1 /* $Cambridge: exim/src/src/host.c,v 1.11 2005/08/02 09:01:44 ph10 Exp $ */
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
7 /* Copyright (c) University of Cambridge 1995 - 2005 */
8 /* See the file NOTICE for conditions of use and distribution. */
10 /* Functions for finding hosts, either by gethostbyname(), gethostbyaddr(), or
11 directly via the DNS. When IPv6 is supported, getipnodebyname() and
12 getipnodebyaddr() may be used instead of gethostbyname() and gethostbyaddr(),
13 if the newer functions are available. This module also contains various other
14 functions concerned with hosts and addresses, and a random number function,
15 used for randomizing hosts with equal MXs but available for use in other parts
22 /* Static variable for preserving the list of interface addresses in case it is
23 used more than once. */
25 static ip_address_item *local_interface_data = NULL;
28 #ifdef USE_INET_NTOA_FIX
29 /*************************************************
30 * Replacement for broken inet_ntoa() *
31 *************************************************/
33 /* On IRIX systems, gcc uses a different structure passing convention to the
34 native libraries. This causes inet_ntoa() to always yield 0.0.0.0 or
35 255.255.255.255. To get round this, we provide a private version of the
36 function here. It is used only if USE_INET_NTOA_FIX is set, which should happen
37 only when gcc is in use on an IRIX system. Code send to me by J.T. Breitner,
41 as seen in comp.sys.sgi.admin
43 August 2005: Apparently this is also needed for AIX systems; USE_INET_NTOA_FIX
44 should now be set for them as well.
46 Arguments: sa an in_addr structure
47 Returns: pointer to static text string
51 inet_ntoa(struct in_addr sa)
53 static uschar addr[20];
54 sprintf(addr, "%d.%d.%d.%d",
65 /*************************************************
66 * Random number generator *
67 *************************************************/
69 /* This is a simple pseudo-random number generator. It does not have to be
70 very good for the uses to which it is put. When running the regression tests,
71 start with a fixed seed.
74 limit: one more than the largest number required
76 Returns: a pseudo-random number in the range 0 to limit-1
80 random_number(int limit)
84 if (running_in_test_harness) random_seed = 42; else
86 int p = (int)getpid();
87 random_seed = (int)time(NULL) ^ ((p << 16) | p);
90 random_seed = 1103515245 * random_seed + 12345;
91 return (unsigned int)(random_seed >> 16) % limit;
96 /*************************************************
97 * Sort addresses when testing *
98 *************************************************/
100 /* This function is called only when running in the test harness. It sorts a
101 number of multihomed host IP addresses into the order, so as to get
102 repeatability. This doesn't have to be efficient. But don't interchange IPv4
106 host -> the first host item
107 last -> the last host item
113 sort_addresses(host_item *host, host_item *last)
120 for (h = host; h != last; h = h->next)
122 if ((Ustrchr(h->address, ':') == NULL) !=
123 (Ustrchr(h->next->address, ':') == NULL))
125 if (Ustrcmp(h->address, h->next->address) > 0)
127 uschar *temp = h->address;
128 h->address = h->next->address;
129 h->next->address = temp;
138 /*************************************************
139 * Build chain of host items from list *
140 *************************************************/
142 /* This function builds a chain of host items from a textual list of host
143 names. It does not do any lookups. If randomize is true, the chain is build in
144 a randomized order. There may be multiple groups of independently randomized
145 hosts; they are delimited by a host name consisting of just "+".
148 anchor anchor for the chain
150 randomize TRUE for randomizing
156 host_build_hostlist(host_item **anchor, uschar *list, BOOL randomize)
159 int fake_mx = MX_NONE; /* This value is actually -1 */
163 if (list == NULL) return;
164 if (randomize) fake_mx--; /* Start at -2 for randomizing */
168 while ((name = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
172 if (name[0] == '+' && name[1] == 0) /* "+" delimits a randomized group */
173 { /* ignore if not randomizing */
174 if (randomize) fake_mx--;
178 h = store_get(sizeof(host_item));
179 h->name = string_copy(name);
183 h->sort_key = randomize? (-fake_mx)*1000 + random_number(1000) : 0;
184 h->status = hstatus_unknown;
185 h->why = hwhy_unknown;
195 host_item *hh = *anchor;
196 if (h->sort_key < hh->sort_key)
203 while (hh->next != NULL && h->sort_key >= (hh->next)->sort_key)
216 /*************************************************
217 * Extract port from address string *
218 *************************************************/
220 /* In the spool file, and in the -oMa and -oMi options, a host plus port is
221 given as an IP address followed by a dot and a port number. This function
224 An alternative format for the -oMa and -oMi options is [ip address]:port which
225 is what Exim 4 uses for output, because it seems to becoming commonly used,
226 whereas the dot form confuses some programs/people. So we recognize that form
230 address points to the string; if there is a port, the '.' in the string
231 is overwritten with zero to terminate the address; if the string
232 is in the [xxx]:ppp format, the address is shifted left and the
235 Returns: 0 if there is no port, else the port number. If there's a syntax
236 error, leave the incoming address alone, and return 0.
240 host_extract_port(uschar *address)
245 /* Handle the "bracketed with colon on the end" format */
249 uschar *rb = address + 1;
250 while (*rb != 0 && *rb != ']') rb++;
251 if (*rb++ == 0) return 0; /* Missing ]; leave invalid address */
254 port = Ustrtol(rb + 1, &endptr, 10);
255 if (*endptr != 0) return 0; /* Invalid port; leave invalid address */
257 else if (*rb != 0) return 0; /* Bad syntax; leave invalid address */
258 memmove(address, address + 1, rb - address - 2);
262 /* Handle the "dot on the end" format */
266 int skip = -3; /* Skip 3 dots in IPv4 addresses */
268 while (*(++address) != 0)
271 if (ch == ':') skip = 0; /* Skip 0 dots in IPv6 addresses */
272 else if (ch == '.' && skip++ >= 0) break;
274 if (*address == 0) return 0;
275 port = Ustrtol(address + 1, &endptr, 10);
276 if (*endptr != 0) return 0; /* Invalid port; leave invalid address */
285 #ifndef STAND_ALONE /* Omit when standalone testing */
287 /*************************************************
288 * Build sender_fullhost and sender_rcvhost *
289 *************************************************/
291 /* This function is called when sender_host_name and/or sender_helo_name
292 have been set. Or might have been set - for a local message read off the spool
293 they won't be. In that case, do nothing. Otherwise, set up the fullhost string
296 (a) No sender_host_name or sender_helo_name: "[ip address]"
297 (b) Just sender_host_name: "host_name [ip address]"
298 (c) Just sender_helo_name: "(helo_name) [ip address]"
299 (d) The two are identical: "host_name [ip address]"
300 (e) The two are different: "host_name (helo_name) [ip address]"
302 If log_incoming_port is set, the sending host's port number is added to the IP
305 This function also builds sender_rcvhost for use in Received: lines, whose
306 syntax is a bit different. This value also includes the RFC 1413 identity.
307 There wouldn't be two different variables if I had got all this right in the
310 Because this data may survive over more than one incoming SMTP message, it has
311 to be in permanent store.
318 host_build_sender_fullhost(void)
321 int old_pool = store_pool;
323 if (sender_host_address == NULL) return;
325 store_pool = POOL_PERM;
327 /* Set up address, with or without the port. After discussion, it seems that
328 the only format that doesn't cause trouble is [aaaa]:pppp. However, we can't
329 use this directly as the first item for Received: because it ain't an RFC 2822
332 address = string_sprintf("[%s]:%d", sender_host_address, sender_host_port);
333 if ((log_extra_selector & LX_incoming_port) == 0 || sender_host_port <= 0)
334 *(Ustrrchr(address, ':')) = 0;
336 /* Host name is not verified */
338 if (sender_host_name == NULL)
340 uschar *portptr = Ustrstr(address, "]:");
343 int adlen; /* Sun compiler doesn't like ++ in initializers */
345 adlen = (portptr == NULL)? Ustrlen(address) : (++portptr - address);
346 sender_fullhost = (sender_helo_name == NULL)? address :
347 string_sprintf("(%s) %s", sender_helo_name, address);
349 sender_rcvhost = string_cat(NULL, &size, &ptr, address, adlen);
351 if (sender_ident != NULL || sender_helo_name != NULL || portptr != NULL)
354 sender_rcvhost = string_cat(sender_rcvhost, &size, &ptr, US" (", 2);
358 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2, US"port=",
361 if (sender_helo_name != NULL)
362 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2,
363 (firstptr == ptr)? US"helo=" : US" helo=", sender_helo_name);
365 if (sender_ident != NULL)
366 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2,
367 (firstptr == ptr)? US"ident=" : US" ident=", sender_ident);
369 sender_rcvhost = string_cat(sender_rcvhost, &size, &ptr, US")", 1);
372 sender_rcvhost[ptr] = 0; /* string_cat() always leaves room */
374 /* Release store, because string_cat allocated a minimum of 100 bytes that
375 are rarely completely used. */
377 store_reset(sender_rcvhost + ptr + 1);
380 /* Host name is known and verified. */
385 if (sender_helo_name == NULL ||
386 strcmpic(sender_host_name, sender_helo_name) == 0 ||
387 (sender_helo_name[0] == '[' &&
388 sender_helo_name[(len=Ustrlen(sender_helo_name))-1] == ']' &&
389 strncmpic(sender_helo_name+1, sender_host_address, len - 2) == 0))
391 sender_fullhost = string_sprintf("%s %s", sender_host_name, address);
392 sender_rcvhost = (sender_ident == NULL)?
393 string_sprintf("%s (%s)", sender_host_name, address) :
394 string_sprintf("%s (%s ident=%s)", sender_host_name, address,
399 sender_fullhost = string_sprintf("%s (%s) %s", sender_host_name,
400 sender_helo_name, address);
401 sender_rcvhost = (sender_ident == NULL)?
402 string_sprintf("%s (%s helo=%s)", sender_host_name,
403 address, sender_helo_name) :
404 string_sprintf("%s\n\t(%s helo=%s ident=%s)", sender_host_name,
405 address, sender_helo_name, sender_ident);
409 store_pool = old_pool;
411 DEBUG(D_host_lookup) debug_printf("sender_fullhost = %s\n", sender_fullhost);
412 DEBUG(D_host_lookup) debug_printf("sender_rcvhost = %s\n", sender_rcvhost);
417 /*************************************************
418 * Build host+ident message *
419 *************************************************/
421 /* Used when logging rejections and various ACL and SMTP incidents. The text
422 return depends on whether sender_fullhost and sender_ident are set or not:
424 no ident, no host => U=unknown
425 no ident, host set => H=sender_fullhost
426 ident set, no host => U=ident
427 ident set, host set => H=sender_fullhost U=ident
430 useflag TRUE if first item to be flagged (H= or U=); if there are two
431 items, the second is always flagged
433 Returns: pointer to a string in big_buffer
437 host_and_ident(BOOL useflag)
439 if (sender_fullhost == NULL)
441 (void)string_format(big_buffer, big_buffer_size, "%s%s", useflag? "U=" : "",
442 (sender_ident == NULL)? US"unknown" : sender_ident);
446 uschar *flag = useflag? US"H=" : US"";
447 uschar *iface = US"";
448 if ((log_extra_selector & LX_incoming_interface) != 0 &&
449 interface_address != NULL)
450 iface = string_sprintf(" I=[%s]:%d", interface_address, interface_port);
451 if (sender_ident == NULL)
452 (void)string_format(big_buffer, big_buffer_size, "%s%s%s",
453 flag, sender_fullhost, iface);
455 (void)string_format(big_buffer, big_buffer_size, "%s%s%s U=%s",
456 flag, sender_fullhost, iface, sender_ident);
461 #endif /* STAND_ALONE */
466 /*************************************************
467 * Build list of local interfaces *
468 *************************************************/
470 /* This function interprets the contents of the local_interfaces or
471 extra_local_interfaces options, and creates an ip_address_item block for each
472 item on the list. There is no special interpretation of any IP addresses; in
473 particular, 0.0.0.0 and ::0 are returned without modification. If any address
474 includes a port, it is set in the block. Otherwise the port value is set to
479 name the name of the option being expanded
481 Returns: a chain of ip_address_items, each containing to a textual
482 version of an IP address, and a port number (host order) or
483 zero if no port was given with the address
487 host_build_ifacelist(uschar *list, uschar *name)
492 ip_address_item *yield = NULL;
493 ip_address_item *last = NULL;
494 ip_address_item *next;
496 while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
498 int port = host_extract_port(s); /* Leaves just the IP address */
499 if (string_is_ip_address(s, NULL) == 0)
500 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Malformed IP address \"%s\" in %s",
503 /* This use of strcpy() is OK because we have checked that s is a valid IP
504 address above. The field in the ip_address_item is large enough to hold an
507 next = store_get(sizeof(ip_address_item));
509 Ustrcpy(next->address, s);
511 next->v6_include_v4 = FALSE;
513 if (yield == NULL) yield = last = next; else
527 /*************************************************
528 * Find addresses on local interfaces *
529 *************************************************/
531 /* This function finds the addresses of local IP interfaces. These are used
532 when testing for routing to the local host. As the function may be called more
533 than once, the list is preserved in permanent store, pointed to by a static
534 variable, to save doing the work more than once per process.
536 The generic list of interfaces is obtained by calling host_build_ifacelist()
537 for local_interfaces and extra_local_interfaces. This list scanned to remove
538 duplicates (which may exist with different ports - not relevant here). If
539 either of the wildcard IP addresses (0.0.0.0 and ::0) are encountered, they are
540 replaced by the appropriate (IPv4 or IPv6) list of actual local interfaces,
541 obtained from os_find_running_interfaces().
544 Returns: a chain of ip_address_items, each containing to a textual
545 version of an IP address; the port numbers are not relevant
549 /* First, a local subfunction to add an interface to a list in permanent store,
550 but only if there isn't a previous copy of that address on the list. */
552 static ip_address_item *
553 add_unique_interface(ip_address_item *list, ip_address_item *ipa)
555 ip_address_item *ipa2;
556 for (ipa2 = list; ipa2 != NULL; ipa2 = ipa2->next)
557 if (Ustrcmp(ipa2->address, ipa->address) == 0) return list;
558 ipa2 = store_get_perm(sizeof(ip_address_item));
565 /* This is the globally visible function */
568 host_find_interfaces(void)
570 ip_address_item *running_interfaces = NULL;
572 if (local_interface_data == NULL)
574 void *reset_item = store_get(0);
575 ip_address_item *dlist = host_build_ifacelist(local_interfaces,
576 US"local_interfaces");
577 ip_address_item *xlist = host_build_ifacelist(extra_local_interfaces,
578 US"extra_local_interfaces");
579 ip_address_item *ipa;
581 if (dlist == NULL) dlist = xlist; else
583 for (ipa = dlist; ipa->next != NULL; ipa = ipa->next);
587 for (ipa = dlist; ipa != NULL; ipa = ipa->next)
589 if (Ustrcmp(ipa->address, "0.0.0.0") == 0 ||
590 Ustrcmp(ipa->address, "::0") == 0)
592 ip_address_item *ipa2;
593 BOOL ipv6 = ipa->address[0] == ':';
594 if (running_interfaces == NULL)
595 running_interfaces = os_find_running_interfaces();
596 for (ipa2 = running_interfaces; ipa2 != NULL; ipa2 = ipa2->next)
598 if ((Ustrchr(ipa2->address, ':') != NULL) == ipv6)
599 local_interface_data = add_unique_interface(local_interface_data,
605 local_interface_data = add_unique_interface(local_interface_data, ipa);
608 debug_printf("Configured local interface: address=%s", ipa->address);
609 if (ipa->port != 0) debug_printf(" port=%d", ipa->port);
614 store_reset(reset_item);
617 return local_interface_data;
624 /*************************************************
625 * Convert network IP address to text *
626 *************************************************/
628 /* Given an IPv4 or IPv6 address in binary, convert it to a text
629 string and return the result in a piece of new store. The address can
630 either be given directly, or passed over in a sockaddr structure. Note
631 that this isn't the converse of host_aton() because of byte ordering
632 differences. See host_nmtoa() below.
635 type if < 0 then arg points to a sockaddr, else
636 either AF_INET or AF_INET6
637 arg points to a sockaddr if type is < 0, or
638 points to an IPv4 address (32 bits), or
639 points to an IPv6 address (128 bits),
640 in both cases, in network byte order
641 buffer if NULL, the result is returned in gotten store;
642 else points to a buffer to hold the answer
643 portptr points to where to put the port number, if non NULL; only
646 Returns: pointer to character string
650 host_ntoa(int type, const void *arg, uschar *buffer, int *portptr)
654 /* The new world. It is annoying that we have to fish out the address from
655 different places in the block, depending on what kind of address it is. It
656 is also a pain that inet_ntop() returns a const uschar *, whereas the IPv4
657 function inet_ntoa() returns just uschar *, and some picky compilers insist
658 on warning if one assigns a const uschar * to a uschar *. Hence the casts. */
661 uschar addr_buffer[46];
664 int family = ((struct sockaddr *)arg)->sa_family;
665 if (family == AF_INET6)
667 struct sockaddr_in6 *sk = (struct sockaddr_in6 *)arg;
668 yield = (uschar *)inet_ntop(family, &(sk->sin6_addr), CS addr_buffer,
669 sizeof(addr_buffer));
670 if (portptr != NULL) *portptr = ntohs(sk->sin6_port);
674 struct sockaddr_in *sk = (struct sockaddr_in *)arg;
675 yield = (uschar *)inet_ntop(family, &(sk->sin_addr), CS addr_buffer,
676 sizeof(addr_buffer));
677 if (portptr != NULL) *portptr = ntohs(sk->sin_port);
682 yield = (uschar *)inet_ntop(type, arg, CS addr_buffer, sizeof(addr_buffer));
685 /* If the result is a mapped IPv4 address, show it in V4 format. */
687 if (Ustrncmp(yield, "::ffff:", 7) == 0) yield += 7;
689 #else /* HAVE_IPV6 */
695 yield = US inet_ntoa(((struct sockaddr_in *)arg)->sin_addr);
696 if (portptr != NULL) *portptr = ntohs(((struct sockaddr_in *)arg)->sin_port);
699 yield = US inet_ntoa(*((struct in_addr *)arg));
702 /* If there is no buffer, put the string into some new store. */
704 if (buffer == NULL) return string_copy(yield);
706 /* Callers of this function with a non-NULL buffer must ensure that it is
707 large enough to hold an IPv6 address, namely, at least 46 bytes. That's what
708 makes this use of strcpy() OK. */
710 Ustrcpy(buffer, yield);
717 /*************************************************
718 * Convert address text to binary *
719 *************************************************/
721 /* Given the textual form of an IP address, convert it to binary in an
722 array of ints. IPv4 addresses occupy one int; IPv6 addresses occupy 4 ints.
723 The result has the first byte in the most significant byte of the first int. In
724 other words, the result is not in network byte order, but in host byte order.
725 As a result, this is not the converse of host_ntoa(), which expects network
726 byte order. See host_nmtoa() below.
729 address points to the textual address, checked for syntax
730 bin points to an array of 4 ints
732 Returns: the number of ints used
736 host_aton(uschar *address, int *bin)
741 /* Handle IPv6 address, which may end with an IPv4 address. It may also end
742 with a "scope", introduced by a percent sign. This code is NOT enclosed in #if
743 HAVE_IPV6 in order that IPv6 addresses are recognized even if IPv6 is not
746 if (Ustrchr(address, ':') != NULL)
749 uschar *component[8];
750 BOOL ipv4_ends = FALSE;
756 /* If the address starts with a colon, it will start with two colons.
757 Just lose the first one, which will leave a null first component. */
761 /* Split the address into components separated by colons. The input address
762 is supposed to be checked for syntax. There was a case where this was
763 overlooked; to guard against that happening again, check here and crash if
764 there are too many components. */
766 while (*p != 0 && *p != '%')
768 int len = Ustrcspn(p, ":%");
769 if (len == 0) nulloffset = ci;
770 if (ci > 7) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
771 "Internal error: invalid IPv6 address \"%s\" passed to host_aton()",
778 /* If the final component contains a dot, it is a trailing v4 address.
779 As the syntax is known to be checked, just set up for a trailing
780 v4 address and restrict the v6 part to 6 components. */
782 if (Ustrchr(component[ci-1], '.') != NULL)
784 address = component[--ci];
790 /* If there are fewer than 6 or 8 components, we have to insert some
791 more empty ones in the middle. */
795 int insert_count = v6count - ci;
796 for (i = v6count-1; i > nulloffset + insert_count; i--)
797 component[i] = component[i - insert_count];
798 while (i > nulloffset) component[i--] = US"";
801 /* Now turn the components into binary in pairs and bung them
802 into the vector of ints. */
804 for (i = 0; i < v6count; i += 2)
805 bin[i/2] = (Ustrtol(component[i], NULL, 16) << 16) +
806 Ustrtol(component[i+1], NULL, 16);
808 /* If there was no terminating v4 component, we are done. */
810 if (!ipv4_ends) return 4;
813 /* Handle IPv4 address */
815 (void)sscanf(CS address, "%d.%d.%d.%d", x, x+1, x+2, x+3);
816 bin[v4offset] = (x[0] << 24) + (x[1] << 16) + (x[2] << 8) + x[3];
821 /*************************************************
822 * Apply mask to an IP address *
823 *************************************************/
825 /* Mask an address held in 1 or 4 ints, with the ms bit in the ms bit of the
829 count the number of ints
830 binary points to the ints to be masked
831 mask the count of ms bits to leave, or -1 if no masking
837 host_mask(int count, int *binary, int mask)
840 if (mask < 0) mask = 99999;
841 for (i = 0; i < count; i++)
844 if (mask == 0) wordmask = 0;
847 wordmask = (-1) << (32 - mask);
855 binary[i] &= wordmask;
862 /*************************************************
863 * Convert masked IP address in ints to text *
864 *************************************************/
866 /* We can't use host_ntoa() because it assumes the binary values are in network
867 byte order, and these are the result of host_aton(), which puts them in ints in
868 host byte order. Also, we really want IPv6 addresses to be in a canonical
869 format, so we output them with no abbreviation. In a number of cases we can't
870 use the normal colon separator in them because it terminates keys in lsearch
871 files, so we want to use dot instead. There's an argument that specifies what
872 to use for IPv6 addresses.
875 count 1 or 4 (number of ints)
876 binary points to the ints
877 mask mask value; if < 0 don't add to result
878 buffer big enough to hold the result
879 sep component separator character for IPv6 addresses
881 Returns: the number of characters placed in buffer, not counting
886 host_nmtoa(int count, int *binary, int mask, uschar *buffer, int sep)
894 for (i = 24; i >= 0; i -= 8)
896 sprintf(CS tt, "%d.", (j >> i) & 255);
902 for (i = 0; i < 4; i++)
905 sprintf(CS tt, "%04x%c%04x%c", (j >> 16) & 0xffff, sep, j & 0xffff, sep);
910 tt--; /* lose final separator */
916 sprintf(CS tt, "/%d", mask);
925 /*************************************************
926 * Check port for tls_on_connect *
927 *************************************************/
929 /* This function checks whether a given incoming port is configured for tls-
930 on-connect. It is called from the daemon and from inetd handling. If the global
931 option tls_on_connect is already set, all ports operate this way. Otherwise, we
932 check the tls_on_connect_ports option for a list of ports.
934 Argument: a port number
935 Returns: TRUE or FALSE
939 host_is_tls_on_connect_port(int port)
943 uschar *list = tls_on_connect_ports;
946 if (tls_on_connect) return TRUE;
948 while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
951 int lport = Ustrtol(s, &end, 10);
952 if (*end != 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "tls_on_connect_ports "
953 "contains \"%s\", which is not a port number: exim abandoned", s);
954 if (lport == port) return TRUE;
962 /*************************************************
963 * Check whether host is in a network *
964 *************************************************/
966 /* This function checks whether a given IP address matches a pattern that
967 represents either a single host, or a network (using CIDR notation). The caller
968 of this function must check the syntax of the arguments before calling it.
971 host string representation of the ip-address to check
972 net string representation of the network, with optional CIDR mask
973 maskoffset offset to the / that introduces the mask in the key
974 zero if there is no mask
977 TRUE the host is inside the network
978 FALSE the host is NOT inside the network
982 host_is_in_net(uschar *host, uschar *net, int maskoffset)
988 int size = host_aton(net, address);
991 /* No mask => all bits to be checked */
993 if (maskoffset == 0) mlen = 99999; /* Big number */
994 else mlen = Uatoi(net + maskoffset + 1);
996 /* Convert the incoming address to binary. */
998 insize = host_aton(host, incoming);
1000 /* Convert IPv4 addresses given in IPv6 compatible mode, which represent
1001 connections from IPv4 hosts to IPv6 hosts, that is, addresses of the form
1002 ::ffff:<v4address>, to IPv4 format. */
1004 if (insize == 4 && incoming[0] == 0 && incoming[1] == 0 &&
1005 incoming[2] == 0xffff)
1008 incoming[0] = incoming[3];
1011 /* No match if the sizes don't agree. */
1013 if (insize != size) return FALSE;
1015 /* Else do the masked comparison. */
1017 for (i = 0; i < size; i++)
1020 if (mlen == 0) mask = 0;
1023 mask = (-1) << (32 - mlen);
1031 if ((incoming[i] & mask) != (address[i] & mask)) return FALSE;
1039 /*************************************************
1040 * Scan host list for local hosts *
1041 *************************************************/
1043 /* Scan through a chain of addresses and check whether any of them is the
1044 address of an interface on the local machine. If so, remove that address and
1045 any previous ones with the same MX value, and all subsequent ones (which will
1046 have greater or equal MX values) from the chain. Note: marking them as unusable
1047 is NOT the right thing to do because it causes the hosts not to be used for
1048 other domains, for which they may well be correct.
1050 The hosts may be part of a longer chain; we only process those between the
1051 initial pointer and the "last" pointer.
1053 There is also a list of "pseudo-local" host names which are checked against the
1054 host names. Any match causes that host item to be treated the same as one which
1055 matches a local IP address.
1057 If the very first host is a local host, then all MX records had a precedence
1058 greater than or equal to that of the local host. Either there's a problem in
1059 the DNS, or an apparently remote name turned out to be an abbreviation for the
1060 local host. Give a specific return code, and let the caller decide what to do.
1061 Otherwise, give a success code if at least one host address has been found.
1064 host pointer to the first host in the chain
1065 lastptr pointer to pointer to the last host in the chain (may be updated)
1066 removed if not NULL, set TRUE if some local addresses were removed
1070 HOST_FOUND if there is at least one host with an IP address on the chain
1071 and an MX value less than any MX value associated with the
1073 HOST_FOUND_LOCAL if a local host is among the lowest-numbered MX hosts; when
1074 the host addresses were obtained from A records or
1075 gethostbyname(), the MX values are set to -1.
1076 HOST_FIND_FAILED if no valid hosts with set IP addresses were found
1080 host_scan_for_local_hosts(host_item *host, host_item **lastptr, BOOL *removed)
1082 int yield = HOST_FIND_FAILED;
1083 host_item *last = *lastptr;
1084 host_item *prev = NULL;
1087 if (removed != NULL) *removed = FALSE;
1089 if (local_interface_data == NULL) local_interface_data = host_find_interfaces();
1091 for (h = host; h != last->next; h = h->next)
1094 if (hosts_treat_as_local != NULL)
1097 uschar *save = deliver_domain;
1098 deliver_domain = h->name; /* set $domain */
1099 rc = match_isinlist(string_copylc(h->name), &hosts_treat_as_local, 0,
1100 &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
1101 deliver_domain = save;
1102 if (rc == OK) goto FOUND_LOCAL;
1106 /* It seems that on many operating systems, 0.0.0.0 is treated as a synonym
1107 for 127.0.0.1 and refers to the local host. We therefore force it always to
1108 be treated as local. */
1110 if (h->address != NULL)
1112 ip_address_item *ip;
1113 if (Ustrcmp(h->address, "0.0.0.0") == 0) goto FOUND_LOCAL;
1114 for (ip = local_interface_data; ip != NULL; ip = ip->next)
1115 if (Ustrcmp(h->address, ip->address) == 0) goto FOUND_LOCAL;
1116 yield = HOST_FOUND; /* At least one remote address has been found */
1119 /* Update prev to point to the last host item before any that have
1120 the same MX value as the one we have just considered. */
1122 if (h->next == NULL || h->next->mx != h->mx) prev = h;
1125 return yield; /* No local hosts found: return HOST_FOUND or HOST_FIND_FAILED */
1127 /* A host whose IP address matches a local IP address, or whose name matches
1128 something in hosts_treat_as_local has been found. */
1134 HDEBUG(D_host_lookup) debug_printf((h->mx >= 0)?
1135 "local host has lowest MX\n" :
1136 "local host found for non-MX address\n");
1137 return HOST_FOUND_LOCAL;
1140 HDEBUG(D_host_lookup)
1142 debug_printf("local host in host list - removed hosts:\n");
1143 for (h = prev->next; h != last->next; h = h->next)
1144 debug_printf(" %s %s %d\n", h->name, h->address, h->mx);
1147 if (removed != NULL) *removed = TRUE;
1148 prev->next = last->next;
1156 /*************************************************
1157 * Remove duplicate IPs in host list *
1158 *************************************************/
1160 /* You would think that administrators could set up their DNS records so that
1161 one ended up with a list of unique IP addresses after looking up A or MX
1162 records, but apparently duplication is common. So we scan such lists and
1163 remove the later duplicates. Note that we may get lists in which some host
1164 addresses are not set.
1167 host pointer to the first host in the chain
1168 lastptr pointer to pointer to the last host in the chain (may be updated)
1174 host_remove_duplicates(host_item *host, host_item **lastptr)
1176 while (host != *lastptr)
1178 if (host->address != NULL)
1180 host_item *h = host;
1181 while (h != *lastptr)
1183 if (h->next->address != NULL &&
1184 Ustrcmp(h->next->address, host->address) == 0)
1186 DEBUG(D_host_lookup) debug_printf("duplicate IP address %s (MX=%d) "
1187 "removed\n", host->address, h->next->mx);
1188 if (h->next == *lastptr) *lastptr = h;
1189 h->next = h->next->next;
1194 /* If the last item was removed, host may have become == *lastptr */
1195 if (host != *lastptr) host = host->next;
1202 /*************************************************
1203 * Find sender host name by gethostbyaddr() *
1204 *************************************************/
1206 /* This used to be the only way it was done, but it turns out that not all
1207 systems give aliases for calls to gethostbyaddr() - or one of the modern
1208 equivalents like getipnodebyaddr(). Fortunately, multiple PTR records are rare,
1209 but they can still exist. This function is now used only when a DNS lookup of
1210 the IP address fails, in order to give access to /etc/hosts.
1213 Returns: OK, DEFER, FAIL
1217 host_name_lookup_byaddr(void)
1221 struct hostent *hosts;
1222 struct in_addr addr;
1224 /* Lookup on IPv6 system */
1227 if (Ustrchr(sender_host_address, ':') != NULL)
1229 struct in6_addr addr6;
1230 if (inet_pton(AF_INET6, CS sender_host_address, &addr6) != 1)
1231 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "unable to parse \"%s\" as an "
1232 "IPv6 address", sender_host_address);
1233 #if HAVE_GETIPNODEBYADDR
1234 hosts = getipnodebyaddr(CS &addr6, sizeof(addr6), AF_INET6, &h_errno);
1236 hosts = gethostbyaddr(CS &addr6, sizeof(addr6), AF_INET6);
1241 if (inet_pton(AF_INET, CS sender_host_address, &addr) != 1)
1242 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "unable to parse \"%s\" as an "
1243 "IPv4 address", sender_host_address);
1244 #if HAVE_GETIPNODEBYADDR
1245 hosts = getipnodebyaddr(CS &addr, sizeof(addr), AF_INET, &h_errno);
1247 hosts = gethostbyaddr(CS &addr, sizeof(addr), AF_INET);
1251 /* Do lookup on IPv4 system */
1254 addr.s_addr = (S_ADDR_TYPE)inet_addr(CS sender_host_address);
1255 hosts = gethostbyaddr(CS(&addr), sizeof(addr), AF_INET);
1258 /* Failed to look up the host. */
1262 HDEBUG(D_host_lookup) debug_printf("IP address lookup failed: h_errno=%d\n",
1264 return (h_errno == TRY_AGAIN || h_errno == NO_RECOVERY) ? DEFER : FAIL;
1267 /* It seems there are some records in the DNS that yield an empty name. We
1268 treat this as non-existent. In some operating systems, this is returned as an
1269 empty string; in others as a single dot. */
1271 if (hosts->h_name[0] == 0 || hosts->h_name[0] == '.')
1273 HDEBUG(D_host_lookup) debug_printf("IP address lookup yielded an empty name: "
1274 "treated as non-existent host name\n");
1278 /* Copy and lowercase the name, which is in static storage in many systems.
1279 Put it in permanent memory. */
1281 s = (uschar *)hosts->h_name;
1282 len = Ustrlen(s) + 1;
1283 t = sender_host_name = store_get_perm(len);
1284 while (*s != 0) *t++ = tolower(*s++);
1287 /* If the host has aliases, build a copy of the alias list */
1289 if (hosts->h_aliases != NULL)
1292 uschar **aliases, **ptr;
1293 for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++) count++;
1294 ptr = sender_host_aliases = store_get_perm(count * sizeof(uschar *));
1295 for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++)
1297 uschar *s = *aliases;
1298 int len = Ustrlen(s) + 1;
1299 uschar *t = *ptr++ = store_get_perm(len);
1300 while (*s != 0) *t++ = tolower(*s++);
1311 /*************************************************
1312 * Find host name for incoming call *
1313 *************************************************/
1315 /* Put the name in permanent store, pointed to by sender_host_name. We also set
1316 up a list of alias names, pointed to by sender_host_alias. The list is
1317 NULL-terminated. The incoming address is in sender_host_address, either in
1318 dotted-quad form for IPv4 or in colon-separated form for IPv6.
1320 This function does a thorough check that the names it finds point back to the
1321 incoming IP address. Any that do not are discarded. Note that this is relied on
1322 by the ACL reverse_host_lookup check.
1324 On some systems, get{host,ipnode}byaddr() appears to do this internally, but
1325 this it not universally true. Also, for release 4.30, this function was changed
1326 to do a direct DNS lookup first, by default[1], because it turns out that that
1327 is the only guaranteed way to find all the aliases on some systems. My
1328 experiments indicate that Solaris gethostbyaddr() gives the aliases for but
1331 [1] The actual order is controlled by the host_lookup_order option.
1334 Returns: OK on success, the answer being placed in the global variable
1335 sender_host_name, with any aliases in a list hung off
1337 FAIL if no host name can be found
1338 DEFER if a temporary error was encountered
1340 The variable host_lookup_msg is set to an empty string on sucess, or to a
1341 reason for the failure otherwise, in a form suitable for tagging onto an error
1342 message, and also host_lookup_failed is set TRUE if the lookup failed. If there
1343 was a defer, host_lookup_deferred is set TRUE.
1345 Any dynamically constructed string for host_lookup_msg must be in permanent
1346 store, because it might be used for several incoming messages on the same SMTP
1350 host_name_lookup(void)
1354 uschar *hname, *save_hostname;
1358 uschar *list = host_lookup_order;
1363 host_lookup_deferred = host_lookup_failed = FALSE;
1365 HDEBUG(D_host_lookup)
1366 debug_printf("looking up host name for %s\n", sender_host_address);
1368 /* For testing the case when a lookup does not complete, we have a special
1369 reserved IP address. */
1371 if (running_in_test_harness &&
1372 Ustrcmp(sender_host_address, "99.99.99.99") == 0)
1374 HDEBUG(D_host_lookup)
1375 debug_printf("Test harness: host name lookup returns DEFER\n");
1376 host_lookup_deferred = TRUE;
1380 /* Do lookups directly in the DNS or via gethostbyaddr() (or equivalent), in
1381 the order specified by the host_lookup_order option. */
1383 while ((ordername = string_nextinlist(&list, &sep, buffer, sizeof(buffer)))
1386 if (strcmpic(ordername, US"bydns") == 0)
1388 dns_init(FALSE, FALSE);
1389 dns_build_reverse(sender_host_address, buffer);
1390 rc = dns_lookup(&dnsa, buffer, T_PTR, NULL);
1392 /* The first record we come across is used for the name; others are
1393 considered to be aliases. We have to scan twice, in order to find out the
1394 number of aliases. However, if all the names are empty, we will behave as
1395 if failure. (PTR records that yield empty names have been encountered in
1398 if (rc == DNS_SUCCEED)
1400 uschar **aptr = NULL;
1403 int old_pool = store_pool;
1405 store_pool = POOL_PERM; /* Save names in permanent storage */
1407 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
1409 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
1411 if (rr->type == T_PTR) count++;
1414 /* Get store for the list of aliases. For compatibility with
1415 gethostbyaddr, we make an empty list if there are none. */
1417 aptr = sender_host_aliases = store_get(count * sizeof(uschar *));
1419 /* Re-scan and extract the names */
1421 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
1423 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
1426 if (rr->type != T_PTR) continue;
1427 s = store_get(ssize);
1429 /* If an overlong response was received, the data will have been
1430 truncated and dn_expand may fail. */
1432 if (dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen,
1433 (uschar *)(rr->data), (DN_EXPAND_ARG4_TYPE)(s), ssize) < 0)
1435 log_write(0, LOG_MAIN, "host name alias list truncated for %s",
1436 sender_host_address);
1440 store_reset(s + Ustrlen(s) + 1);
1443 HDEBUG(D_host_lookup) debug_printf("IP address lookup yielded an "
1444 "empty name: treated as non-existent host name\n");
1447 if (sender_host_name == NULL) sender_host_name = s;
1449 while (*s != 0) { *s = tolower(*s); s++; }
1452 *aptr = NULL; /* End of alias list */
1453 store_pool = old_pool; /* Reset store pool */
1455 /* If we've found a names, break out of the "order" loop */
1457 if (sender_host_name != NULL) break;
1460 /* If the DNS lookup deferred, we must also defer. */
1462 if (rc == DNS_AGAIN)
1464 HDEBUG(D_host_lookup)
1465 debug_printf("IP address PTR lookup gave temporary error\n");
1466 host_lookup_deferred = TRUE;
1471 /* Do a lookup using gethostbyaddr() - or equivalent */
1473 else if (strcmpic(ordername, US"byaddr") == 0)
1475 HDEBUG(D_host_lookup)
1476 debug_printf("IP address lookup using gethostbyaddr()\n");
1477 rc = host_name_lookup_byaddr();
1480 host_lookup_deferred = TRUE;
1481 return rc; /* Can't carry on */
1483 if (rc == OK) break; /* Found a name */
1485 } /* Loop for bydns/byaddr scanning */
1487 /* If we have failed to find a name, return FAIL and log when required.
1488 NB host_lookup_msg must be in permanent store. */
1490 if (sender_host_name == NULL)
1492 if (host_checking || !log_testing_mode)
1493 log_write(L_host_lookup_failed, LOG_MAIN, "no host name found for IP "
1494 "address %s", sender_host_address);
1495 host_lookup_msg = US" (failed to find host name from IP address)";
1496 host_lookup_failed = TRUE;
1500 /* We have a host name. If we are running in the test harness, we want the host
1501 name and its alias to appear always the same way round. There are only ever two
1502 names in these tests. If one of them contains "alias", make sure it is second;
1503 otherwise put them in alphabetical order. */
1505 if (running_in_test_harness && *sender_host_aliases != NULL &&
1507 Ustrstr(sender_host_name, "alias") != NULL ||
1509 Ustrstr(*sender_host_aliases, "alias") == NULL &&
1510 Ustrcmp(sender_host_name, *sender_host_aliases) > 0
1514 uschar *temp = sender_host_name;
1515 sender_host_name = *sender_host_aliases;
1516 *sender_host_aliases = temp;
1519 /* Debug output what was found, after test harness swapping, for consistency */
1521 HDEBUG(D_host_lookup)
1523 uschar **aliases = sender_host_aliases;
1524 debug_printf("IP address lookup yielded %s\n", sender_host_name);
1525 while (*aliases != NULL) debug_printf(" alias %s\n", *aliases++);
1528 /* We need to verify that a forward lookup on the name we found does indeed
1529 correspond to the address. This is for security: in principle a malefactor who
1530 happened to own a reverse zone could set it to point to any names at all.
1532 This code was present in versions of Exim before 3.20. At that point I took it
1533 out because I thought that gethostbyaddr() did the check anyway. It turns out
1534 that this isn't always the case, so it's coming back in at 4.01. This version
1535 is actually better, because it also checks aliases.
1537 The code was made more robust at release 4.21. Prior to that, it accepted all
1538 the names if any of them had the correct IP address. Now the code checks all
1539 the names, and accepts only those that have the correct IP address. */
1541 save_hostname = sender_host_name; /* Save for error messages */
1542 aliases = sender_host_aliases;
1543 for (hname = sender_host_name; hname != NULL; hname = *aliases++)
1553 /* When called with the 5th argument FALSE, host_find_byname() won't return
1554 HOST_FOUND_LOCAL. If the incoming address is an IPv4 address expressed in
1555 IPv6 format, we must compare the IPv4 part to any IPv4 addresses. */
1557 if ((rc = host_find_byname(&h, NULL, NULL, FALSE)) == HOST_FOUND)
1560 uschar *address_ipv4 = (Ustrncmp(sender_host_address, "::ffff:", 7) == 0)?
1561 sender_host_address + 7 : sender_host_address;
1562 HDEBUG(D_host_lookup) debug_printf("checking addresses for %s\n", hname);
1563 for (hh = &h; hh != NULL; hh = hh->next)
1565 if ((Ustrcmp(hh->address, (Ustrchr(hh->address, ':') == NULL)?
1566 address_ipv4 : sender_host_address)) == 0)
1568 HDEBUG(D_host_lookup) debug_printf(" %s OK\n", hh->address);
1574 HDEBUG(D_host_lookup) debug_printf(" %s\n", hh->address);
1577 if (!ok) HDEBUG(D_host_lookup)
1578 debug_printf("no IP address for %s matched %s\n", hname,
1579 sender_host_address);
1581 else if (rc == HOST_FIND_AGAIN)
1583 HDEBUG(D_host_lookup) debug_printf("temporary error for host name lookup\n");
1584 host_lookup_deferred = TRUE;
1589 HDEBUG(D_host_lookup) debug_printf("no IP addresses found for %s\n", hname);
1592 /* If this name is no good, and it's the sender name, set it null pro tem;
1593 if it's an alias, just remove it from the list. */
1597 if (hname == sender_host_name) sender_host_name = NULL; else
1599 uschar **a; /* Don't amalgamate - some */
1600 a = --aliases; /* compilers grumble */
1601 while (*a != NULL) { *a = a[1]; a++; }
1606 /* If sender_host_name == NULL, it means we didn't like the name. Replace
1607 it with the first alias, if there is one. */
1609 if (sender_host_name == NULL && *sender_host_aliases != NULL)
1610 sender_host_name = *sender_host_aliases++;
1612 /* If we now have a main name, all is well. */
1614 if (sender_host_name != NULL) return OK;
1616 /* We have failed to find an address that matches. */
1618 HDEBUG(D_host_lookup)
1619 debug_printf("%s does not match any IP address for %s\n",
1620 sender_host_address, save_hostname);
1622 /* This message must be in permanent store */
1624 old_pool = store_pool;
1625 store_pool = POOL_PERM;
1626 host_lookup_msg = string_sprintf(" (%s does not match any IP address for %s)",
1627 sender_host_address, save_hostname);
1628 store_pool = old_pool;
1629 host_lookup_failed = TRUE;
1636 /*************************************************
1637 * Find IP address(es) for host by name *
1638 *************************************************/
1640 /* The input is a host_item structure with the name filled in and the address
1641 field set to NULL. We use gethostbyname(). Of course, gethostbyname() may use
1642 the DNS, but it doesn't do MX processing. If more than one address is given,
1643 chain on additional host items, with other relevant fields copied.
1645 The second argument provides a host list (usually an IP list) of hosts to
1646 ignore. This makes it possible to ignore IPv6 link-local addresses or loopback
1647 addresses in unreasonable places.
1649 The lookup may result in a change of name. For compatibility with the dns
1650 lookup, return this via fully_qualified_name as well as updating the host item.
1651 The lookup may also yield more than one IP address, in which case chain on
1652 subsequent host_item structures.
1655 host a host item with the name and MX filled in;
1656 the address is to be filled in;
1657 multiple IP addresses cause other host items to be
1659 ignore_target_hosts a list of hosts to ignore
1660 fully_qualified_name if not NULL, set to point to host name for
1661 compatibility with host_find_bydns
1662 local_host_check TRUE if a check for the local host is wanted
1664 Returns: HOST_FIND_FAILED Failed to find the host or domain
1665 HOST_FIND_AGAIN Try again later
1666 HOST_FOUND Host found - data filled in
1667 HOST_FOUND_LOCAL Host found and is the local host
1671 host_find_byname(host_item *host, uschar *ignore_target_hosts,
1672 uschar **fully_qualified_name, BOOL local_host_check)
1674 int i, yield, times;
1676 host_item *last = NULL;
1677 BOOL temp_error = FALSE;
1682 /* If we are in the test harness, a name ending in .test.again.dns always
1683 forces a temporary error response. */
1685 if (running_in_test_harness)
1687 uschar *endname = host->name + Ustrlen(host->name);
1688 if (Ustrcmp(endname - 14, "test.again.dns") == 0)
1689 return HOST_FIND_AGAIN;
1692 /* In an IPv6 world, we need to scan for both kinds of address, so go round the
1693 loop twice. Note that we have ensured that AF_INET6 is defined even in an IPv4
1694 world, which makes for slightly tidier code. However, if dns_ipv4_lookup
1695 matches the domain, we also just do IPv4 lookups here (except when testing
1700 if (dns_ipv4_lookup != NULL &&
1701 match_isinlist(host->name, &dns_ipv4_lookup, 0, NULL, NULL, MCL_DOMAIN,
1703 { af = AF_INET; times = 1; }
1705 #endif /* STAND_ALONE */
1707 { af = AF_INET6; times = 2; }
1709 /* No IPv6 support */
1711 #else /* HAVE_IPV6 */
1713 #endif /* HAVE_IPV6 */
1715 /* Initialize the flag that gets set for DNS syntax check errors, so that the
1716 interface to this function can be similar to host_find_bydns. */
1718 host_find_failed_syntax = FALSE;
1720 /* Loop to look up both kinds of address in an IPv6 world */
1722 for (i = 1; i <= times;
1724 af = AF_INET, /* If 2 passes, IPv4 on the second */
1730 struct hostent *hostdata;
1733 #if HAVE_GETIPNODEBYNAME
1734 hostdata = getipnodebyname(CS host->name, af, 0, &error_num);
1736 hostdata = gethostbyname2(CS host->name, af);
1737 error_num = h_errno;
1740 hostdata = gethostbyname(CS host->name);
1741 error_num = h_errno;
1744 if (hostdata == NULL)
1749 case HOST_NOT_FOUND: error = US"HOST_NOT_FOUND"; break;
1750 case TRY_AGAIN: error = US"TRY_AGAIN"; break;
1751 case NO_RECOVERY: error = US"NO_RECOVERY"; break;
1752 case NO_DATA: error = US"NO_DATA"; break;
1753 #if NO_DATA != NO_ADDRESS
1754 case NO_ADDRESS: error = US"NO_ADDRESS"; break;
1756 default: error = US"?"; break;
1759 DEBUG(D_host_lookup) debug_printf("%s returned %d (%s)\n",
1761 #if HAVE_GETIPNODEBYNAME
1762 (af == AF_INET6)? "getipnodebyname(af=inet6)" : "getipnodebyname(af=inet)",
1764 (af == AF_INET6)? "gethostbyname2(af=inet6)" : "gethostbyname2(af=inet)",
1771 if (error_num == TRY_AGAIN || error_num == NO_RECOVERY) temp_error = TRUE;
1774 if ((hostdata->h_addr_list)[0] == NULL) continue;
1776 /* Replace the name with the fully qualified one if necessary, and fill in
1777 the fully_qualified_name pointer. */
1779 if (hostdata->h_name[0] != 0 &&
1780 Ustrcmp(host->name, hostdata->h_name) != 0)
1781 host->name = string_copy_dnsdomain((uschar *)hostdata->h_name);
1782 if (fully_qualified_name != NULL) *fully_qualified_name = host->name;
1784 /* Get the list of addresses. IPv4 and IPv6 addresses can be distinguished
1785 by their different lengths. Scan the list, ignoring any that are to be
1786 ignored, and build a chain from the rest. */
1788 ipv4_addr = hostdata->h_length == sizeof(struct in_addr);
1790 for (addrlist = USS hostdata->h_addr_list; *addrlist != NULL; addrlist++)
1792 uschar *text_address =
1793 host_ntoa(ipv4_addr? AF_INET:AF_INET6, *addrlist, NULL, NULL);
1796 if (ignore_target_hosts != NULL &&
1797 verify_check_this_host(&ignore_target_hosts, NULL, host->name,
1798 text_address, NULL) == OK)
1800 DEBUG(D_host_lookup)
1801 debug_printf("ignored host %s [%s]\n", host->name, text_address);
1806 /* If this is the first address, last == NULL and we put the data in the
1811 host->address = text_address;
1812 host->port = PORT_NONE;
1813 host->status = hstatus_unknown;
1814 host->why = hwhy_unknown;
1818 /* Else add further host item blocks for any other addresses, keeping
1823 host_item *next = store_get(sizeof(host_item));
1824 next->name = host->name;
1825 next->mx = host->mx;
1826 next->address = text_address;
1827 next->port = PORT_NONE;
1828 next->status = hstatus_unknown;
1829 next->why = hwhy_unknown;
1831 next->next = last->next;
1838 /* If no hosts were found, the address field in the original host block will be
1839 NULL. If temp_error is set, at least one of the lookups gave a temporary error,
1840 so we pass that back. */
1842 if (host->address == NULL)
1846 (message_id[0] == 0 && smtp_in != NULL)?
1847 string_sprintf("no IP address found for host %s (during %s)", host->name,
1848 smtp_get_connection_info()) :
1850 string_sprintf("no IP address found for host %s", host->name);
1852 HDEBUG(D_host_lookup) debug_printf("%s\n", msg);
1853 if (temp_error) return HOST_FIND_AGAIN;
1854 if (host_checking || !log_testing_mode)
1855 log_write(L_host_lookup_failed, LOG_MAIN, "%s", msg);
1856 return HOST_FIND_FAILED;
1859 /* Remove any duplicate IP addresses, then check to see if this is the local
1860 host if required. */
1862 host_remove_duplicates(host, &last);
1863 yield = local_host_check?
1864 host_scan_for_local_hosts(host, &last, NULL) : HOST_FOUND;
1866 /* When running in the test harness, sort into the order of addresses so as to
1867 get repeatability. */
1869 if (running_in_test_harness) sort_addresses(host, last);
1871 HDEBUG(D_host_lookup)
1874 if (fully_qualified_name != NULL)
1875 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
1876 debug_printf("%s looked up these IP addresses:\n",
1878 #if HAVE_GETIPNODEBYNAME
1887 for (h = host; h != last->next; h = h->next)
1888 debug_printf(" name=%s address=%s\n", h->name,
1889 (h->address == NULL)? US"<null>" : h->address);
1892 /* Return the found status. */
1899 /*************************************************
1900 * Fill in a host address from the DNS *
1901 *************************************************/
1903 /* Given a host item, with its name and mx fields set, and its address field
1904 set to NULL, fill in its IP address from the DNS. If it is multi-homed, create
1905 additional host items for the additional addresses, copying all the other
1906 fields, and randomizing the order.
1908 On IPv6 systems, A6 records are sought first (but only if support for A6 is
1909 configured - they may never become mainstream), then AAAA records are sought,
1910 and finally A records are sought as well.
1912 The host name may be changed if the DNS returns a different name - e.g. fully
1913 qualified or changed via CNAME. If fully_qualified_name is not NULL, dns_lookup
1914 ensures that it points to the fully qualified name. However, this is the fully
1915 qualified version of the original name; if a CNAME is involved, the actual
1916 canonical host name may be different again, and so we get it directly from the
1917 relevant RR. Note that we do NOT change the mx field of the host item in this
1918 function as it may be called to set the addresses of hosts taken from MX
1922 host points to the host item we're filling in
1923 lastptr points to pointer to last host item in a chain of
1924 host items (may be updated if host is last and gets
1925 extended because multihomed)
1926 ignore_target_hosts list of hosts to ignore
1927 allow_ip if TRUE, recognize an IP address and return it
1928 fully_qualified_name if not NULL, return fully qualified name here if
1929 the contents are different (i.e. it must be preset
1932 Returns: HOST_FIND_FAILED couldn't find A record
1933 HOST_FIND_AGAIN try again later
1934 HOST_FOUND found AAAA and/or A record(s)
1935 HOST_IGNORED found, but all IPs ignored
1939 set_address_from_dns(host_item *host, host_item **lastptr,
1940 uschar *ignore_target_hosts, BOOL allow_ip, uschar **fully_qualified_name)
1943 host_item *thishostlast = NULL; /* Indicates not yet filled in anything */
1944 BOOL v6_find_again = FALSE;
1947 /* If allow_ip is set, a name which is an IP address returns that value
1948 as its address. This is used for MX records when allow_mx_to_ip is set, for
1949 those sites that feel they have to flaunt the RFC rules. */
1951 if (allow_ip && string_is_ip_address(host->name, NULL) != 0)
1954 if (ignore_target_hosts != NULL &&
1955 verify_check_this_host(&ignore_target_hosts, NULL, host->name,
1956 host->name, NULL) == OK)
1957 return HOST_IGNORED;
1960 host->address = host->name;
1961 host->port = PORT_NONE;
1965 /* On an IPv6 system, go round the loop up to three times, looking for A6 and
1966 AAAA records the first two times. However, unless doing standalone testing, we
1967 force an IPv4 lookup if the domain matches dns_ipv4_lookup is set. Since A6
1968 records look like being abandoned, support them only if explicitly configured
1969 to do so. On an IPv4 system, go round the loop once only, looking only for A
1975 if (dns_ipv4_lookup != NULL &&
1976 match_isinlist(host->name, &dns_ipv4_lookup, 0, NULL, NULL, MCL_DOMAIN,
1978 i = 0; /* look up A records only */
1980 #endif /* STAND_ALONE */
1983 i = 2; /* look up A6 and AAAA and A records */
1985 i = 1; /* look up AAAA and A records */
1986 #endif /* SUPPORT_A6 */
1988 /* The IPv4 world */
1990 #else /* HAVE_IPV6 */
1991 i = 0; /* look up A records only */
1992 #endif /* HAVE_IPV6 */
1996 static int types[] = { T_A, T_AAAA, T_A6 };
1997 int type = types[i];
1998 int randoffset = (i == 0)? 500 : 0; /* Ensures v6 sorts before v4 */
2002 int rc = dns_lookup(&dnsa, host->name, type, fully_qualified_name);
2004 /* We want to return HOST_FIND_AGAIN if one of the A, A6, or AAAA lookups
2005 fails or times out, but not if another one succeeds. (In the early
2006 IPv6 days there are name servers that always fail on AAAA, but are happy
2007 to give out an A record. We want to proceed with that A record.) */
2009 if (rc != DNS_SUCCEED)
2011 if (i == 0) /* Just tried for an A record, i.e. end of loop */
2013 if (host->address != NULL) return HOST_FOUND; /* A6 or AAAA was found */
2014 if (rc == DNS_AGAIN || rc == DNS_FAIL || v6_find_again)
2015 return HOST_FIND_AGAIN;
2016 return HOST_FIND_FAILED; /* DNS_NOMATCH or DNS_NODATA */
2019 /* Tried for an A6 or AAAA record: remember if this was a temporary
2020 error, and look for the next record type. */
2022 if (rc != DNS_NOMATCH && rc != DNS_NODATA) v6_find_again = TRUE;
2026 /* Lookup succeeded: fill in the given host item with the first non-ignored
2027 address found; create additional items for any others. A single A6 record
2028 may generate more than one address. */
2030 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
2032 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2034 if (rr->type == type)
2036 /* dns_address *da = dns_address_from_rr(&dnsa, rr); */
2039 da = dns_address_from_rr(&dnsa, rr);
2041 DEBUG(D_host_lookup)
2044 debug_printf("no addresses extracted from A6 RR for %s\n",
2048 /* This loop runs only once for A and AAAA records, but may run
2049 several times for an A6 record that generated multiple addresses. */
2051 for (; da != NULL; da = da->next)
2054 if (ignore_target_hosts != NULL &&
2055 verify_check_this_host(&ignore_target_hosts, NULL,
2056 host->name, da->address, NULL) == OK)
2058 DEBUG(D_host_lookup)
2059 debug_printf("ignored host %s [%s]\n", host->name, da->address);
2064 /* If this is the first address, stick it in the given host block,
2065 and change the name if the returned RR has a different name. */
2067 if (thishostlast == NULL)
2069 if (strcmpic(host->name, rr->name) != 0)
2070 host->name = string_copy_dnsdomain(rr->name);
2071 host->address = da->address;
2072 host->port = PORT_NONE;
2073 host->sort_key = host->mx * 1000 + random_number(500) + randoffset;
2074 host->status = hstatus_unknown;
2075 host->why = hwhy_unknown;
2076 thishostlast = host;
2079 /* Not the first address. Check for, and ignore, duplicates. Then
2080 insert in the chain at a random point. */
2087 /* End of our local chain is specified by "thishostlast". */
2089 for (next = host;; next = next->next)
2091 if (Ustrcmp(CS da->address, next->address) == 0) break;
2092 if (next == thishostlast) { next = NULL; break; }
2094 if (next != NULL) continue; /* With loop for next address */
2096 /* Not a duplicate */
2098 new_sort_key = host->mx * 1000 + random_number(500) + randoffset;
2099 next = store_get(sizeof(host_item));
2101 /* New address goes first: insert the new block after the first one
2102 (so as not to disturb the original pointer) but put the new address
2103 in the original block. */
2105 if (new_sort_key < host->sort_key)
2109 host->address = da->address;
2110 host->port = PORT_NONE;
2111 host->sort_key = new_sort_key;
2112 if (thishostlast == host) thishostlast = next; /* Local last */
2113 if (*lastptr == host) *lastptr = next; /* Global last */
2116 /* Otherwise scan down the addresses for this host to find the
2117 one to insert after. */
2121 host_item *h = host;
2122 while (h != thishostlast)
2124 if (new_sort_key < h->next->sort_key) break;
2129 next->address = da->address;
2130 next->port = PORT_NONE;
2131 next->sort_key = new_sort_key;
2132 if (h == thishostlast) thishostlast = next; /* Local last */
2133 if (h == *lastptr) *lastptr = next; /* Global last */
2141 /* Control gets here only if the third lookup (the A record) succeeded.
2142 However, the address may not be filled in if it was ignored. */
2144 return (host->address == NULL)? HOST_IGNORED : HOST_FOUND;
2150 /*************************************************
2151 * Find IP addresses and names for host via DNS *
2152 *************************************************/
2154 /* The input is a host_item structure with the name filled in and the address
2155 field set to NULL. This may be in a chain of other host items. The lookup may
2156 result in more than one IP address, in which case we must created new host
2157 blocks for the additional addresses, and insert them into the chain. The
2158 original name may not be fully qualified. Use the fully_qualified_name argument
2159 to return the official name, as returned by the resolver.
2162 host point to initial host item
2163 ignore_target_hosts a list of hosts to ignore
2164 whichrrs flags indicating which RRs to look for:
2165 HOST_FIND_BY_SRV => look for SRV
2166 HOST_FIND_BY_MX => look for MX
2167 HOST_FIND_BY_A => look for A or AAAA
2168 also flags indicating how the lookup is done
2169 HOST_FIND_QUALIFY_SINGLE ) passed to the
2170 HOST_FIND_SEARCH_PARENTS ) resolver
2171 srv_service when SRV used, the service name
2172 srv_fail_domains DNS errors for these domains => assume nonexist
2173 mx_fail_domains DNS errors for these domains => assume nonexist
2174 fully_qualified_name if not NULL, return fully-qualified name
2175 removed set TRUE if local host was removed from the list
2177 Returns: HOST_FIND_FAILED Failed to find the host or domain;
2178 if there was a syntax error,
2179 host_find_failed_syntax is set.
2180 HOST_FIND_AGAIN Could not resolve at this time
2181 HOST_FOUND Host found
2182 HOST_FOUND_LOCAL The lowest MX record points to this
2183 machine, if MX records were found, or
2184 an A record that was found contains
2185 an address of the local host
2189 host_find_bydns(host_item *host, uschar *ignore_target_hosts, int whichrrs,
2190 uschar *srv_service, uschar *srv_fail_domains, uschar *mx_fail_domains,
2191 uschar **fully_qualified_name, BOOL *removed)
2193 host_item *h, *last;
2201 /* Set the default fully qualified name to the incoming name, initialize the
2202 resolver if necessary, set up the relevant options, and initialize the flag
2203 that gets set for DNS syntax check errors. */
2205 if (fully_qualified_name != NULL) *fully_qualified_name = host->name;
2206 dns_init((whichrrs & HOST_FIND_QUALIFY_SINGLE) != 0,
2207 (whichrrs & HOST_FIND_SEARCH_PARENTS) != 0);
2208 host_find_failed_syntax = FALSE;
2210 /* First, if requested, look for SRV records. The service name is given; we
2211 assume TCP progocol. DNS domain names are constrained to a maximum of 256
2212 characters, so the code below should be safe. */
2214 if ((whichrrs & HOST_FIND_BY_SRV) != 0)
2217 uschar *temp_fully_qualified_name = buffer;
2220 (void)sprintf(CS buffer, "_%s._tcp.%n%.256s", srv_service, &prefix_length,
2224 /* Search for SRV records. If the fully qualified name is different to
2225 the input name, pass back the new original domain, without the prepended
2228 rc = dns_lookup(&dnsa, buffer, ind_type, &temp_fully_qualified_name);
2229 if (temp_fully_qualified_name != buffer && fully_qualified_name != NULL)
2230 *fully_qualified_name = temp_fully_qualified_name + prefix_length;
2232 /* On DNS failures, we give the "try again" error unless the domain is
2233 listed as one for which we continue. */
2235 if (rc == DNS_FAIL || rc == DNS_AGAIN)
2237 if (match_isinlist(host->name, &srv_fail_domains, 0, NULL, NULL, MCL_DOMAIN,
2239 return HOST_FIND_AGAIN;
2240 DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
2241 "(domain in srv_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN");
2245 /* If we did not find any SRV records, search the DNS for MX records, if
2246 requested to do so. If the result is DNS_NOMATCH, it means there is no such
2247 domain, and there's no point in going on to look for address records with the
2248 same domain. The result will be DNS_NODATA if the domain exists but has no MX
2249 records. On DNS failures, we give the "try again" error unless the domain is
2250 listed as one for which we continue. */
2252 if (rc != DNS_SUCCEED && (whichrrs & HOST_FIND_BY_MX) != 0)
2255 rc = dns_lookup(&dnsa, host->name, ind_type, fully_qualified_name);
2256 if (rc == DNS_NOMATCH) return HOST_FIND_FAILED;
2257 if (rc == DNS_FAIL || rc == DNS_AGAIN)
2259 if (match_isinlist(host->name, &mx_fail_domains, 0, NULL, NULL, MCL_DOMAIN,
2261 return HOST_FIND_AGAIN;
2262 DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
2263 "(domain in mx_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN");
2267 /* If we haven't found anything yet, and we are requested to do so, try for an
2268 A or AAAA record. If we find it (or them) check to see that it isn't the local
2271 if (rc != DNS_SUCCEED)
2273 if ((whichrrs & HOST_FIND_BY_A) == 0)
2275 DEBUG(D_host_lookup) debug_printf("Address records are not being sought\n");
2276 return HOST_FIND_FAILED;
2279 last = host; /* End of local chainlet */
2281 host->port = PORT_NONE;
2282 rc = set_address_from_dns(host, &last, ignore_target_hosts, FALSE,
2283 fully_qualified_name);
2285 /* If one or more address records have been found, check that none of them
2286 are local. Since we know the host items all have their IP addresses
2287 inserted, host_scan_for_local_hosts() can only return HOST_FOUND or
2288 HOST_FOUND_LOCAL. We do not need to scan for duplicate IP addresses here,
2289 because set_address_from_dns() removes them. */
2291 if (rc == HOST_FOUND)
2292 rc = host_scan_for_local_hosts(host, &last, removed);
2294 if (rc == HOST_IGNORED) rc = HOST_FIND_FAILED; /* No special action */
2296 /* When running in the test harness, sort into the order of addresses so as
2297 to get repeatability. */
2299 if (running_in_test_harness) sort_addresses(host, last);
2301 DEBUG(D_host_lookup)
2304 if (host->address != NULL)
2306 if (fully_qualified_name != NULL)
2307 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
2308 for (h = host; h != last->next; h = h->next)
2309 debug_printf("%s %s mx=%d sort=%d %s\n", h->name,
2310 (h->address == NULL)? US"<null>" : h->address, h->mx, h->sort_key,
2311 (h->status >= hstatus_unusable)? US"*" : US"");
2318 /* We have found one or more MX or SRV records. Sort them according to
2319 precedence. Put the data for the first one into the existing host block, and
2320 insert new host_item blocks into the chain for the remainder. For equal
2321 precedences one is supposed to randomize the order. To make this happen, the
2322 sorting is actually done on the MX value * 1000 + a random number. This is put
2323 into a host field called sort_key.
2325 In the case of hosts with both IPv6 and IPv4 addresses, we want to choose the
2326 IPv6 address in preference. At this stage, we don't know what kind of address
2327 the host has. We choose a random number < 500; if later we find an A record
2328 first, we add 500 to the random number. Then for any other address records, we
2329 use random numbers in the range 0-499 for AAAA records and 500-999 for A
2332 At this point we remove any duplicates that point to the same host, retaining
2333 only the one with the lowest precedence. We cannot yet check for precedence
2334 greater than that of the local host, because that test cannot be properly done
2335 until the addresses have been found - an MX record may point to a name for this
2336 host which is not the primary hostname. */
2338 last = NULL; /* Indicates that not even the first item is filled yet */
2340 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
2342 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2345 int weight = 0; /* For SRV records */
2346 int port = PORT_NONE; /* For SRV records */
2347 uschar *s; /* MUST be unsigned for GETSHORT */
2350 if (rr->type != ind_type) continue;
2352 GETSHORT(precedence, s); /* Pointer s is advanced */
2354 /* For MX records, we use a random "weight" which causes multiple records of
2355 the same precedence to sort randomly. */
2357 if (ind_type == T_MX)
2359 weight = random_number(500);
2362 /* SRV records are specified with a port and a weight. The weight is used
2363 in a special algorithm. However, to start with, we just use it to order the
2364 records of equal priority (precedence). */
2368 GETSHORT(weight, s);
2372 /* Get the name of the host pointed to. */
2374 (void)dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, s,
2375 (DN_EXPAND_ARG4_TYPE)data, sizeof(data));
2377 /* Check that we haven't already got this host on the chain; if we have,
2378 keep only the lower precedence. This situation shouldn't occur, but you
2379 never know what junk might get into the DNS (and this case has been seen on
2380 more than one occasion). */
2382 if (last != NULL) /* This is not the first record */
2384 host_item *prev = NULL;
2386 for (h = host; h != last->next; prev = h, h = h->next)
2388 if (strcmpic(h->name, data) == 0)
2390 DEBUG(D_host_lookup)
2391 debug_printf("discarded duplicate host %s (MX=%d)\n", data,
2392 (precedence > h->mx)? precedence : h->mx);
2393 if (precedence >= h->mx) goto NEXT_MX_RR; /* Skip greater precedence */
2394 if (h == host) /* Override first item */
2397 host->sort_key = precedence * 1000 + weight;
2401 /* Unwanted host item is not the first in the chain, so we can get
2402 get rid of it by cutting it out. */
2404 prev->next = h->next;
2405 if (h == last) last = prev;
2411 /* If this is the first MX or SRV record, put the data into the existing host
2412 block. Otherwise, add a new block in the correct place; if it has to be
2413 before the first block, copy the first block's data to a new second block. */
2417 host->name = string_copy_dnsdomain(data);
2418 host->address = NULL;
2420 host->mx = precedence;
2421 host->sort_key = precedence * 1000 + weight;
2422 host->status = hstatus_unknown;
2423 host->why = hwhy_unknown;
2427 /* Make a new host item and seek the correct insertion place */
2431 int sort_key = precedence * 1000 + weight;
2432 host_item *next = store_get(sizeof(host_item));
2433 next->name = string_copy_dnsdomain(data);
2434 next->address = NULL;
2436 next->mx = precedence;
2437 next->sort_key = sort_key;
2438 next->status = hstatus_unknown;
2439 next->why = hwhy_unknown;
2442 /* Handle the case when we have to insert before the first item. */
2444 if (sort_key < host->sort_key)
2451 if (last == host) last = next;
2454 /* Else scan down the items we have inserted as part of this exercise;
2455 don't go further. */
2459 for (h = host; h != last; h = h->next)
2461 if (sort_key < h->next->sort_key)
2463 next->next = h->next;
2469 /* Join on after the last host item that's part of this
2470 processing if we haven't stopped sooner. */
2474 next->next = last->next;
2481 NEXT_MX_RR: continue;
2484 /* If the list of hosts was obtained from SRV records, there are two things to
2485 do. First, if there is only one host, and it's name is ".", it means there is
2486 no SMTP service at this domain. Otherwise, we have to sort the hosts of equal
2487 priority according to their weights, using an algorithm that is defined in RFC
2488 2782. The hosts are currently sorted by priority and weight. For each priority
2489 group we have to pick off one host and put it first, and then repeat for any
2490 remaining in the same priority group. */
2492 if (ind_type == T_SRV)
2496 if (host == last && host->name[0] == 0)
2498 DEBUG(D_host_lookup) debug_printf("the single SRV record is \".\"\n");
2499 return HOST_FIND_FAILED;
2502 DEBUG(D_host_lookup)
2504 debug_printf("original ordering of hosts from SRV records:\n");
2505 for (h = host; h != last->next; h = h->next)
2506 debug_printf(" %s P=%d W=%d\n", h->name, h->mx, h->sort_key % 1000);
2509 for (pptr = &host, h = host; h != last; pptr = &(h->next), h = h->next)
2514 /* Find the last following host that has the same precedence. At the same
2515 time, compute the sum of the weights and the running totals. These can be
2516 stored in the sort_key field. */
2518 for (hh = h; hh != last; hh = hh->next)
2520 int weight = hh->sort_key % 1000; /* was precedence * 1000 + weight */
2523 if (hh->mx != hh->next->mx) break;
2526 /* If there's more than one host at this precedence (priority), we need to
2527 pick one to go first. */
2533 int randomizer = random_number(sum + 1);
2535 for (ppptr = pptr, hhh = h;
2537 ppptr = &(hhh->next), hhh = hhh->next)
2539 if (hhh->sort_key >= randomizer) break;
2542 /* hhh now points to the host that should go first; ppptr points to the
2543 place that points to it. Unfortunately, if the start of the minilist is
2544 the start of the entire list, we can't just swap the items over, because
2545 we must not change the value of host, since it is passed in from outside.
2546 One day, this could perhaps be changed.
2548 The special case is fudged by putting the new item *second* in the chain,
2549 and then transferring the data between the first and second items. We
2550 can't just swap the first and the chosen item, because that would mean
2551 that an item with zero weight might no longer be first. */
2555 *ppptr = hhh->next; /* Cuts it out of the chain */
2559 host_item temp = *h;
2562 hhh->next = temp.next;
2568 hhh->next = h; /* The rest of the chain follows it */
2569 *pptr = hhh; /* It takes the place of h */
2570 h = hhh; /* It's now the start of this minilist */
2575 /* A host has been chosen to be first at this priority and h now points
2576 to this host. There may be others at the same priority, or others at a
2577 different priority. Before we leave this host, we need to put back a sort
2578 key of the traditional MX kind, in case this host is multihomed, because
2579 the sort key is used for ordering the multiple IP addresses. We do not need
2580 to ensure that these new sort keys actually reflect the order of the hosts,
2583 h->sort_key = h->mx * 1000 + random_number(500);
2584 } /* Move on to the next host */
2587 /* Now we have to ensure addresses exist for all the hosts. We have ensured
2588 above that the names in the host items are all unique. The addresses may have
2589 been returned in the additional data section of the DNS query. Because it is
2590 more expensive to scan the returned DNS records (because you have to expand the
2591 names) we do a single scan over them, and multiple scans of the chain of host
2592 items (which is typically only 3 or 4 long anyway.) Add extra host items for
2593 multi-homed hosts. */
2595 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ADDITIONAL);
2597 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2600 int status = hstatus_unknown;
2601 int why = hwhy_unknown;
2606 && rr->type != T_AAAA
2613 /* Find the first host that matches this record's name. If there isn't
2614 one, move on to the next RR. */
2616 for (h = host; h != last->next; h = h->next)
2617 { if (strcmpic(h->name, rr->name) == 0) break; }
2618 if (h == last->next) continue;
2620 /* For IPv4 addresses, add 500 to the random part of the sort key, to ensure
2621 they sort after IPv6 addresses. */
2623 randoffset = (rr->type == T_A)? 500 : 0;
2625 /* Get the list of textual addresses for this RR. There may be more than one
2626 if it is an A6 RR. Then loop to handle multiple addresses from an A6 record.
2627 If there are none, nothing will get done - the record is ignored. */
2629 for (da = dns_address_from_rr(&dnsa, rr); da != NULL; da = da->next)
2631 /* Set status for an ignorable host. */
2634 if (ignore_target_hosts != NULL &&
2635 verify_check_this_host(&ignore_target_hosts, NULL, h->name,
2636 da->address, NULL) == OK)
2638 DEBUG(D_host_lookup)
2639 debug_printf("ignored host %s [%s]\n", h->name, da->address);
2640 status = hstatus_unusable;
2645 /* If the address is already set for this host, it may be that
2646 we just have a duplicate DNS record. Alternatively, this may be
2647 a multi-homed host. Search all items with the same host name
2648 (they will all be together) and if this address is found, skip
2651 if (h->address != NULL)
2654 host_item *thishostlast;
2659 if (hh->address != NULL && Ustrcmp(CS da->address, hh->address) == 0)
2660 goto DNS_NEXT_RR; /* Need goto to escape from inner loop */
2664 while (hh != last->next && strcmpic(hh->name, rr->name) == 0);
2666 /* We have a multi-homed host, since we have a new address for
2667 an existing name. Create a copy of the current item, and give it
2668 the new address. RRs can be in arbitrary order, but one is supposed
2669 to randomize the addresses of multi-homed hosts, so compute a new
2670 sorting key and do that. [Latest SMTP RFC says not to randomize multi-
2671 homed hosts, but to rely on the resolver. I'm not happy about that -
2672 caching in the resolver will not rotate as often as the name server
2675 new_sort_key = h->mx * 1000 + random_number(500) + randoffset;
2676 hh = store_get(sizeof(host_item));
2678 /* New address goes first: insert the new block after the first one
2679 (so as not to disturb the original pointer) but put the new address
2680 in the original block. */
2682 if (new_sort_key < h->sort_key)
2684 *hh = *h; /* Note: copies the port */
2686 h->address = da->address;
2687 h->sort_key = new_sort_key;
2692 /* Otherwise scan down the addresses for this host to find the
2693 one to insert after. */
2697 while (h != thishostlast)
2699 if (new_sort_key < h->next->sort_key) break;
2702 *hh = *h; /* Note: copies the port */
2704 hh->address = da->address;
2705 hh->sort_key = new_sort_key;
2706 hh->status = status;
2710 if (h == last) last = hh; /* Inserted after last */
2713 /* The existing item doesn't have its address set yet, so just set it.
2714 Ensure that an IPv4 address gets its sort key incremented in case an IPv6
2715 address is found later. */
2719 h->address = da->address; /* Port should be set already */
2722 h->sort_key += randoffset;
2724 } /* Loop for addresses extracted from one RR */
2726 /* Carry on to the next RR. It would be nice to be able to be able to stop
2727 when every host on the list has an address, but we can't be sure there won't
2728 be an additional address for a multi-homed host further down the list, so
2729 we have to continue to the end. */
2731 DNS_NEXT_RR: continue;
2734 /* Set the default yield to failure */
2736 yield = HOST_FIND_FAILED;
2738 /* If we haven't found all the addresses in the additional section, we
2739 need to search for A or AAAA records explicitly. The names shouldn't point to
2740 CNAMES, but we use the general lookup function that handles them, just
2741 in case. If any lookup gives a soft error, change the default yield.
2743 For these DNS lookups, we must disable qualify_single and search_parents;
2744 otherwise invalid host names obtained from MX or SRV records can cause trouble
2745 if they happen to match something local. */
2747 dns_init(FALSE, FALSE);
2749 for (h = host; h != last->next; h = h->next)
2751 if (h->address != NULL || h->status == hstatus_unusable) continue;
2752 rc = set_address_from_dns(h, &last, ignore_target_hosts, allow_mx_to_ip, NULL);
2753 if (rc != HOST_FOUND)
2755 h->status = hstatus_unusable;
2756 if (rc == HOST_FIND_AGAIN)
2759 h->why = hwhy_deferred;
2762 h->why = (rc == HOST_IGNORED)? hwhy_ignored : hwhy_failed;
2766 /* Scan the list for any hosts that are marked unusable because they have
2767 been explicitly ignored, and remove them from the list, as if they did not
2768 exist. If we end up with just a single, ignored host, flatten its fields as if
2769 nothing was found. */
2771 if (ignore_target_hosts != NULL)
2773 host_item *prev = NULL;
2774 for (h = host; h != last->next; h = h->next)
2777 if (h->why != hwhy_ignored) /* Non ignored host, just continue */
2779 else if (prev == NULL) /* First host is ignored */
2781 if (h != last) /* First is not last */
2783 if (h->next == last) last = h; /* Overwrite it with next */
2784 *h = *(h->next); /* and reprocess it. */
2785 goto REDO; /* C should have redo, like Perl */
2788 else /* Ignored host is not first - */
2790 prev->next = h->next;
2791 if (h == last) last = prev;
2795 if (host->why == hwhy_ignored) host->address = NULL;
2798 /* There is still one complication in the case of IPv6. Although the code above
2799 arranges that IPv6 addresses take precedence over IPv4 addresses for multihomed
2800 hosts, it doesn't do this for addresses that apply to different hosts with the
2801 same MX precedence, because the sorting on MX precedence happens first. So we
2802 have to make another pass to check for this case. We ensure that, within a
2803 single MX preference value, IPv6 addresses come first. This can separate the
2804 addresses of a multihomed host, but that should not matter. */
2809 for (h = host; h != last; h = h->next)
2812 host_item *next = h->next;
2813 if (h->mx != next->mx || /* If next is different MX value */
2814 (h->sort_key % 1000) < 500 || /* OR this one is IPv6 */
2815 (next->sort_key % 1000) >= 500) /* OR next is IPv4 */
2816 continue; /* move on to next */
2818 temp.next = next->next;
2826 /* When running in the test harness, we want the hosts always to be in the same
2827 order so that the debugging output is the same and can be compared. Having a
2828 fixed set of "random" numbers doesn't actually achieve this, because the RRs
2829 come back from the resolver in a random order, so the non-random random numbers
2830 get used in a different order. We therefore have to sort the hosts that have
2831 the same MX values. We chose do to this by their name and then by IP address.
2832 The fact that the sort is slow matters not - this is testing only! */
2834 if (running_in_test_harness)
2840 for (h = host; h != last; h = h->next)
2842 int c = Ustrcmp(h->name, h->next->name);
2843 if (c == 0) c = Ustrcmp(h->address, h->next->address);
2844 if (h->mx == h->next->mx && c > 0)
2846 host_item *next = h->next;
2847 host_item temp = *h;
2848 temp.next = next->next;
2859 /* Remove any duplicate IP addresses and then scan the list of hosts for any
2860 whose IP addresses are on the local host. If any are found, all hosts with the
2861 same or higher MX values are removed. However, if the local host has the lowest
2862 numbered MX, then HOST_FOUND_LOCAL is returned. Otherwise, if at least one host
2863 with an IP address is on the list, HOST_FOUND is returned. Otherwise,
2864 HOST_FIND_FAILED is returned, but in this case do not update the yield, as it
2865 might have been set to HOST_FIND_AGAIN just above here. If not, it will already
2866 be HOST_FIND_FAILED. */
2868 host_remove_duplicates(host, &last);
2869 rc = host_scan_for_local_hosts(host, &last, removed);
2870 if (rc != HOST_FIND_FAILED) yield = rc;
2872 DEBUG(D_host_lookup)
2874 if (fully_qualified_name != NULL)
2875 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
2876 debug_printf("host_find_bydns yield = %s (%d); returned hosts:\n",
2877 (yield == HOST_FOUND)? "HOST_FOUND" :
2878 (yield == HOST_FOUND_LOCAL)? "HOST_FOUND_LOCAL" :
2879 (yield == HOST_FIND_AGAIN)? "HOST_FIND_AGAIN" :
2880 (yield == HOST_FIND_FAILED)? "HOST_FIND_FAILED" : "?",
2882 for (h = host; h != last->next; h = h->next)
2884 debug_printf(" %s %s MX=%d ", h->name,
2885 (h->address == NULL)? US"<null>" : h->address, h->mx);
2886 if (h->port != PORT_NONE) debug_printf("port=%d ", h->port);
2887 if (h->status >= hstatus_unusable) debug_printf("*");
2898 /*************************************************
2899 **************************************************
2900 * Stand-alone test program *
2901 **************************************************
2902 *************************************************/
2906 BOOL alldigits(uschar *buffer)
2908 if (!isdigit(*buffer)) return FALSE;
2909 if (*buffer == '0' && buffer[1] == 'x')
2912 while (isxdigit(*(++buffer)));
2914 else while (isdigit(*(++buffer)));
2915 return (*buffer == 0);
2918 int main(int argc, char **cargv)
2921 int whichrrs = HOST_FIND_BY_MX | HOST_FIND_BY_A;
2922 BOOL byname = FALSE;
2923 BOOL qualify_single = TRUE;
2924 BOOL search_parents = FALSE;
2925 uschar **argv = USS cargv;
2928 primary_hostname = US"";
2929 store_pool = POOL_MAIN;
2930 debug_selector = D_host_lookup|D_interface;
2931 debug_file = stdout;
2932 debug_fd = fileno(debug_file);
2934 printf("Exim stand-alone host functions test\n");
2936 host_find_interfaces();
2937 debug_selector = D_host_lookup | D_dns;
2939 if (argc > 1) primary_hostname = argv[1];
2941 /* So that debug level changes can be done first */
2943 dns_init(qualify_single, search_parents);
2945 printf("Testing host lookup\n");
2947 while (Ufgets(buffer, 256, stdin) != NULL)
2950 int len = Ustrlen(buffer);
2951 uschar *fully_qualified_name;
2953 while (len > 0 && isspace(buffer[len-1])) len--;
2956 if (Ustrcmp(buffer, "q") == 0) break;
2958 if (Ustrcmp(buffer, "byname") == 0) byname = TRUE;
2959 else if (Ustrcmp(buffer, "no_byname") == 0) byname = FALSE;
2960 else if (Ustrcmp(buffer, "a_only") == 0) whichrrs = HOST_FIND_BY_A;
2961 else if (Ustrcmp(buffer, "mx_only") == 0) whichrrs = HOST_FIND_BY_MX;
2962 else if (Ustrcmp(buffer, "srv_only") == 0) whichrrs = HOST_FIND_BY_SRV;
2963 else if (Ustrcmp(buffer, "srv+a") == 0)
2964 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_A;
2965 else if (Ustrcmp(buffer, "srv+mx") == 0)
2966 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_MX;
2967 else if (Ustrcmp(buffer, "srv+mx+a") == 0)
2968 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_MX | HOST_FIND_BY_A;
2969 else if (Ustrcmp(buffer, "qualify_single") == 0) qualify_single = TRUE;
2970 else if (Ustrcmp(buffer, "no_qualify_single") == 0) qualify_single = FALSE;
2971 else if (Ustrcmp(buffer, "search_parents") == 0) search_parents = TRUE;
2972 else if (Ustrcmp(buffer, "no_search_parents") == 0) search_parents = FALSE;
2973 else if (Ustrncmp(buffer, "retrans", 7) == 0)
2975 (void)sscanf(CS(buffer+8), "%d", &dns_retrans);
2976 _res.retrans = dns_retrans;
2978 else if (Ustrncmp(buffer, "retry", 5) == 0)
2980 (void)sscanf(CS(buffer+6), "%d", &dns_retry);
2981 _res.retry = dns_retry;
2983 else if (alldigits(buffer))
2985 debug_selector = Ustrtol(buffer, NULL, 0);
2986 _res.options &= ~RES_DEBUG;
2987 DEBUG(D_resolver) _res.options |= RES_DEBUG;
2991 int flags = whichrrs;
2997 h.status = hstatus_unknown;
2998 h.why = hwhy_unknown;
3001 if (qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
3002 if (search_parents) flags |= HOST_FIND_SEARCH_PARENTS;
3005 host_find_byname(&h, NULL, &fully_qualified_name, TRUE)
3007 host_find_bydns(&h, NULL, flags, US"smtp", NULL, NULL,
3008 &fully_qualified_name, NULL);
3010 if (rc == HOST_FIND_FAILED) printf("Failed\n");
3011 else if (rc == HOST_FIND_AGAIN) printf("Again\n");
3012 else if (rc == HOST_FOUND_LOCAL) printf("Local\n");
3018 printf("Testing host_aton\n");
3020 while (Ufgets(buffer, 256, stdin) != NULL)
3024 int len = Ustrlen(buffer);
3026 while (len > 0 && isspace(buffer[len-1])) len--;
3029 if (Ustrcmp(buffer, "q") == 0) break;
3031 len = host_aton(buffer, x);
3032 printf("length = %d ", len);
3033 for (i = 0; i < len; i++)
3035 printf("%04x ", (x[i] >> 16) & 0xffff);
3036 printf("%04x ", x[i] & 0xffff);
3043 printf("Testing host_name_lookup\n");
3045 while (Ufgets(buffer, 256, stdin) != NULL)
3047 int len = Ustrlen(buffer);
3048 while (len > 0 && isspace(buffer[len-1])) len--;
3050 if (Ustrcmp(buffer, "q") == 0) break;
3051 sender_host_address = buffer;
3052 sender_host_name = NULL;
3053 sender_host_aliases = NULL;
3054 host_lookup_msg = US"";
3055 host_lookup_failed = FALSE;
3056 if (host_name_lookup() == FAIL) /* Debug causes printing */
3057 printf("Lookup failed:%s\n", host_lookup_msg);
3065 #endif /* STAND_ALONE */
git://git.exim.org / exim.git / blob