printf("IP address lookup yielded an empty name: "
1357 "treated as non-existent host name\n");
1361 /* Copy and lowercase the name, which is in static storage in many systems.
1362 Put it in permanent memory. */
1364 s = (uschar *)hosts->h_name;
1365 len = Ustrlen(s) + 1;
1366 t = sender_host_name = store_get_perm(len);
1367 while (*s != 0) *t++ = tolower(*s++);
1370 /* If the host has aliases, build a copy of the alias list */
1372 if (hosts->h_aliases != NULL)
1375 uschar **aliases, **ptr;
1376 for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++) count++;
1377 ptr = sender_host_aliases = store_get_perm(count * sizeof(uschar *));
1378 for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++)
1380 uschar *s = *aliases;
1381 int len = Ustrlen(s) + 1;
1382 uschar *t = *ptr++ = store_get_perm(len);
1383 while (*s != 0) *t++ = tolower(*s++);
1394 /*************************************************
1395 * Find host name for incoming call *
1396 *************************************************/
1398 /* Put the name in permanent store, pointed to by sender_host_name. We also set
1399 up a list of alias names, pointed to by sender_host_alias. The list is
1400 NULL-terminated. The incoming address is in sender_host_address, either in
1401 dotted-quad form for IPv4 or in colon-separated form for IPv6.
1403 This function does a thorough check that the names it finds point back to the
1404 incoming IP address. Any that do not are discarded. Note that this is relied on
1405 by the ACL reverse_host_lookup check.
1407 On some systems, get{host,ipnode}byaddr() appears to do this internally, but
1408 this it not universally true. Also, for release 4.30, this function was changed
1409 to do a direct DNS lookup first, by default[1], because it turns out that that
1410 is the only guaranteed way to find all the aliases on some systems. My
1411 experiments indicate that Solaris gethostbyaddr() gives the aliases for but
1414 [1] The actual order is controlled by the host_lookup_order option.
1417 Returns: OK on success, the answer being placed in the global variable
1418 sender_host_name, with any aliases in a list hung off
1420 FAIL if no host name can be found
1421 DEFER if a temporary error was encountered
1423 The variable host_lookup_msg is set to an empty string on sucess, or to a
1424 reason for the failure otherwise, in a form suitable for tagging onto an error
1425 message, and also host_lookup_failed is set TRUE if the lookup failed. If there
1426 was a defer, host_lookup_deferred is set TRUE.
1428 Any dynamically constructed string for host_lookup_msg must be in permanent
1429 store, because it might be used for several incoming messages on the same SMTP
1433 host_name_lookup(void)
1437 uschar *hname, *save_hostname;
1441 uschar *list = host_lookup_order;
1446 host_lookup_deferred = host_lookup_failed = FALSE;
1448 HDEBUG(D_host_lookup)
1449 debug_printf("looking up host name for %s\n", sender_host_address);
1451 /* For testing the case when a lookup does not complete, we have a special
1452 reserved IP address. */
1454 if (running_in_test_harness &&
1455 Ustrcmp(sender_host_address, "99.99.99.99") == 0)
1457 HDEBUG(D_host_lookup)
1458 debug_printf("Test harness: host name lookup returns DEFER\n");
1459 host_lookup_deferred = TRUE;
1463 /* Do lookups directly in the DNS or via gethostbyaddr() (or equivalent), in
1464 the order specified by the host_lookup_order option. */
1466 while ((ordername = string_nextinlist(&list, &sep, buffer, sizeof(buffer)))
1469 if (strcmpic(ordername, US"bydns") == 0)
1471 dns_init(FALSE, FALSE);
1472 dns_build_reverse(sender_host_address, buffer);
1473 rc = dns_lookup(&dnsa, buffer, T_PTR, NULL);
1475 /* The first record we come across is used for the name; others are
1476 considered to be aliases. We have to scan twice, in order to find out the
1477 number of aliases. However, if all the names are empty, we will behave as
1478 if failure. (PTR records that yield empty names have been encountered in
1481 if (rc == DNS_SUCCEED)
1483 uschar **aptr = NULL;
1486 int old_pool = store_pool;
1488 store_pool = POOL_PERM; /* Save names in permanent storage */
1490 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
1492 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
1494 if (rr->type == T_PTR) count++;
1497 /* Get store for the list of aliases. For compatibility with
1498 gethostbyaddr, we make an empty list if there are none. */
1500 aptr = sender_host_aliases = store_get(count * sizeof(uschar *));
1502 /* Re-scan and extract the names */
1504 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
1506 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
1509 if (rr->type != T_PTR) continue;
1510 s = store_get(ssize);
1512 /* If an overlong response was received, the data will have been
1513 truncated and dn_expand may fail. */
1515 if (dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen,
1516 (uschar *)(rr->data), (DN_EXPAND_ARG4_TYPE)(s), ssize) < 0)
1518 log_write(0, LOG_MAIN, "host name alias list truncated for %s",
1519 sender_host_address);
1523 store_reset(s + Ustrlen(s) + 1);
1526 HDEBUG(D_host_lookup) debug_printf("IP address lookup yielded an "
1527 "empty name: treated as non-existent host name\n");
1530 if (sender_host_name == NULL) sender_host_name = s;
1532 while (*s != 0) { *s = tolower(*s); s++; }
1535 *aptr = NULL; /* End of alias list */
1536 store_pool = old_pool; /* Reset store pool */
1538 /* If we've found a names, break out of the "order" loop */
1540 if (sender_host_name != NULL) break;
1543 /* If the DNS lookup deferred, we must also defer. */
1545 if (rc == DNS_AGAIN)
1547 HDEBUG(D_host_lookup)
1548 debug_printf("IP address PTR lookup gave temporary error\n");
1549 host_lookup_deferred = TRUE;
1554 /* Do a lookup using gethostbyaddr() - or equivalent */
1556 else if (strcmpic(ordername, US"byaddr") == 0)
1558 HDEBUG(D_host_lookup)
1559 debug_printf("IP address lookup using gethostbyaddr()\n");
1560 rc = host_name_lookup_byaddr();
1563 host_lookup_deferred = TRUE;
1564 return rc; /* Can't carry on */
1566 if (rc == OK) break; /* Found a name */
1568 } /* Loop for bydns/byaddr scanning */
1570 /* If we have failed to find a name, return FAIL and log when required.
1571 NB host_lookup_msg must be in permanent store. */
1573 if (sender_host_name == NULL)
1575 if (host_checking || !log_testing_mode)
1576 log_write(L_host_lookup_failed, LOG_MAIN, "no host name found for IP "
1577 "address %s", sender_host_address);
1578 host_lookup_msg = US" (failed to find host name from IP address)";
1579 host_lookup_failed = TRUE;
1583 /* We have a host name. If we are running in the test harness, we want the host
1584 name and its alias to appear always the same way round. There are only ever two
1585 names in these tests. If one of them contains "alias", make sure it is second;
1586 otherwise put them in alphabetical order. */
1588 if (running_in_test_harness && *sender_host_aliases != NULL &&
1590 Ustrstr(sender_host_name, "alias") != NULL ||
1592 Ustrstr(*sender_host_aliases, "alias") == NULL &&
1593 Ustrcmp(sender_host_name, *sender_host_aliases) > 0
1597 uschar *temp = sender_host_name;
1598 sender_host_name = *sender_host_aliases;
1599 *sender_host_aliases = temp;
1602 /* Debug output what was found, after test harness swapping, for consistency */
1604 HDEBUG(D_host_lookup)
1606 uschar **aliases = sender_host_aliases;
1607 debug_printf("IP address lookup yielded %s\n", sender_host_name);
1608 while (*aliases != NULL) debug_printf(" alias %s\n", *aliases++);
1611 /* We need to verify that a forward lookup on the name we found does indeed
1612 correspond to the address. This is for security: in principle a malefactor who
1613 happened to own a reverse zone could set it to point to any names at all.
1615 This code was present in versions of Exim before 3.20. At that point I took it
1616 out because I thought that gethostbyaddr() did the check anyway. It turns out
1617 that this isn't always the case, so it's coming back in at 4.01. This version
1618 is actually better, because it also checks aliases.
1620 The code was made more robust at release 4.21. Prior to that, it accepted all
1621 the names if any of them had the correct IP address. Now the code checks all
1622 the names, and accepts only those that have the correct IP address. */
1624 save_hostname = sender_host_name; /* Save for error messages */
1625 aliases = sender_host_aliases;
1626 for (hname = sender_host_name; hname != NULL; hname = *aliases++)
1636 /* When called with the 5th argument FALSE, host_find_byname() won't return
1637 HOST_FOUND_LOCAL. If the incoming address is an IPv4 address expressed in
1638 IPv6 format, we must compare the IPv4 part to any IPv4 addresses. */
1640 if ((rc = host_find_byname(&h, NULL, NULL, FALSE)) == HOST_FOUND)
1643 uschar *address_ipv4 = (Ustrncmp(sender_host_address, "::ffff:", 7) == 0)?
1644 sender_host_address + 7 : sender_host_address;
1645 HDEBUG(D_host_lookup) debug_printf("checking addresses for %s\n", hname);
1646 for (hh = &h; hh != NULL; hh = hh->next)
1648 if ((Ustrcmp(hh->address, (Ustrchr(hh->address, ':') == NULL)?
1649 address_ipv4 : sender_host_address)) == 0)
1651 HDEBUG(D_host_lookup) debug_printf(" %s OK\n", hh->address);
1657 HDEBUG(D_host_lookup) debug_printf(" %s\n", hh->address);
1660 if (!ok) HDEBUG(D_host_lookup)
1661 debug_printf("no IP address for %s matched %s\n", hname,
1662 sender_host_address);
1664 else if (rc == HOST_FIND_AGAIN)
1666 HDEBUG(D_host_lookup) debug_printf("temporary error for host name lookup\n");
1667 host_lookup_deferred = TRUE;
1672 HDEBUG(D_host_lookup) debug_printf("no IP addresses found for %s\n", hname);
1675 /* If this name is no good, and it's the sender name, set it null pro tem;
1676 if it's an alias, just remove it from the list. */
1680 if (hname == sender_host_name) sender_host_name = NULL; else
1682 uschar **a; /* Don't amalgamate - some */
1683 a = --aliases; /* compilers grumble */
1684 while (*a != NULL) { *a = a[1]; a++; }
1689 /* If sender_host_name == NULL, it means we didn't like the name. Replace
1690 it with the first alias, if there is one. */
1692 if (sender_host_name == NULL && *sender_host_aliases != NULL)
1693 sender_host_name = *sender_host_aliases++;
1695 /* If we now have a main name, all is well. */
1697 if (sender_host_name != NULL) return OK;
1699 /* We have failed to find an address that matches. */
1701 HDEBUG(D_host_lookup)
1702 debug_printf("%s does not match any IP address for %s\n",
1703 sender_host_address, save_hostname);
1705 /* This message must be in permanent store */
1707 old_pool = store_pool;
1708 store_pool = POOL_PERM;
1709 host_lookup_msg = string_sprintf(" (%s does not match any IP address for %s)",
1710 sender_host_address, save_hostname);
1711 store_pool = old_pool;
1712 host_lookup_failed = TRUE;
1719 /*************************************************
1720 * Find IP address(es) for host by name *
1721 *************************************************/
1723 /* The input is a host_item structure with the name filled in and the address
1724 field set to NULL. We use gethostbyname(). Of course, gethostbyname() may use
1725 the DNS, but it doesn't do MX processing. If more than one address is given,
1726 chain on additional host items, with other relevant fields copied.
1728 The second argument provides a host list (usually an IP list) of hosts to
1729 ignore. This makes it possible to ignore IPv6 link-local addresses or loopback
1730 addresses in unreasonable places.
1732 The lookup may result in a change of name. For compatibility with the dns
1733 lookup, return this via fully_qualified_name as well as updating the host item.
1734 The lookup may also yield more than one IP address, in which case chain on
1735 subsequent host_item structures.
1738 host a host item with the name and MX filled in;
1739 the address is to be filled in;
1740 multiple IP addresses cause other host items to be
1742 ignore_target_hosts a list of hosts to ignore
1743 fully_qualified_name if not NULL, set to point to host name for
1744 compatibility with host_find_bydns
1745 local_host_check TRUE if a check for the local host is wanted
1747 Returns: HOST_FIND_FAILED Failed to find the host or domain
1748 HOST_FIND_AGAIN Try again later
1749 HOST_FOUND Host found - data filled in
1750 HOST_FOUND_LOCAL Host found and is the local host
1754 host_find_byname(host_item *host, uschar *ignore_target_hosts,
1755 uschar **fully_qualified_name, BOOL local_host_check)
1757 int i, yield, times;
1759 host_item *last = NULL;
1760 BOOL temp_error = FALSE;
1765 /* If we are in the test harness, a name ending in .test.again.dns always
1766 forces a temporary error response. */
1768 if (running_in_test_harness)
1770 uschar *endname = host->name + Ustrlen(host->name);
1771 if (Ustrcmp(endname - 14, "test.again.dns") == 0)
1772 return HOST_FIND_AGAIN;
1775 /* In an IPv6 world, we need to scan for both kinds of address, so go round the
1776 loop twice. Note that we have ensured that AF_INET6 is defined even in an IPv4
1777 world, which makes for slightly tidier code. However, if dns_ipv4_lookup
1778 matches the domain, we also just do IPv4 lookups here (except when testing
1783 if (dns_ipv4_lookup != NULL &&
1784 match_isinlist(host->name, &dns_ipv4_lookup, 0, NULL, NULL, MCL_DOMAIN,
1786 { af = AF_INET; times = 1; }
1788 #endif /* STAND_ALONE */
1790 { af = AF_INET6; times = 2; }
1792 /* No IPv6 support */
1794 #else /* HAVE_IPV6 */
1796 #endif /* HAVE_IPV6 */
1798 /* Initialize the flag that gets set for DNS syntax check errors, so that the
1799 interface to this function can be similar to host_find_bydns. */
1801 host_find_failed_syntax = FALSE;
1803 /* Loop to look up both kinds of address in an IPv6 world */
1805 for (i = 1; i <= times;
1807 af = AF_INET, /* If 2 passes, IPv4 on the second */
1813 struct hostent *hostdata;
1816 #if HAVE_GETIPNODEBYNAME
1817 hostdata = getipnodebyname(CS host->name, af, 0, &error_num);
1819 hostdata = gethostbyname2(CS host->name, af);
1820 error_num = h_errno;
1823 hostdata = gethostbyname(CS host->name);
1824 error_num = h_errno;
1827 if (hostdata == NULL)
1832 case HOST_NOT_FOUND: error = US"HOST_NOT_FOUND"; break;
1833 case TRY_AGAIN: error = US"TRY_AGAIN"; break;
1834 case NO_RECOVERY: error = US"NO_RECOVERY"; break;
1835 case NO_DATA: error = US"NO_DATA"; break;
1836 #if NO_DATA != NO_ADDRESS
1837 case NO_ADDRESS: error = US"NO_ADDRESS"; break;
1839 default: error = US"?"; break;
1842 DEBUG(D_host_lookup) debug_printf("%s returned %d (%s)\n",
1844 #if HAVE_GETIPNODEBYNAME
1845 (af == AF_INET6)? "getipnodebyname(af=inet6)" : "getipnodebyname(af=inet)",
1847 (af == AF_INET6)? "gethostbyname2(af=inet6)" : "gethostbyname2(af=inet)",
1854 if (error_num == TRY_AGAIN || error_num == NO_RECOVERY) temp_error = TRUE;
1857 if ((hostdata->h_addr_list)[0] == NULL) continue;
1859 /* Replace the name with the fully qualified one if necessary, and fill in
1860 the fully_qualified_name pointer. */
1862 if (hostdata->h_name[0] != 0 &&
1863 Ustrcmp(host->name, hostdata->h_name) != 0)
1864 host->name = string_copy_dnsdomain((uschar *)hostdata->h_name);
1865 if (fully_qualified_name != NULL) *fully_qualified_name = host->name;
1867 /* Get the list of addresses. IPv4 and IPv6 addresses can be distinguished
1868 by their different lengths. Scan the list, ignoring any that are to be
1869 ignored, and build a chain from the rest. */
1871 ipv4_addr = hostdata->h_length == sizeof(struct in_addr);
1873 for (addrlist = USS hostdata->h_addr_list; *addrlist != NULL; addrlist++)
1875 uschar *text_address =
1876 host_ntoa(ipv4_addr? AF_INET:AF_INET6, *addrlist, NULL, NULL);
1879 if (ignore_target_hosts != NULL &&
1880 verify_check_this_host(&ignore_target_hosts, NULL, host->name,
1881 text_address, NULL) == OK)
1883 DEBUG(D_host_lookup)
1884 debug_printf("ignored host %s [%s]\n", host->name, text_address);
1889 /* If this is the first address, last == NULL and we put the data in the
1894 host->address = text_address;
1895 host->port = PORT_NONE;
1896 host->status = hstatus_unknown;
1897 host->why = hwhy_unknown;
1901 /* Else add further host item blocks for any other addresses, keeping
1906 host_item *next = store_get(sizeof(host_item));
1907 next->name = host->name;
1908 next->mx = host->mx;
1909 next->address = text_address;
1910 next->port = PORT_NONE;
1911 next->status = hstatus_unknown;
1912 next->why = hwhy_unknown;
1914 next->next = last->next;
1921 /* If no hosts were found, the address field in the original host block will be
1922 NULL. If temp_error is set, at least one of the lookups gave a temporary error,
1923 so we pass that back. */
1925 if (host->address == NULL)
1929 (message_id[0] == 0 && smtp_in != NULL)?
1930 string_sprintf("no IP address found for host %s (during %s)", host->name,
1931 smtp_get_connection_info()) :
1933 string_sprintf("no IP address found for host %s", host->name);
1935 HDEBUG(D_host_lookup) debug_printf("%s\n", msg);
1936 if (temp_error) return HOST_FIND_AGAIN;
1937 if (host_checking || !log_testing_mode)
1938 log_write(L_host_lookup_failed, LOG_MAIN, "%s", msg);
1939 return HOST_FIND_FAILED;
1942 /* Remove any duplicate IP addresses, then check to see if this is the local
1943 host if required. */
1945 host_remove_duplicates(host, &last);
1946 yield = local_host_check?
1947 host_scan_for_local_hosts(host, &last, NULL) : HOST_FOUND;
1949 /* When running in the test harness, sort into the order of addresses so as to
1950 get repeatability. */
1952 if (running_in_test_harness) sort_addresses(host, last);
1954 HDEBUG(D_host_lookup)
1957 if (fully_qualified_name != NULL)
1958 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
1959 debug_printf("%s looked up these IP addresses:\n",
1961 #if HAVE_GETIPNODEBYNAME
1970 for (h = host; h != last->next; h = h->next)
1971 debug_printf(" name=%s address=%s\n", h->name,
1972 (h->address == NULL)? US"<null>" : h->address);
1975 /* Return the found status. */
1982 /*************************************************
1983 * Fill in a host address from the DNS *
1984 *************************************************/
1986 /* Given a host item, with its name and mx fields set, and its address field
1987 set to NULL, fill in its IP address from the DNS. If it is multi-homed, create
1988 additional host items for the additional addresses, copying all the other
1989 fields, and randomizing the order.
1991 On IPv6 systems, A6 records are sought first (but only if support for A6 is
1992 configured - they may never become mainstream), then AAAA records are sought,
1993 and finally A records are sought as well.
1995 The host name may be changed if the DNS returns a different name - e.g. fully
1996 qualified or changed via CNAME. If fully_qualified_name is not NULL, dns_lookup
1997 ensures that it points to the fully qualified name. However, this is the fully
1998 qualified version of the original name; if a CNAME is involved, the actual
1999 canonical host name may be different again, and so we get it directly from the
2000 relevant RR. Note that we do NOT change the mx field of the host item in this
2001 function as it may be called to set the addresses of hosts taken from MX
2005 host points to the host item we're filling in
2006 lastptr points to pointer to last host item in a chain of
2007 host items (may be updated if host is last and gets
2008 extended because multihomed)
2009 ignore_target_hosts list of hosts to ignore
2010 allow_ip if TRUE, recognize an IP address and return it
2011 fully_qualified_name if not NULL, return fully qualified name here if
2012 the contents are different (i.e. it must be preset
2015 Returns: HOST_FIND_FAILED couldn't find A record
2016 HOST_FIND_AGAIN try again later
2017 HOST_FOUND found AAAA and/or A record(s)
2018 HOST_IGNORED found, but all IPs ignored
2022 set_address_from_dns(host_item *host, host_item **lastptr,
2023 uschar *ignore_target_hosts, BOOL allow_ip, uschar **fully_qualified_name)
2026 host_item *thishostlast = NULL; /* Indicates not yet filled in anything */
2027 BOOL v6_find_again = FALSE;
2030 /* If allow_ip is set, a name which is an IP address returns that value
2031 as its address. This is used for MX records when allow_mx_to_ip is set, for
2032 those sites that feel they have to flaunt the RFC rules. */
2034 if (allow_ip && string_is_ip_address(host->name, NULL) != 0)
2037 if (ignore_target_hosts != NULL &&
2038 verify_check_this_host(&ignore_target_hosts, NULL, host->name,
2039 host->name, NULL) == OK)
2040 return HOST_IGNORED;
2043 host->address = host->name;
2044 host->port = PORT_NONE;
2048 /* On an IPv6 system, go round the loop up to three times, looking for A6 and
2049 AAAA records the first two times. However, unless doing standalone testing, we
2050 force an IPv4 lookup if the domain matches dns_ipv4_lookup is set. Since A6
2051 records look like being abandoned, support them only if explicitly configured
2052 to do so. On an IPv4 system, go round the loop once only, looking only for A
2058 if (dns_ipv4_lookup != NULL &&
2059 match_isinlist(host->name, &dns_ipv4_lookup, 0, NULL, NULL, MCL_DOMAIN,
2061 i = 0; /* look up A records only */
2063 #endif /* STAND_ALONE */
2066 i = 2; /* look up A6 and AAAA and A records */
2068 i = 1; /* look up AAAA and A records */
2069 #endif /* SUPPORT_A6 */
2071 /* The IPv4 world */
2073 #else /* HAVE_IPV6 */
2074 i = 0; /* look up A records only */
2075 #endif /* HAVE_IPV6 */
2079 static int types[] = { T_A, T_AAAA, T_A6 };
2080 int type = types[i];
2081 int randoffset = (i == 0)? 500 : 0; /* Ensures v6 sorts before v4 */
2085 int rc = dns_lookup(&dnsa, host->name, type, fully_qualified_name);
2087 /* We want to return HOST_FIND_AGAIN if one of the A, A6, or AAAA lookups
2088 fails or times out, but not if another one succeeds. (In the early
2089 IPv6 days there are name servers that always fail on AAAA, but are happy
2090 to give out an A record. We want to proceed with that A record.) */
2092 if (rc != DNS_SUCCEED)
2094 if (i == 0) /* Just tried for an A record, i.e. end of loop */
2096 if (host->address != NULL) return HOST_FOUND; /* A6 or AAAA was found */
2097 if (rc == DNS_AGAIN || rc == DNS_FAIL || v6_find_again)
2098 return HOST_FIND_AGAIN;
2099 return HOST_FIND_FAILED; /* DNS_NOMATCH or DNS_NODATA */
2102 /* Tried for an A6 or AAAA record: remember if this was a temporary
2103 error, and look for the next record type. */
2105 if (rc != DNS_NOMATCH && rc != DNS_NODATA) v6_find_again = TRUE;
2109 /* Lookup succeeded: fill in the given host item with the first non-ignored
2110 address found; create additional items for any others. A single A6 record
2111 may generate more than one address. */
2113 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
2115 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2117 if (rr->type == type)
2119 /* dns_address *da = dns_address_from_rr(&dnsa, rr); */
2122 da = dns_address_from_rr(&dnsa, rr);
2124 DEBUG(D_host_lookup)
2127 debug_printf("no addresses extracted from A6 RR for %s\n",
2131 /* This loop runs only once for A and AAAA records, but may run
2132 several times for an A6 record that generated multiple addresses. */
2134 for (; da != NULL; da = da->next)
2137 if (ignore_target_hosts != NULL &&
2138 verify_check_this_host(&ignore_target_hosts, NULL,
2139 host->name, da->address, NULL) == OK)
2141 DEBUG(D_host_lookup)
2142 debug_printf("ignored host %s [%s]\n", host->name, da->address);
2147 /* If this is the first address, stick it in the given host block,
2148 and change the name if the returned RR has a different name. */
2150 if (thishostlast == NULL)
2152 if (strcmpic(host->name, rr->name) != 0)
2153 host->name = string_copy_dnsdomain(rr->name);
2154 host->address = da->address;
2155 host->port = PORT_NONE;
2156 host->sort_key = host->mx * 1000 + random_number(500) + randoffset;
2157 host->status = hstatus_unknown;
2158 host->why = hwhy_unknown;
2159 thishostlast = host;
2162 /* Not the first address. Check for, and ignore, duplicates. Then
2163 insert in the chain at a random point. */
2170 /* End of our local chain is specified by "thishostlast". */
2172 for (next = host;; next = next->next)
2174 if (Ustrcmp(CS da->address, next->address) == 0) break;
2175 if (next == thishostlast) { next = NULL; break; }
2177 if (next != NULL) continue; /* With loop for next address */
2179 /* Not a duplicate */
2181 new_sort_key = host->mx * 1000 + random_number(500) + randoffset;
2182 next = store_get(sizeof(host_item));
2184 /* New address goes first: insert the new block after the first one
2185 (so as not to disturb the original pointer) but put the new address
2186 in the original block. */
2188 if (new_sort_key < host->sort_key)
2192 host->address = da->address;
2193 host->port = PORT_NONE;
2194 host->sort_key = new_sort_key;
2195 if (thishostlast == host) thishostlast = next; /* Local last */
2196 if (*lastptr == host) *lastptr = next; /* Global last */
2199 /* Otherwise scan down the addresses for this host to find the
2200 one to insert after. */
2204 host_item *h = host;
2205 while (h != thishostlast)
2207 if (new_sort_key < h->next->sort_key) break;
2212 next->address = da->address;
2213 next->port = PORT_NONE;
2214 next->sort_key = new_sort_key;
2215 if (h == thishostlast) thishostlast = next; /* Local last */
2216 if (h == *lastptr) *lastptr = next; /* Global last */
2224 /* Control gets here only if the third lookup (the A record) succeeded.
2225 However, the address may not be filled in if it was ignored. */
2227 return (host->address == NULL)? HOST_IGNORED : HOST_FOUND;
2233 /*************************************************
2234 * Find IP addresses and names for host via DNS *
2235 *************************************************/
2237 /* The input is a host_item structure with the name filled in and the address
2238 field set to NULL. This may be in a chain of other host items. The lookup may
2239 result in more than one IP address, in which case we must created new host
2240 blocks for the additional addresses, and insert them into the chain. The
2241 original name may not be fully qualified. Use the fully_qualified_name argument
2242 to return the official name, as returned by the resolver.
2245 host point to initial host item
2246 ignore_target_hosts a list of hosts to ignore
2247 whichrrs flags indicating which RRs to look for:
2248 HOST_FIND_BY_SRV => look for SRV
2249 HOST_FIND_BY_MX => look for MX
2250 HOST_FIND_BY_A => look for A or AAAA
2251 also flags indicating how the lookup is done
2252 HOST_FIND_QUALIFY_SINGLE ) passed to the
2253 HOST_FIND_SEARCH_PARENTS ) resolver
2254 srv_service when SRV used, the service name
2255 srv_fail_domains DNS errors for these domains => assume nonexist
2256 mx_fail_domains DNS errors for these domains => assume nonexist
2257 fully_qualified_name if not NULL, return fully-qualified name
2258 removed set TRUE if local host was removed from the list
2260 Returns: HOST_FIND_FAILED Failed to find the host or domain;
2261 if there was a syntax error,
2262 host_find_failed_syntax is set.
2263 HOST_FIND_AGAIN Could not resolve at this time
2264 HOST_FOUND Host found
2265 HOST_FOUND_LOCAL The lowest MX record points to this
2266 machine, if MX records were found, or
2267 an A record that was found contains
2268 an address of the local host
2272 host_find_bydns(host_item *host, uschar *ignore_target_hosts, int whichrrs,
2273 uschar *srv_service, uschar *srv_fail_domains, uschar *mx_fail_domains,
2274 uschar **fully_qualified_name, BOOL *removed)
2276 host_item *h, *last;
2284 /* Set the default fully qualified name to the incoming name, initialize the
2285 resolver if necessary, set up the relevant options, and initialize the flag
2286 that gets set for DNS syntax check errors. */
2288 if (fully_qualified_name != NULL) *fully_qualified_name = host->name;
2289 dns_init((whichrrs & HOST_FIND_QUALIFY_SINGLE) != 0,
2290 (whichrrs & HOST_FIND_SEARCH_PARENTS) != 0);
2291 host_find_failed_syntax = FALSE;
2293 /* First, if requested, look for SRV records. The service name is given; we
2294 assume TCP progocol. DNS domain names are constrained to a maximum of 256
2295 characters, so the code below should be safe. */
2297 if ((whichrrs & HOST_FIND_BY_SRV) != 0)
2300 uschar *temp_fully_qualified_name = buffer;
2303 (void)sprintf(CS buffer, "_%s._tcp.%n%.256s", srv_service, &prefix_length,
2307 /* Search for SRV records. If the fully qualified name is different to
2308 the input name, pass back the new original domain, without the prepended
2311 rc = dns_lookup(&dnsa, buffer, ind_type, &temp_fully_qualified_name);
2312 if (temp_fully_qualified_name != buffer && fully_qualified_name != NULL)
2313 *fully_qualified_name = temp_fully_qualified_name + prefix_length;
2315 /* On DNS failures, we give the "try again" error unless the domain is
2316 listed as one for which we continue. */
2318 if (rc == DNS_FAIL || rc == DNS_AGAIN)
2320 if (match_isinlist(host->name, &srv_fail_domains, 0, NULL, NULL, MCL_DOMAIN,
2322 return HOST_FIND_AGAIN;
2323 DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
2324 "(domain in srv_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN");
2328 /* If we did not find any SRV records, search the DNS for MX records, if
2329 requested to do so. If the result is DNS_NOMATCH, it means there is no such
2330 domain, and there's no point in going on to look for address records with the
2331 same domain. The result will be DNS_NODATA if the domain exists but has no MX
2332 records. On DNS failures, we give the "try again" error unless the domain is
2333 listed as one for which we continue. */
2335 if (rc != DNS_SUCCEED && (whichrrs & HOST_FIND_BY_MX) != 0)
2338 rc = dns_lookup(&dnsa, host->name, ind_type, fully_qualified_name);
2339 if (rc == DNS_NOMATCH) return HOST_FIND_FAILED;
2340 if (rc == DNS_FAIL || rc == DNS_AGAIN)
2342 if (match_isinlist(host->name, &mx_fail_domains, 0, NULL, NULL, MCL_DOMAIN,
2344 return HOST_FIND_AGAIN;
2345 DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
2346 "(domain in mx_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN");
2350 /* If we haven't found anything yet, and we are requested to do so, try for an
2351 A or AAAA record. If we find it (or them) check to see that it isn't the local
2354 if (rc != DNS_SUCCEED)
2356 if ((whichrrs & HOST_FIND_BY_A) == 0)
2358 DEBUG(D_host_lookup) debug_printf("Address records are not being sought\n");
2359 return HOST_FIND_FAILED;
2362 last = host; /* End of local chainlet */
2364 host->port = PORT_NONE;
2365 rc = set_address_from_dns(host, &last, ignore_target_hosts, FALSE,
2366 fully_qualified_name);
2368 /* If one or more address records have been found, check that none of them
2369 are local. Since we know the host items all have their IP addresses
2370 inserted, host_scan_for_local_hosts() can only return HOST_FOUND or
2371 HOST_FOUND_LOCAL. We do not need to scan for duplicate IP addresses here,
2372 because set_address_from_dns() removes them. */
2374 if (rc == HOST_FOUND)
2375 rc = host_scan_for_local_hosts(host, &last, removed);
2377 if (rc == HOST_IGNORED) rc = HOST_FIND_FAILED; /* No special action */
2379 /* When running in the test harness, sort into the order of addresses so as
2380 to get repeatability. */
2382 if (running_in_test_harness) sort_addresses(host, last);
2384 DEBUG(D_host_lookup)
2387 if (host->address != NULL)
2389 if (fully_qualified_name != NULL)
2390 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
2391 for (h = host; h != last->next; h = h->next)
2392 debug_printf("%s %s mx=%d sort=%d %s\n", h->name,
2393 (h->address == NULL)? US"<null>" : h->address, h->mx, h->sort_key,
2394 (h->status >= hstatus_unusable)? US"*" : US"");
2401 /* We have found one or more MX or SRV records. Sort them according to
2402 precedence. Put the data for the first one into the existing host block, and
2403 insert new host_item blocks into the chain for the remainder. For equal
2404 precedences one is supposed to randomize the order. To make this happen, the
2405 sorting is actually done on the MX value * 1000 + a random number. This is put
2406 into a host field called sort_key.
2408 In the case of hosts with both IPv6 and IPv4 addresses, we want to choose the
2409 IPv6 address in preference. At this stage, we don't know what kind of address
2410 the host has. We choose a random number < 500; if later we find an A record
2411 first, we add 500 to the random number. Then for any other address records, we
2412 use random numbers in the range 0-499 for AAAA records and 500-999 for A
2415 At this point we remove any duplicates that point to the same host, retaining
2416 only the one with the lowest precedence. We cannot yet check for precedence
2417 greater than that of the local host, because that test cannot be properly done
2418 until the addresses have been found - an MX record may point to a name for this
2419 host which is not the primary hostname. */
2421 last = NULL; /* Indicates that not even the first item is filled yet */
2423 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
2425 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2428 int weight = 0; /* For SRV records */
2429 int port = PORT_NONE; /* For SRV records */
2430 uschar *s; /* MUST be unsigned for GETSHORT */
2433 if (rr->type != ind_type) continue;
2435 GETSHORT(precedence, s); /* Pointer s is advanced */
2437 /* For MX records, we use a random "weight" which causes multiple records of
2438 the same precedence to sort randomly. */
2440 if (ind_type == T_MX)
2442 weight = random_number(500);
2445 /* SRV records are specified with a port and a weight. The weight is used
2446 in a special algorithm. However, to start with, we just use it to order the
2447 records of equal priority (precedence). */
2451 GETSHORT(weight, s);
2455 /* Get the name of the host pointed to. */
2457 (void)dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, s,
2458 (DN_EXPAND_ARG4_TYPE)data, sizeof(data));
2460 /* Check that we haven't already got this host on the chain; if we have,
2461 keep only the lower precedence. This situation shouldn't occur, but you
2462 never know what junk might get into the DNS (and this case has been seen on
2463 more than one occasion). */
2465 if (last != NULL) /* This is not the first record */
2467 host_item *prev = NULL;
2469 for (h = host; h != last->next; prev = h, h = h->next)
2471 if (strcmpic(h->name, data) == 0)
2473 DEBUG(D_host_lookup)
2474 debug_printf("discarded duplicate host %s (MX=%d)\n", data,
2475 (precedence > h->mx)? precedence : h->mx);
2476 if (precedence >= h->mx) goto NEXT_MX_RR; /* Skip greater precedence */
2477 if (h == host) /* Override first item */
2480 host->sort_key = precedence * 1000 + weight;
2484 /* Unwanted host item is not the first in the chain, so we can get
2485 get rid of it by cutting it out. */
2487 prev->next = h->next;
2488 if (h == last) last = prev;
2494 /* If this is the first MX or SRV record, put the data into the existing host
2495 block. Otherwise, add a new block in the correct place; if it has to be
2496 before the first block, copy the first block's data to a new second block. */
2500 host->name = string_copy_dnsdomain(data);
2501 host->address = NULL;
2503 host->mx = precedence;
2504 host->sort_key = precedence * 1000 + weight;
2505 host->status = hstatus_unknown;
2506 host->why = hwhy_unknown;
2510 /* Make a new host item and seek the correct insertion place */
2514 int sort_key = precedence * 1000 + weight;
2515 host_item *next = store_get(sizeof(host_item));
2516 next->name = string_copy_dnsdomain(data);
2517 next->address = NULL;
2519 next->mx = precedence;
2520 next->sort_key = sort_key;
2521 next->status = hstatus_unknown;
2522 next->why = hwhy_unknown;
2525 /* Handle the case when we have to insert before the first item. */
2527 if (sort_key < host->sort_key)
2534 if (last == host) last = next;
2537 /* Else scan down the items we have inserted as part of this exercise;
2538 don't go further. */
2542 for (h = host; h != last; h = h->next)
2544 if (sort_key < h->next->sort_key)
2546 next->next = h->next;
2552 /* Join on after the last host item that's part of this
2553 processing if we haven't stopped sooner. */
2557 next->next = last->next;
2564 NEXT_MX_RR: continue;
2567 /* If the list of hosts was obtained from SRV records, there are two things to
2568 do. First, if there is only one host, and it's name is ".", it means there is
2569 no SMTP service at this domain. Otherwise, we have to sort the hosts of equal
2570 priority according to their weights, using an algorithm that is defined in RFC
2571 2782. The hosts are currently sorted by priority and weight. For each priority
2572 group we have to pick off one host and put it first, and then repeat for any
2573 remaining in the same priority group. */
2575 if (ind_type == T_SRV)
2579 if (host == last && host->name[0] == 0)
2581 DEBUG(D_host_lookup) debug_printf("the single SRV record is \".\"\n");
2582 return HOST_FIND_FAILED;
2585 DEBUG(D_host_lookup)
2587 debug_printf("original ordering of hosts from SRV records:\n");
2588 for (h = host; h != last->next; h = h->next)
2589 debug_printf(" %s P=%d W=%d\n", h->name, h->mx, h->sort_key % 1000);
2592 for (pptr = &host, h = host; h != last; pptr = &(h->next), h = h->next)
2597 /* Find the last following host that has the same precedence. At the same
2598 time, compute the sum of the weights and the running totals. These can be
2599 stored in the sort_key field. */
2601 for (hh = h; hh != last; hh = hh->next)
2603 int weight = hh->sort_key % 1000; /* was precedence * 1000 + weight */
2606 if (hh->mx != hh->next->mx) break;
2609 /* If there's more than one host at this precedence (priority), we need to
2610 pick one to go first. */
2616 int randomizer = random_number(sum + 1);
2618 for (ppptr = pptr, hhh = h;
2620 ppptr = &(hhh->next), hhh = hhh->next)
2622 if (hhh->sort_key >= randomizer) break;
2625 /* hhh now points to the host that should go first; ppptr points to the
2626 place that points to it. Unfortunately, if the start of the minilist is
2627 the start of the entire list, we can't just swap the items over, because
2628 we must not change the value of host, since it is passed in from outside.
2629 One day, this could perhaps be changed.
2631 The special case is fudged by putting the new item *second* in the chain,
2632 and then transferring the data between the first and second items. We
2633 can't just swap the first and the chosen item, because that would mean
2634 that an item with zero weight might no longer be first. */
2638 *ppptr = hhh->next; /* Cuts it out of the chain */
2642 host_item temp = *h;
2645 hhh->next = temp.next;
2651 hhh->next = h; /* The rest of the chain follows it */
2652 *pptr = hhh; /* It takes the place of h */
2653 h = hhh; /* It's now the start of this minilist */
2658 /* A host has been chosen to be first at this priority and h now points
2659 to this host. There may be others at the same priority, or others at a
2660 different priority. Before we leave this host, we need to put back a sort
2661 key of the traditional MX kind, in case this host is multihomed, because
2662 the sort key is used for ordering the multiple IP addresses. We do not need
2663 to ensure that these new sort keys actually reflect the order of the hosts,
2666 h->sort_key = h->mx * 1000 + random_number(500);
2667 } /* Move on to the next host */
2670 /* Now we have to ensure addresses exist for all the hosts. We have ensured
2671 above that the names in the host items are all unique. The addresses may have
2672 been returned in the additional data section of the DNS query. Because it is
2673 more expensive to scan the returned DNS records (because you have to expand the
2674 names) we do a single scan over them, and multiple scans of the chain of host
2675 items (which is typically only 3 or 4 long anyway.) Add extra host items for
2676 multi-homed hosts. */
2678 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ADDITIONAL);
2680 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2683 int status = hstatus_unknown;
2684 int why = hwhy_unknown;
2689 && rr->type != T_AAAA
2696 /* Find the first host that matches this record's name. If there isn't
2697 one, move on to the next RR. */
2699 for (h = host; h != last->next; h = h->next)
2700 { if (strcmpic(h->name, rr->name) == 0) break; }
2701 if (h == last->next) continue;
2703 /* For IPv4 addresses, add 500 to the random part of the sort key, to ensure
2704 they sort after IPv6 addresses. */
2706 randoffset = (rr->type == T_A)? 500 : 0;
2708 /* Get the list of textual addresses for this RR. There may be more than one
2709 if it is an A6 RR. Then loop to handle multiple addresses from an A6 record.
2710 If there are none, nothing will get done - the record is ignored. */
2712 for (da = dns_address_from_rr(&dnsa, rr); da != NULL; da = da->next)
2714 /* Set status for an ignorable host. */
2717 if (ignore_target_hosts != NULL &&
2718 verify_check_this_host(&ignore_target_hosts, NULL, h->name,
2719 da->address, NULL) == OK)
2721 DEBUG(D_host_lookup)
2722 debug_printf("ignored host %s [%s]\n", h->name, da->address);
2723 status = hstatus_unusable;
2728 /* If the address is already set for this host, it may be that
2729 we just have a duplicate DNS record. Alternatively, this may be
2730 a multi-homed host. Search all items with the same host name
2731 (they will all be together) and if this address is found, skip
2734 if (h->address != NULL)
2737 host_item *thishostlast;
2742 if (hh->address != NULL && Ustrcmp(CS da->address, hh->address) == 0)
2743 goto DNS_NEXT_RR; /* Need goto to escape from inner loop */
2747 while (hh != last->next && strcmpic(hh->name, rr->name) == 0);
2749 /* We have a multi-homed host, since we have a new address for
2750 an existing name. Create a copy of the current item, and give it
2751 the new address. RRs can be in arbitrary order, but one is supposed
2752 to randomize the addresses of multi-homed hosts, so compute a new
2753 sorting key and do that. [Latest SMTP RFC says not to randomize multi-
2754 homed hosts, but to rely on the resolver. I'm not happy about that -
2755 caching in the resolver will not rotate as often as the name server
2758 new_sort_key = h->mx * 1000 + random_number(500) + randoffset;
2759 hh = store_get(sizeof(host_item));
2761 /* New address goes first: insert the new block after the first one
2762 (so as not to disturb the original pointer) but put the new address
2763 in the original block. */
2765 if (new_sort_key < h->sort_key)
2767 *hh = *h; /* Note: copies the port */
2769 h->address = da->address;
2770 h->sort_key = new_sort_key;
2775 /* Otherwise scan down the addresses for this host to find the
2776 one to insert after. */
2780 while (h != thishostlast)
2782 if (new_sort_key < h->next->sort_key) break;
2785 *hh = *h; /* Note: copies the port */
2787 hh->address = da->address;
2788 hh->sort_key = new_sort_key;
2789 hh->status = status;
2793 if (h == last) last = hh; /* Inserted after last */
2796 /* The existing item doesn't have its address set yet, so just set it.
2797 Ensure that an IPv4 address gets its sort key incremented in case an IPv6
2798 address is found later. */
2802 h->address = da->address; /* Port should be set already */
2805 h->sort_key += randoffset;
2807 } /* Loop for addresses extracted from one RR */
2809 /* Carry on to the next RR. It would be nice to be able to be able to stop
2810 when every host on the list has an address, but we can't be sure there won't
2811 be an additional address for a multi-homed host further down the list, so
2812 we have to continue to the end. */
2814 DNS_NEXT_RR: continue;
2817 /* Set the default yield to failure */
2819 yield = HOST_FIND_FAILED;
2821 /* If we haven't found all the addresses in the additional section, we
2822 need to search for A or AAAA records explicitly. The names shouldn't point to
2823 CNAMES, but we use the general lookup function that handles them, just
2824 in case. If any lookup gives a soft error, change the default yield.
2826 For these DNS lookups, we must disable qualify_single and search_parents;
2827 otherwise invalid host names obtained from MX or SRV records can cause trouble
2828 if they happen to match something local. */
2830 dns_init(FALSE, FALSE);
2832 for (h = host; h != last->next; h = h->next)
2834 if (h->address != NULL || h->status == hstatus_unusable) continue;
2835 rc = set_address_from_dns(h, &last, ignore_target_hosts, allow_mx_to_ip, NULL);
2836 if (rc != HOST_FOUND)
2838 h->status = hstatus_unusable;
2839 if (rc == HOST_FIND_AGAIN)
2842 h->why = hwhy_deferred;
2845 h->why = (rc == HOST_IGNORED)? hwhy_ignored : hwhy_failed;
2849 /* Scan the list for any hosts that are marked unusable because they have
2850 been explicitly ignored, and remove them from the list, as if they did not
2851 exist. If we end up with just a single, ignored host, flatten its fields as if
2852 nothing was found. */
2854 if (ignore_target_hosts != NULL)
2856 host_item *prev = NULL;
2857 for (h = host; h != last->next; h = h->next)
2860 if (h->why != hwhy_ignored) /* Non ignored host, just continue */
2862 else if (prev == NULL) /* First host is ignored */
2864 if (h != last) /* First is not last */
2866 if (h->next == last) last = h; /* Overwrite it with next */
2867 *h = *(h->next); /* and reprocess it. */
2868 goto REDO; /* C should have redo, like Perl */
2871 else /* Ignored host is not first - */
2873 prev->next = h->next;
2874 if (h == last) last = prev;
2878 if (host->why == hwhy_ignored) host->address = NULL;
2881 /* There is still one complication in the case of IPv6. Although the code above
2882 arranges that IPv6 addresses take precedence over IPv4 addresses for multihomed
2883 hosts, it doesn't do this for addresses that apply to different hosts with the
2884 same MX precedence, because the sorting on MX precedence happens first. So we
2885 have to make another pass to check for this case. We ensure that, within a
2886 single MX preference value, IPv6 addresses come first. This can separate the
2887 addresses of a multihomed host, but that should not matter. */
2892 for (h = host; h != last; h = h->next)
2895 host_item *next = h->next;
2896 if (h->mx != next->mx || /* If next is different MX value */
2897 (h->sort_key % 1000) < 500 || /* OR this one is IPv6 */
2898 (next->sort_key % 1000) >= 500) /* OR next is IPv4 */
2899 continue; /* move on to next */
2901 temp.next = next->next;
2909 /* When running in the test harness, we want the hosts always to be in the same
2910 order so that the debugging output is the same and can be compared. Having a
2911 fixed set of "random" numbers doesn't actually achieve this, because the RRs
2912 come back from the resolver in a random order, so the non-random random numbers
2913 get used in a different order. We therefore have to sort the hosts that have
2914 the same MX values. We chose do to this by their name and then by IP address.
2915 The fact that the sort is slow matters not - this is testing only! */
2917 if (running_in_test_harness)
2923 for (h = host; h != last; h = h->next)
2925 int c = Ustrcmp(h->name, h->next->name);
2926 if (c == 0) c = Ustrcmp(h->address, h->next->address);
2927 if (h->mx == h->next->mx && c > 0)
2929 host_item *next = h->next;
2930 host_item temp = *h;
2931 temp.next = next->next;
2942 /* Remove any duplicate IP addresses and then scan the list of hosts for any
2943 whose IP addresses are on the local host. If any are found, all hosts with the
2944 same or higher MX values are removed. However, if the local host has the lowest
2945 numbered MX, then HOST_FOUND_LOCAL is returned. Otherwise, if at least one host
2946 with an IP address is on the list, HOST_FOUND is returned. Otherwise,
2947 HOST_FIND_FAILED is returned, but in this case do not update the yield, as it
2948 might have been set to HOST_FIND_AGAIN just above here. If not, it will already
2949 be HOST_FIND_FAILED. */
2951 host_remove_duplicates(host, &last);
2952 rc = host_scan_for_local_hosts(host, &last, removed);
2953 if (rc != HOST_FIND_FAILED) yield = rc;
2955 DEBUG(D_host_lookup)
2957 if (fully_qualified_name != NULL)
2958 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
2959 debug_printf("host_find_bydns yield = %s (%d); returned hosts:\n",
2960 (yield == HOST_FOUND)? "HOST_FOUND" :
2961 (yield == HOST_FOUND_LOCAL)? "HOST_FOUND_LOCAL" :
2962 (yield == HOST_FIND_AGAIN)? "HOST_FIND_AGAIN" :
2963 (yield == HOST_FIND_FAILED)? "HOST_FIND_FAILED" : "?",
2965 for (h = host; h != last->next; h = h->next)
2967 debug_printf(" %s %s MX=%d ", h->name,
2968 (h->address == NULL)? US"<null>" : h->address, h->mx);
2969 if (h->port != PORT_NONE) debug_printf("port=%d ", h->port);
2970 if (h->status >= hstatus_unusable) debug_printf("*");
2981 /*************************************************
2982 **************************************************
2983 * Stand-alone test program *
2984 **************************************************
2985 *************************************************/
2989 BOOL alldigits(uschar *buffer)
2991 if (!isdigit(*buffer)) return FALSE;
2992 if (*buffer == '0' && buffer[1] == 'x')
2995 while (isxdigit(*(++buffer)));
2997 else while (isdigit(*(++buffer)));
2998 return (*buffer == 0);
3001 int main(int argc, char **cargv)
3004 int whichrrs = HOST_FIND_BY_MX | HOST_FIND_BY_A;
3005 BOOL byname = FALSE;
3006 BOOL qualify_single = TRUE;
3007 BOOL search_parents = FALSE;
3008 uschar **argv = USS cargv;
3011 primary_hostname = US"";
3012 store_pool = POOL_MAIN;
3013 debug_selector = D_host_lookup|D_interface;
3014 debug_file = stdout;
3015 debug_fd = fileno(debug_file);
3017 printf("Exim stand-alone host functions test\n");
3019 host_find_interfaces();
3020 debug_selector = D_host_lookup | D_dns;
3022 if (argc > 1) primary_hostname = argv[1];
3024 /* So that debug level changes can be done first */
3026 dns_init(qualify_single, search_parents);
3028 printf("Testing host lookup\n");
3030 while (Ufgets(buffer, 256, stdin) != NULL)
3033 int len = Ustrlen(buffer);
3034 uschar *fully_qualified_name;
3036 while (len > 0 && isspace(buffer[len-1])) len--;
3039 if (Ustrcmp(buffer, "q") == 0) break;
3041 if (Ustrcmp(buffer, "byname") == 0) byname = TRUE;
3042 else if (Ustrcmp(buffer, "no_byname") == 0) byname = FALSE;
3043 else if (Ustrcmp(buffer, "a_only") == 0) whichrrs = HOST_FIND_BY_A;
3044 else if (Ustrcmp(buffer, "mx_only") == 0) whichrrs = HOST_FIND_BY_MX;
3045 else if (Ustrcmp(buffer, "srv_only") == 0) whichrrs = HOST_FIND_BY_SRV;
3046 else if (Ustrcmp(buffer, "srv+a") == 0)
3047 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_A;
3048 else if (Ustrcmp(buffer, "srv+mx") == 0)
3049 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_MX;
3050 else if (Ustrcmp(buffer, "srv+mx+a") == 0)
3051 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_MX | HOST_FIND_BY_A;
3052 else if (Ustrcmp(buffer, "qualify_single") == 0) qualify_single = TRUE;
3053 else if (Ustrcmp(buffer, "no_qualify_single") == 0) qualify_single = FALSE;
3054 else if (Ustrcmp(buffer, "search_parents") == 0) search_parents = TRUE;
3055 else if (Ustrcmp(buffer, "no_search_parents") == 0) search_parents = FALSE;
3056 else if (Ustrncmp(buffer, "retrans", 7) == 0)
3058 (void)sscanf(CS(buffer+8), "%d", &dns_retrans);
3059 _res.retrans = dns_retrans;
3061 else if (Ustrncmp(buffer, "retry", 5) == 0)
3063 (void)sscanf(CS(buffer+6), "%d", &dns_retry);
3064 _res.retry = dns_retry;
3066 else if (alldigits(buffer))
3068 debug_selector = Ustrtol(buffer, NULL, 0);
3069 _res.options &= ~RES_DEBUG;
3070 DEBUG(D_resolver) _res.options |= RES_DEBUG;
3074 int flags = whichrrs;
3080 h.status = hstatus_unknown;
3081 h.why = hwhy_unknown;
3084 if (qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
3085 if (search_parents) flags |= HOST_FIND_SEARCH_PARENTS;
3088 host_find_byname(&h, NULL, &fully_qualified_name, TRUE)
3090 host_find_bydns(&h, NULL, flags, US"smtp", NULL, NULL,
3091 &fully_qualified_name, NULL);
3093 if (rc == HOST_FIND_FAILED) printf("Failed\n");
3094 else if (rc == HOST_FIND_AGAIN) printf("Again\n");
3095 else if (rc == HOST_FOUND_LOCAL) printf("Local\n");
3101 printf("Testing host_aton\n");
3103 while (Ufgets(buffer, 256, stdin) != NULL)
3107 int len = Ustrlen(buffer);
3109 while (len > 0 && isspace(buffer[len-1])) len--;
3112 if (Ustrcmp(buffer, "q") == 0) break;
3114 len = host_aton(buffer, x);
3115 printf("length = %d ", len);
3116 for (i = 0; i < len; i++)
3118 printf("%04x ", (x[i] >> 16) & 0xffff);
3119 printf("%04x ", x[i] & 0xffff);
3126 printf("Testing host_name_lookup\n");
3128 while (Ufgets(buffer, 256, stdin) != NULL)
3130 int len = Ustrlen(buffer);
3131 while (len > 0 && isspace(buffer[len-1])) len--;
3133 if (Ustrcmp(buffer, "q") == 0) break;
3134 sender_host_address = buffer;
3135 sender_host_name = NULL;
3136 sender_host_aliases = NULL;
3137 host_lookup_msg = US"";
3138 host_lookup_failed = FALSE;
3139 if (host_name_lookup() == FAIL) /* Debug causes printing */
3140 printf("Lookup failed:%s\n", host_lookup_msg);
3148 #endif /* STAND_ALONE */
git://git.exim.org / exim.git / blob