1 /* $Cambridge: exim/src/src/host.c,v 1.14 2005/09/16 14:44:11 ph10 Exp $ */
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
7 /* Copyright (c) University of Cambridge 1995 - 2005 */
8 /* See the file NOTICE for conditions of use and distribution. */
10 /* Functions for finding hosts, either by gethostbyname(), gethostbyaddr(), or
11 directly via the DNS. When IPv6 is supported, getipnodebyname() and
12 getipnodebyaddr() may be used instead of gethostbyname() and gethostbyaddr(),
13 if the newer functions are available. This module also contains various other
14 functions concerned with hosts and addresses, and a random number function,
15 used for randomizing hosts with equal MXs but available for use in other parts
22 /* Static variable for preserving the list of interface addresses in case it is
23 used more than once. */
25 static ip_address_item *local_interface_data = NULL;
28 #ifdef USE_INET_NTOA_FIX
29 /*************************************************
30 * Replacement for broken inet_ntoa() *
31 *************************************************/
33 /* On IRIX systems, gcc uses a different structure passing convention to the
34 native libraries. This causes inet_ntoa() to always yield 0.0.0.0 or
35 255.255.255.255. To get round this, we provide a private version of the
36 function here. It is used only if USE_INET_NTOA_FIX is set, which should happen
37 only when gcc is in use on an IRIX system. Code send to me by J.T. Breitner,
41 as seen in comp.sys.sgi.admin
43 August 2005: Apparently this is also needed for AIX systems; USE_INET_NTOA_FIX
44 should now be set for them as well.
46 Arguments: sa an in_addr structure
47 Returns: pointer to static text string
51 inet_ntoa(struct in_addr sa)
53 static uschar addr[20];
54 sprintf(addr, "%d.%d.%d.%d",
65 /*************************************************
66 * Random number generator *
67 *************************************************/
69 /* This is a simple pseudo-random number generator. It does not have to be
70 very good for the uses to which it is put. When running the regression tests,
71 start with a fixed seed.
74 limit: one more than the largest number required
76 Returns: a pseudo-random number in the range 0 to limit-1
80 random_number(int limit)
84 if (running_in_test_harness) random_seed = 42; else
86 int p = (int)getpid();
87 random_seed = (int)time(NULL) ^ ((p << 16) | p);
90 random_seed = 1103515245 * random_seed + 12345;
91 return (unsigned int)(random_seed >> 16) % limit;
96 /*************************************************
97 * Sort addresses when testing *
98 *************************************************/
100 /* This function is called only when running in the test harness. It sorts a
101 number of multihomed host IP addresses into the order, so as to get
102 repeatability. This doesn't have to be efficient. But don't interchange IPv4
106 This sorting is not necessary for the new test harness, because it
107 doesn't call the real DNS resolver, and its output is repeatable. However,
108 until the old test harness is discarded, we need to retain this capability.
109 The new harness is being developed towards the end of 2005. It will be some
110 time before it can do everything that the old one can do.
113 host -> the first host item
114 last -> the last host item
120 sort_addresses(host_item *host, host_item *last)
127 for (h = host; h != last; h = h->next)
129 if ((Ustrchr(h->address, ':') == NULL) !=
130 (Ustrchr(h->next->address, ':') == NULL))
132 if (Ustrcmp(h->address, h->next->address) > 0)
134 uschar *temp = h->address;
135 h->address = h->next->address;
136 h->next->address = temp;
145 /*************************************************
146 * Replace gethostbyname() when testing *
147 *************************************************/
149 /* This function is called instead of gethostbyname(), gethostbyname2(), or
150 getipnodebyname() when running in the test harness. It uses only the DNS to
151 look up the host name. In the new test harness, this means it will access only
152 the fake DNS resolver. In the old harness it will call the real resolver and
153 access the test zone.
156 name the host name or a textual IP address
157 af AF_INET or AF_INET6
158 error_num where to put an error code:
159 HOST_NOT_FOUND/TRY_AGAIN/NO_RECOVERY/NO_DATA
161 Returns: a hostent structure or NULL for an error
164 static struct hostent *
165 host_fake_gethostbyname(uschar *name, int af, int *error_num)
168 int alen = (af == AF_INET)? sizeof(struct in_addr):sizeof(struct in6_addr);
169 uschar *lname = name;
172 struct hostent *yield;
178 debug_printf("using host_fake_gethostbyname for %s (%s)\n", name,
179 (af == AF_INET)? "IPv4" : "IPv6");
181 if (Ustrcmp(name, "localhost") == 0)
182 lname = (af == AF_INET)? US"127.0.0.1" : US"::1";
184 /* Handle a literal IP address */
186 ipa = string_is_ip_address(lname, NULL);
189 if ((ipa == 4 && af == AF_INET) ||
190 (ipa == 6 && af == AF_INET6))
194 yield = store_get(sizeof(struct hostent));
195 alist = store_get(2 * sizeof(char *));
196 adds = store_get(alen);
197 yield->h_name = CS name;
198 yield->h_aliases = NULL;
199 yield->h_addrtype = af;
200 yield->h_length = alen;
201 yield->h_addr_list = CSS alist;
203 n = host_aton(lname, x);
204 for (i = 0; i < n; i++)
207 *adds++ = (y >> 24) & 255;
208 *adds++ = (y >> 16) & 255;
209 *adds++ = (y >> 8) & 255;
215 /* Wrong kind of literal address */
219 *error_num = HOST_NOT_FOUND;
224 /* Handle a host name */
228 int type = (af == AF_INET)? T_A:T_AAAA;
229 int rc = dns_lookup(&dnsa, lname, type, NULL);
234 case DNS_SUCCEED: break;
235 case DNS_NOMATCH: *error_num = HOST_NOT_FOUND; return NULL;
236 case DNS_NODATA: *error_num = NO_DATA; return NULL;
237 case DNS_AGAIN: *error_num = TRY_AGAIN; return NULL;
239 case DNS_FAIL: *error_num = NO_RECOVERY; return NULL;
242 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
244 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
246 if (rr->type == type) count++;
249 yield = store_get(sizeof(struct hostent));
250 alist = store_get((count + 1) * sizeof(char **));
251 adds = store_get(count *alen);
253 yield->h_name = CS name;
254 yield->h_aliases = NULL;
255 yield->h_addrtype = af;
256 yield->h_length = alen;
257 yield->h_addr_list = CSS alist;
259 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
261 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
266 if (rr->type != type) continue;
267 da = dns_address_from_rr(&dnsa, rr);
269 n = host_aton(da->address, x);
270 for (i = 0; i < n; i++)
273 *adds++ = (y >> 24) & 255;
274 *adds++ = (y >> 16) & 255;
275 *adds++ = (y >> 8) & 255;
287 /*************************************************
288 * Build chain of host items from list *
289 *************************************************/
291 /* This function builds a chain of host items from a textual list of host
292 names. It does not do any lookups. If randomize is true, the chain is build in
293 a randomized order. There may be multiple groups of independently randomized
294 hosts; they are delimited by a host name consisting of just "+".
297 anchor anchor for the chain
299 randomize TRUE for randomizing
305 host_build_hostlist(host_item **anchor, uschar *list, BOOL randomize)
308 int fake_mx = MX_NONE; /* This value is actually -1 */
312 if (list == NULL) return;
313 if (randomize) fake_mx--; /* Start at -2 for randomizing */
317 while ((name = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
321 if (name[0] == '+' && name[1] == 0) /* "+" delimits a randomized group */
322 { /* ignore if not randomizing */
323 if (randomize) fake_mx--;
327 h = store_get(sizeof(host_item));
328 h->name = string_copy(name);
332 h->sort_key = randomize? (-fake_mx)*1000 + random_number(1000) : 0;
333 h->status = hstatus_unknown;
334 h->why = hwhy_unknown;
344 host_item *hh = *anchor;
345 if (h->sort_key < hh->sort_key)
352 while (hh->next != NULL && h->sort_key >= (hh->next)->sort_key)
365 /*************************************************
366 * Extract port from address string *
367 *************************************************/
369 /* In the spool file, and in the -oMa and -oMi options, a host plus port is
370 given as an IP address followed by a dot and a port number. This function
373 An alternative format for the -oMa and -oMi options is [ip address]:port which
374 is what Exim 4 uses for output, because it seems to becoming commonly used,
375 whereas the dot form confuses some programs/people. So we recognize that form
379 address points to the string; if there is a port, the '.' in the string
380 is overwritten with zero to terminate the address; if the string
381 is in the [xxx]:ppp format, the address is shifted left and the
384 Returns: 0 if there is no port, else the port number. If there's a syntax
385 error, leave the incoming address alone, and return 0.
389 host_address_extract_port(uschar *address)
394 /* Handle the "bracketed with colon on the end" format */
398 uschar *rb = address + 1;
399 while (*rb != 0 && *rb != ']') rb++;
400 if (*rb++ == 0) return 0; /* Missing ]; leave invalid address */
403 port = Ustrtol(rb + 1, &endptr, 10);
404 if (*endptr != 0) return 0; /* Invalid port; leave invalid address */
406 else if (*rb != 0) return 0; /* Bad syntax; leave invalid address */
407 memmove(address, address + 1, rb - address - 2);
411 /* Handle the "dot on the end" format */
415 int skip = -3; /* Skip 3 dots in IPv4 addresses */
417 while (*(++address) != 0)
420 if (ch == ':') skip = 0; /* Skip 0 dots in IPv6 addresses */
421 else if (ch == '.' && skip++ >= 0) break;
423 if (*address == 0) return 0;
424 port = Ustrtol(address + 1, &endptr, 10);
425 if (*endptr != 0) return 0; /* Invalid port; leave invalid address */
433 /*************************************************
434 * Get port from a host item's name *
435 *************************************************/
437 /* This function is called when finding the IP address for a host that is in a
438 list of hosts explicitly configured, such as in the manualroute router, or in a
439 fallback hosts list. We see if there is a port specification at the end of the
440 host name, and if so, remove it. A minimum length of 3 is required for the
441 original name; nothing shorter is recognized as having a port.
443 We test for a name ending with a sequence of digits; if preceded by colon we
444 have a port if the character before the colon is ] and the name starts with [
445 or if there are no other colons in the name (i.e. it's not an IPv6 address).
447 Arguments: pointer to the host item
448 Returns: a port number or PORT_NONE
452 host_item_get_port(host_item *h)
456 int len = Ustrlen(h->name);
458 if (len < 3 || (p = h->name + len - 1, !isdigit(*p))) return PORT_NONE;
460 /* Extract potential port number */
465 while (p > h->name + 1 && isdigit(*p))
467 port += (*p-- - '0') * x;
471 /* The smallest value of p at this point is h->name + 1. */
473 if (*p != ':') return PORT_NONE;
475 if (p[-1] == ']' && h->name[0] == '[')
476 h->name = string_copyn(h->name + 1, p - h->name - 2);
477 else if (Ustrchr(h->name, ':') == p)
478 h->name = string_copyn(h->name, p - h->name);
479 else return PORT_NONE;
481 DEBUG(D_route|D_host_lookup) debug_printf("host=%s port=%d\n", h->name, port);
487 #ifndef STAND_ALONE /* Omit when standalone testing */
489 /*************************************************
490 * Build sender_fullhost and sender_rcvhost *
491 *************************************************/
493 /* This function is called when sender_host_name and/or sender_helo_name
494 have been set. Or might have been set - for a local message read off the spool
495 they won't be. In that case, do nothing. Otherwise, set up the fullhost string
498 (a) No sender_host_name or sender_helo_name: "[ip address]"
499 (b) Just sender_host_name: "host_name [ip address]"
500 (c) Just sender_helo_name: "(helo_name) [ip address]"
501 (d) The two are identical: "host_name [ip address]"
502 (e) The two are different: "host_name (helo_name) [ip address]"
504 If log_incoming_port is set, the sending host's port number is added to the IP
507 This function also builds sender_rcvhost for use in Received: lines, whose
508 syntax is a bit different. This value also includes the RFC 1413 identity.
509 There wouldn't be two different variables if I had got all this right in the
512 Because this data may survive over more than one incoming SMTP message, it has
513 to be in permanent store.
520 host_build_sender_fullhost(void)
523 int old_pool = store_pool;
525 if (sender_host_address == NULL) return;
527 store_pool = POOL_PERM;
529 /* Set up address, with or without the port. After discussion, it seems that
530 the only format that doesn't cause trouble is [aaaa]:pppp. However, we can't
531 use this directly as the first item for Received: because it ain't an RFC 2822
534 address = string_sprintf("[%s]:%d", sender_host_address, sender_host_port);
535 if ((log_extra_selector & LX_incoming_port) == 0 || sender_host_port <= 0)
536 *(Ustrrchr(address, ':')) = 0;
538 /* Host name is not verified */
540 if (sender_host_name == NULL)
542 uschar *portptr = Ustrstr(address, "]:");
545 int adlen; /* Sun compiler doesn't like ++ in initializers */
547 adlen = (portptr == NULL)? Ustrlen(address) : (++portptr - address);
548 sender_fullhost = (sender_helo_name == NULL)? address :
549 string_sprintf("(%s) %s", sender_helo_name, address);
551 sender_rcvhost = string_cat(NULL, &size, &ptr, address, adlen);
553 if (sender_ident != NULL || sender_helo_name != NULL || portptr != NULL)
556 sender_rcvhost = string_cat(sender_rcvhost, &size, &ptr, US" (", 2);
560 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2, US"port=",
563 if (sender_helo_name != NULL)
564 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2,
565 (firstptr == ptr)? US"helo=" : US" helo=", sender_helo_name);
567 if (sender_ident != NULL)
568 sender_rcvhost = string_append(sender_rcvhost, &size, &ptr, 2,
569 (firstptr == ptr)? US"ident=" : US" ident=", sender_ident);
571 sender_rcvhost = string_cat(sender_rcvhost, &size, &ptr, US")", 1);
574 sender_rcvhost[ptr] = 0; /* string_cat() always leaves room */
576 /* Release store, because string_cat allocated a minimum of 100 bytes that
577 are rarely completely used. */
579 store_reset(sender_rcvhost + ptr + 1);
582 /* Host name is known and verified. */
587 BOOL no_helo = FALSE;
589 /* Comparing a HELO name to a host name is easy */
591 if (sender_helo_name == NULL ||
592 strcmpic(sender_host_name, sender_helo_name) == 0)
595 /* If HELO/EHLO was followed by an IP literal, it's much more messy because
596 of two features of IPv6. Firstly, there's the "IPv6:" prefix (Exim is liberal
597 and doesn't require this, for historical reasons). Secondly, an IPv6 address
598 may not be given in canonical form, so we have to canonicize it before
599 comparing. As it happens, the code works for both IPv4 and IPv6. */
601 else if (sender_helo_name[0] == '[' &&
602 sender_helo_name[(len=Ustrlen(sender_helo_name))-1] == ']')
607 if (strncmpic(sender_helo_name+1, US"IPv6:",5) == 0) offset += 5;
608 helo_ip = string_copyn(sender_helo_name + offset, len - offset - 1);
610 if (string_is_ip_address(helo_ip, NULL) != 0)
614 size = host_aton(helo_ip, x);
615 helo_ip = store_get(48); /* large enough for full IPv6 */
616 (void)host_nmtoa(size, x, -1, helo_ip, ':');
617 if (strcmpic(helo_ip, sender_host_address) == 0) no_helo = TRUE;
623 sender_fullhost = string_sprintf("%s %s", sender_host_name, address);
624 sender_rcvhost = (sender_ident == NULL)?
625 string_sprintf("%s (%s)", sender_host_name, address) :
626 string_sprintf("%s (%s ident=%s)", sender_host_name, address,
631 sender_fullhost = string_sprintf("%s (%s) %s", sender_host_name,
632 sender_helo_name, address);
633 sender_rcvhost = (sender_ident == NULL)?
634 string_sprintf("%s (%s helo=%s)", sender_host_name,
635 address, sender_helo_name) :
636 string_sprintf("%s\n\t(%s helo=%s ident=%s)", sender_host_name,
637 address, sender_helo_name, sender_ident);
641 store_pool = old_pool;
643 DEBUG(D_host_lookup) debug_printf("sender_fullhost = %s\n", sender_fullhost);
644 DEBUG(D_host_lookup) debug_printf("sender_rcvhost = %s\n", sender_rcvhost);
649 /*************************************************
650 * Build host+ident message *
651 *************************************************/
653 /* Used when logging rejections and various ACL and SMTP incidents. The text
654 return depends on whether sender_fullhost and sender_ident are set or not:
656 no ident, no host => U=unknown
657 no ident, host set => H=sender_fullhost
658 ident set, no host => U=ident
659 ident set, host set => H=sender_fullhost U=ident
662 useflag TRUE if first item to be flagged (H= or U=); if there are two
663 items, the second is always flagged
665 Returns: pointer to a string in big_buffer
669 host_and_ident(BOOL useflag)
671 if (sender_fullhost == NULL)
673 (void)string_format(big_buffer, big_buffer_size, "%s%s", useflag? "U=" : "",
674 (sender_ident == NULL)? US"unknown" : sender_ident);
678 uschar *flag = useflag? US"H=" : US"";
679 uschar *iface = US"";
680 if ((log_extra_selector & LX_incoming_interface) != 0 &&
681 interface_address != NULL)
682 iface = string_sprintf(" I=[%s]:%d", interface_address, interface_port);
683 if (sender_ident == NULL)
684 (void)string_format(big_buffer, big_buffer_size, "%s%s%s",
685 flag, sender_fullhost, iface);
687 (void)string_format(big_buffer, big_buffer_size, "%s%s%s U=%s",
688 flag, sender_fullhost, iface, sender_ident);
693 #endif /* STAND_ALONE */
698 /*************************************************
699 * Build list of local interfaces *
700 *************************************************/
702 /* This function interprets the contents of the local_interfaces or
703 extra_local_interfaces options, and creates an ip_address_item block for each
704 item on the list. There is no special interpretation of any IP addresses; in
705 particular, 0.0.0.0 and ::0 are returned without modification. If any address
706 includes a port, it is set in the block. Otherwise the port value is set to
711 name the name of the option being expanded
713 Returns: a chain of ip_address_items, each containing to a textual
714 version of an IP address, and a port number (host order) or
715 zero if no port was given with the address
719 host_build_ifacelist(uschar *list, uschar *name)
724 ip_address_item *yield = NULL;
725 ip_address_item *last = NULL;
726 ip_address_item *next;
728 while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
730 int port = host_address_extract_port(s); /* Leaves just the IP address */
731 if (string_is_ip_address(s, NULL) == 0)
732 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Malformed IP address \"%s\" in %s",
735 /* This use of strcpy() is OK because we have checked that s is a valid IP
736 address above. The field in the ip_address_item is large enough to hold an
739 next = store_get(sizeof(ip_address_item));
741 Ustrcpy(next->address, s);
743 next->v6_include_v4 = FALSE;
745 if (yield == NULL) yield = last = next; else
759 /*************************************************
760 * Find addresses on local interfaces *
761 *************************************************/
763 /* This function finds the addresses of local IP interfaces. These are used
764 when testing for routing to the local host. As the function may be called more
765 than once, the list is preserved in permanent store, pointed to by a static
766 variable, to save doing the work more than once per process.
768 The generic list of interfaces is obtained by calling host_build_ifacelist()
769 for local_interfaces and extra_local_interfaces. This list scanned to remove
770 duplicates (which may exist with different ports - not relevant here). If
771 either of the wildcard IP addresses (0.0.0.0 and ::0) are encountered, they are
772 replaced by the appropriate (IPv4 or IPv6) list of actual local interfaces,
773 obtained from os_find_running_interfaces().
776 Returns: a chain of ip_address_items, each containing to a textual
777 version of an IP address; the port numbers are not relevant
781 /* First, a local subfunction to add an interface to a list in permanent store,
782 but only if there isn't a previous copy of that address on the list. */
784 static ip_address_item *
785 add_unique_interface(ip_address_item *list, ip_address_item *ipa)
787 ip_address_item *ipa2;
788 for (ipa2 = list; ipa2 != NULL; ipa2 = ipa2->next)
789 if (Ustrcmp(ipa2->address, ipa->address) == 0) return list;
790 ipa2 = store_get_perm(sizeof(ip_address_item));
797 /* This is the globally visible function */
800 host_find_interfaces(void)
802 ip_address_item *running_interfaces = NULL;
804 if (local_interface_data == NULL)
806 void *reset_item = store_get(0);
807 ip_address_item *dlist = host_build_ifacelist(local_interfaces,
808 US"local_interfaces");
809 ip_address_item *xlist = host_build_ifacelist(extra_local_interfaces,
810 US"extra_local_interfaces");
811 ip_address_item *ipa;
813 if (dlist == NULL) dlist = xlist; else
815 for (ipa = dlist; ipa->next != NULL; ipa = ipa->next);
819 for (ipa = dlist; ipa != NULL; ipa = ipa->next)
821 if (Ustrcmp(ipa->address, "0.0.0.0") == 0 ||
822 Ustrcmp(ipa->address, "::0") == 0)
824 ip_address_item *ipa2;
825 BOOL ipv6 = ipa->address[0] == ':';
826 if (running_interfaces == NULL)
827 running_interfaces = os_find_running_interfaces();
828 for (ipa2 = running_interfaces; ipa2 != NULL; ipa2 = ipa2->next)
830 if ((Ustrchr(ipa2->address, ':') != NULL) == ipv6)
831 local_interface_data = add_unique_interface(local_interface_data,
837 local_interface_data = add_unique_interface(local_interface_data, ipa);
840 debug_printf("Configured local interface: address=%s", ipa->address);
841 if (ipa->port != 0) debug_printf(" port=%d", ipa->port);
846 store_reset(reset_item);
849 return local_interface_data;
856 /*************************************************
857 * Convert network IP address to text *
858 *************************************************/
860 /* Given an IPv4 or IPv6 address in binary, convert it to a text
861 string and return the result in a piece of new store. The address can
862 either be given directly, or passed over in a sockaddr structure. Note
863 that this isn't the converse of host_aton() because of byte ordering
864 differences. See host_nmtoa() below.
867 type if < 0 then arg points to a sockaddr, else
868 either AF_INET or AF_INET6
869 arg points to a sockaddr if type is < 0, or
870 points to an IPv4 address (32 bits), or
871 points to an IPv6 address (128 bits),
872 in both cases, in network byte order
873 buffer if NULL, the result is returned in gotten store;
874 else points to a buffer to hold the answer
875 portptr points to where to put the port number, if non NULL; only
878 Returns: pointer to character string
882 host_ntoa(int type, const void *arg, uschar *buffer, int *portptr)
886 /* The new world. It is annoying that we have to fish out the address from
887 different places in the block, depending on what kind of address it is. It
888 is also a pain that inet_ntop() returns a const uschar *, whereas the IPv4
889 function inet_ntoa() returns just uschar *, and some picky compilers insist
890 on warning if one assigns a const uschar * to a uschar *. Hence the casts. */
893 uschar addr_buffer[46];
896 int family = ((struct sockaddr *)arg)->sa_family;
897 if (family == AF_INET6)
899 struct sockaddr_in6 *sk = (struct sockaddr_in6 *)arg;
900 yield = (uschar *)inet_ntop(family, &(sk->sin6_addr), CS addr_buffer,
901 sizeof(addr_buffer));
902 if (portptr != NULL) *portptr = ntohs(sk->sin6_port);
906 struct sockaddr_in *sk = (struct sockaddr_in *)arg;
907 yield = (uschar *)inet_ntop(family, &(sk->sin_addr), CS addr_buffer,
908 sizeof(addr_buffer));
909 if (portptr != NULL) *portptr = ntohs(sk->sin_port);
914 yield = (uschar *)inet_ntop(type, arg, CS addr_buffer, sizeof(addr_buffer));
917 /* If the result is a mapped IPv4 address, show it in V4 format. */
919 if (Ustrncmp(yield, "::ffff:", 7) == 0) yield += 7;
921 #else /* HAVE_IPV6 */
927 yield = US inet_ntoa(((struct sockaddr_in *)arg)->sin_addr);
928 if (portptr != NULL) *portptr = ntohs(((struct sockaddr_in *)arg)->sin_port);
931 yield = US inet_ntoa(*((struct in_addr *)arg));
934 /* If there is no buffer, put the string into some new store. */
936 if (buffer == NULL) return string_copy(yield);
938 /* Callers of this function with a non-NULL buffer must ensure that it is
939 large enough to hold an IPv6 address, namely, at least 46 bytes. That's what
940 makes this use of strcpy() OK. */
942 Ustrcpy(buffer, yield);
949 /*************************************************
950 * Convert address text to binary *
951 *************************************************/
953 /* Given the textual form of an IP address, convert it to binary in an
954 array of ints. IPv4 addresses occupy one int; IPv6 addresses occupy 4 ints.
955 The result has the first byte in the most significant byte of the first int. In
956 other words, the result is not in network byte order, but in host byte order.
957 As a result, this is not the converse of host_ntoa(), which expects network
958 byte order. See host_nmtoa() below.
961 address points to the textual address, checked for syntax
962 bin points to an array of 4 ints
964 Returns: the number of ints used
968 host_aton(uschar *address, int *bin)
973 /* Handle IPv6 address, which may end with an IPv4 address. It may also end
974 with a "scope", introduced by a percent sign. This code is NOT enclosed in #if
975 HAVE_IPV6 in order that IPv6 addresses are recognized even if IPv6 is not
978 if (Ustrchr(address, ':') != NULL)
981 uschar *component[8];
982 BOOL ipv4_ends = FALSE;
988 /* If the address starts with a colon, it will start with two colons.
989 Just lose the first one, which will leave a null first component. */
993 /* Split the address into components separated by colons. The input address
994 is supposed to be checked for syntax. There was a case where this was
995 overlooked; to guard against that happening again, check here and crash if
996 there are too many components. */
998 while (*p != 0 && *p != '%')
1000 int len = Ustrcspn(p, ":%");
1001 if (len == 0) nulloffset = ci;
1002 if (ci > 7) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
1003 "Internal error: invalid IPv6 address \"%s\" passed to host_aton()",
1005 component[ci++] = p;
1010 /* If the final component contains a dot, it is a trailing v4 address.
1011 As the syntax is known to be checked, just set up for a trailing
1012 v4 address and restrict the v6 part to 6 components. */
1014 if (Ustrchr(component[ci-1], '.') != NULL)
1016 address = component[--ci];
1022 /* If there are fewer than 6 or 8 components, we have to insert some
1023 more empty ones in the middle. */
1027 int insert_count = v6count - ci;
1028 for (i = v6count-1; i > nulloffset + insert_count; i--)
1029 component[i] = component[i - insert_count];
1030 while (i > nulloffset) component[i--] = US"";
1033 /* Now turn the components into binary in pairs and bung them
1034 into the vector of ints. */
1036 for (i = 0; i < v6count; i += 2)
1037 bin[i/2] = (Ustrtol(component[i], NULL, 16) << 16) +
1038 Ustrtol(component[i+1], NULL, 16);
1040 /* If there was no terminating v4 component, we are done. */
1042 if (!ipv4_ends) return 4;
1045 /* Handle IPv4 address */
1047 (void)sscanf(CS address, "%d.%d.%d.%d", x, x+1, x+2, x+3);
1048 bin[v4offset] = (x[0] << 24) + (x[1] << 16) + (x[2] << 8) + x[3];
1053 /*************************************************
1054 * Apply mask to an IP address *
1055 *************************************************/
1057 /* Mask an address held in 1 or 4 ints, with the ms bit in the ms bit of the
1061 count the number of ints
1062 binary points to the ints to be masked
1063 mask the count of ms bits to leave, or -1 if no masking
1069 host_mask(int count, int *binary, int mask)
1072 if (mask < 0) mask = 99999;
1073 for (i = 0; i < count; i++)
1076 if (mask == 0) wordmask = 0;
1079 wordmask = (-1) << (32 - mask);
1087 binary[i] &= wordmask;
1094 /*************************************************
1095 * Convert masked IP address in ints to text *
1096 *************************************************/
1098 /* We can't use host_ntoa() because it assumes the binary values are in network
1099 byte order, and these are the result of host_aton(), which puts them in ints in
1100 host byte order. Also, we really want IPv6 addresses to be in a canonical
1101 format, so we output them with no abbreviation. In a number of cases we can't
1102 use the normal colon separator in them because it terminates keys in lsearch
1103 files, so we want to use dot instead. There's an argument that specifies what
1104 to use for IPv6 addresses.
1107 count 1 or 4 (number of ints)
1108 binary points to the ints
1109 mask mask value; if < 0 don't add to result
1110 buffer big enough to hold the result
1111 sep component separator character for IPv6 addresses
1113 Returns: the number of characters placed in buffer, not counting
1118 host_nmtoa(int count, int *binary, int mask, uschar *buffer, int sep)
1121 uschar *tt = buffer;
1126 for (i = 24; i >= 0; i -= 8)
1128 sprintf(CS tt, "%d.", (j >> i) & 255);
1134 for (i = 0; i < 4; i++)
1137 sprintf(CS tt, "%04x%c%04x%c", (j >> 16) & 0xffff, sep, j & 0xffff, sep);
1142 tt--; /* lose final separator */
1148 sprintf(CS tt, "/%d", mask);
1157 /*************************************************
1158 * Check port for tls_on_connect *
1159 *************************************************/
1161 /* This function checks whether a given incoming port is configured for tls-
1162 on-connect. It is called from the daemon and from inetd handling. If the global
1163 option tls_on_connect is already set, all ports operate this way. Otherwise, we
1164 check the tls_on_connect_ports option for a list of ports.
1166 Argument: a port number
1167 Returns: TRUE or FALSE
1171 host_is_tls_on_connect_port(int port)
1175 uschar *list = tls_on_connect_ports;
1178 if (tls_on_connect) return TRUE;
1180 while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
1183 int lport = Ustrtol(s, &end, 10);
1184 if (*end != 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "tls_on_connect_ports "
1185 "contains \"%s\", which is not a port number: exim abandoned", s);
1186 if (lport == port) return TRUE;
1194 /*************************************************
1195 * Check whether host is in a network *
1196 *************************************************/
1198 /* This function checks whether a given IP address matches a pattern that
1199 represents either a single host, or a network (using CIDR notation). The caller
1200 of this function must check the syntax of the arguments before calling it.
1203 host string representation of the ip-address to check
1204 net string representation of the network, with optional CIDR mask
1205 maskoffset offset to the / that introduces the mask in the key
1206 zero if there is no mask
1209 TRUE the host is inside the network
1210 FALSE the host is NOT inside the network
1214 host_is_in_net(uschar *host, uschar *net, int maskoffset)
1220 int size = host_aton(net, address);
1223 /* No mask => all bits to be checked */
1225 if (maskoffset == 0) mlen = 99999; /* Big number */
1226 else mlen = Uatoi(net + maskoffset + 1);
1228 /* Convert the incoming address to binary. */
1230 insize = host_aton(host, incoming);
1232 /* Convert IPv4 addresses given in IPv6 compatible mode, which represent
1233 connections from IPv4 hosts to IPv6 hosts, that is, addresses of the form
1234 ::ffff:<v4address>, to IPv4 format. */
1236 if (insize == 4 && incoming[0] == 0 && incoming[1] == 0 &&
1237 incoming[2] == 0xffff)
1240 incoming[0] = incoming[3];
1243 /* No match if the sizes don't agree. */
1245 if (insize != size) return FALSE;
1247 /* Else do the masked comparison. */
1249 for (i = 0; i < size; i++)
1252 if (mlen == 0) mask = 0;
1255 mask = (-1) << (32 - mlen);
1263 if ((incoming[i] & mask) != (address[i] & mask)) return FALSE;
1271 /*************************************************
1272 * Scan host list for local hosts *
1273 *************************************************/
1275 /* Scan through a chain of addresses and check whether any of them is the
1276 address of an interface on the local machine. If so, remove that address and
1277 any previous ones with the same MX value, and all subsequent ones (which will
1278 have greater or equal MX values) from the chain. Note: marking them as unusable
1279 is NOT the right thing to do because it causes the hosts not to be used for
1280 other domains, for which they may well be correct.
1282 The hosts may be part of a longer chain; we only process those between the
1283 initial pointer and the "last" pointer.
1285 There is also a list of "pseudo-local" host names which are checked against the
1286 host names. Any match causes that host item to be treated the same as one which
1287 matches a local IP address.
1289 If the very first host is a local host, then all MX records had a precedence
1290 greater than or equal to that of the local host. Either there's a problem in
1291 the DNS, or an apparently remote name turned out to be an abbreviation for the
1292 local host. Give a specific return code, and let the caller decide what to do.
1293 Otherwise, give a success code if at least one host address has been found.
1296 host pointer to the first host in the chain
1297 lastptr pointer to pointer to the last host in the chain (may be updated)
1298 removed if not NULL, set TRUE if some local addresses were removed
1302 HOST_FOUND if there is at least one host with an IP address on the chain
1303 and an MX value less than any MX value associated with the
1305 HOST_FOUND_LOCAL if a local host is among the lowest-numbered MX hosts; when
1306 the host addresses were obtained from A records or
1307 gethostbyname(), the MX values are set to -1.
1308 HOST_FIND_FAILED if no valid hosts with set IP addresses were found
1312 host_scan_for_local_hosts(host_item *host, host_item **lastptr, BOOL *removed)
1314 int yield = HOST_FIND_FAILED;
1315 host_item *last = *lastptr;
1316 host_item *prev = NULL;
1319 if (removed != NULL) *removed = FALSE;
1321 if (local_interface_data == NULL) local_interface_data = host_find_interfaces();
1323 for (h = host; h != last->next; h = h->next)
1326 if (hosts_treat_as_local != NULL)
1329 uschar *save = deliver_domain;
1330 deliver_domain = h->name; /* set $domain */
1331 rc = match_isinlist(string_copylc(h->name), &hosts_treat_as_local, 0,
1332 &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
1333 deliver_domain = save;
1334 if (rc == OK) goto FOUND_LOCAL;
1338 /* It seems that on many operating systems, 0.0.0.0 is treated as a synonym
1339 for 127.0.0.1 and refers to the local host. We therefore force it always to
1340 be treated as local. */
1342 if (h->address != NULL)
1344 ip_address_item *ip;
1345 if (Ustrcmp(h->address, "0.0.0.0") == 0) goto FOUND_LOCAL;
1346 for (ip = local_interface_data; ip != NULL; ip = ip->next)
1347 if (Ustrcmp(h->address, ip->address) == 0) goto FOUND_LOCAL;
1348 yield = HOST_FOUND; /* At least one remote address has been found */
1351 /* Update prev to point to the last host item before any that have
1352 the same MX value as the one we have just considered. */
1354 if (h->next == NULL || h->next->mx != h->mx) prev = h;
1357 return yield; /* No local hosts found: return HOST_FOUND or HOST_FIND_FAILED */
1359 /* A host whose IP address matches a local IP address, or whose name matches
1360 something in hosts_treat_as_local has been found. */
1366 HDEBUG(D_host_lookup) debug_printf((h->mx >= 0)?
1367 "local host has lowest MX\n" :
1368 "local host found for non-MX address\n");
1369 return HOST_FOUND_LOCAL;
1372 HDEBUG(D_host_lookup)
1374 debug_printf("local host in host list - removed hosts:\n");
1375 for (h = prev->next; h != last->next; h = h->next)
1376 debug_printf(" %s %s %d\n", h->name, h->address, h->mx);
1379 if (removed != NULL) *removed = TRUE;
1380 prev->next = last->next;
1388 /*************************************************
1389 * Remove duplicate IPs in host list *
1390 *************************************************/
1392 /* You would think that administrators could set up their DNS records so that
1393 one ended up with a list of unique IP addresses after looking up A or MX
1394 records, but apparently duplication is common. So we scan such lists and
1395 remove the later duplicates. Note that we may get lists in which some host
1396 addresses are not set.
1399 host pointer to the first host in the chain
1400 lastptr pointer to pointer to the last host in the chain (may be updated)
1406 host_remove_duplicates(host_item *host, host_item **lastptr)
1408 while (host != *lastptr)
1410 if (host->address != NULL)
1412 host_item *h = host;
1413 while (h != *lastptr)
1415 if (h->next->address != NULL &&
1416 Ustrcmp(h->next->address, host->address) == 0)
1418 DEBUG(D_host_lookup) debug_printf("duplicate IP address %s (MX=%d) "
1419 "removed\n", host->address, h->next->mx);
1420 if (h->next == *lastptr) *lastptr = h;
1421 h->next = h->next->next;
1426 /* If the last item was removed, host may have become == *lastptr */
1427 if (host != *lastptr) host = host->next;
1434 /*************************************************
1435 * Find sender host name by gethostbyaddr() *
1436 *************************************************/
1438 /* This used to be the only way it was done, but it turns out that not all
1439 systems give aliases for calls to gethostbyaddr() - or one of the modern
1440 equivalents like getipnodebyaddr(). Fortunately, multiple PTR records are rare,
1441 but they can still exist. This function is now used only when a DNS lookup of
1442 the IP address fails, in order to give access to /etc/hosts.
1445 Returns: OK, DEFER, FAIL
1449 host_name_lookup_byaddr(void)
1453 struct hostent *hosts;
1454 struct in_addr addr;
1456 /* Lookup on IPv6 system */
1459 if (Ustrchr(sender_host_address, ':') != NULL)
1461 struct in6_addr addr6;
1462 if (inet_pton(AF_INET6, CS sender_host_address, &addr6) != 1)
1463 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "unable to parse \"%s\" as an "
1464 "IPv6 address", sender_host_address);
1465 #if HAVE_GETIPNODEBYADDR
1466 hosts = getipnodebyaddr(CS &addr6, sizeof(addr6), AF_INET6, &h_errno);
1468 hosts = gethostbyaddr(CS &addr6, sizeof(addr6), AF_INET6);
1473 if (inet_pton(AF_INET, CS sender_host_address, &addr) != 1)
1474 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "unable to parse \"%s\" as an "
1475 "IPv4 address", sender_host_address);
1476 #if HAVE_GETIPNODEBYADDR
1477 hosts = getipnodebyaddr(CS &addr, sizeof(addr), AF_INET, &h_errno);
1479 hosts = gethostbyaddr(CS &addr, sizeof(addr), AF_INET);
1483 /* Do lookup on IPv4 system */
1486 addr.s_addr = (S_ADDR_TYPE)inet_addr(CS sender_host_address);
1487 hosts = gethostbyaddr(CS(&addr), sizeof(addr), AF_INET);
1490 /* Failed to look up the host. */
1494 HDEBUG(D_host_lookup) debug_printf("IP address lookup failed: h_errno=%d\n",
1496 return (h_errno == TRY_AGAIN || h_errno == NO_RECOVERY) ? DEFER : FAIL;
1499 /* It seems there are some records in the DNS that yield an empty name. We
1500 treat this as non-existent. In some operating systems, this is returned as an
1501 empty string; in others as a single dot. */
1503 if (hosts->h_name[0] == 0 || hosts->h_name[0] == '.')
1505 HDEBUG(D_host_lookup) debug_printf("IP address lookup yielded an empty name: "
1506 "treated as non-existent host name\n");
1510 /* Copy and lowercase the name, which is in static storage in many systems.
1511 Put it in permanent memory. */
1513 s = (uschar *)hosts->h_name;
1514 len = Ustrlen(s) + 1;
1515 t = sender_host_name = store_get_perm(len);
1516 while (*s != 0) *t++ = tolower(*s++);
1519 /* If the host has aliases, build a copy of the alias list */
1521 if (hosts->h_aliases != NULL)
1524 uschar **aliases, **ptr;
1525 for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++) count++;
1526 ptr = sender_host_aliases = store_get_perm(count * sizeof(uschar *));
1527 for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++)
1529 uschar *s = *aliases;
1530 int len = Ustrlen(s) + 1;
1531 uschar *t = *ptr++ = store_get_perm(len);
1532 while (*s != 0) *t++ = tolower(*s++);
1543 /*************************************************
1544 * Find host name for incoming call *
1545 *************************************************/
1547 /* Put the name in permanent store, pointed to by sender_host_name. We also set
1548 up a list of alias names, pointed to by sender_host_alias. The list is
1549 NULL-terminated. The incoming address is in sender_host_address, either in
1550 dotted-quad form for IPv4 or in colon-separated form for IPv6.
1552 This function does a thorough check that the names it finds point back to the
1553 incoming IP address. Any that do not are discarded. Note that this is relied on
1554 by the ACL reverse_host_lookup check.
1556 On some systems, get{host,ipnode}byaddr() appears to do this internally, but
1557 this it not universally true. Also, for release 4.30, this function was changed
1558 to do a direct DNS lookup first, by default[1], because it turns out that that
1559 is the only guaranteed way to find all the aliases on some systems. My
1560 experiments indicate that Solaris gethostbyaddr() gives the aliases for but
1563 [1] The actual order is controlled by the host_lookup_order option.
1566 Returns: OK on success, the answer being placed in the global variable
1567 sender_host_name, with any aliases in a list hung off
1569 FAIL if no host name can be found
1570 DEFER if a temporary error was encountered
1572 The variable host_lookup_msg is set to an empty string on sucess, or to a
1573 reason for the failure otherwise, in a form suitable for tagging onto an error
1574 message, and also host_lookup_failed is set TRUE if the lookup failed. If there
1575 was a defer, host_lookup_deferred is set TRUE.
1577 Any dynamically constructed string for host_lookup_msg must be in permanent
1578 store, because it might be used for several incoming messages on the same SMTP
1582 host_name_lookup(void)
1586 uschar *hname, *save_hostname;
1590 uschar *list = host_lookup_order;
1595 host_lookup_deferred = host_lookup_failed = FALSE;
1597 HDEBUG(D_host_lookup)
1598 debug_printf("looking up host name for %s\n", sender_host_address);
1600 /* For testing the case when a lookup does not complete, we have a special
1601 reserved IP address. */
1603 if (running_in_test_harness &&
1604 Ustrcmp(sender_host_address, "99.99.99.99") == 0)
1606 HDEBUG(D_host_lookup)
1607 debug_printf("Test harness: host name lookup returns DEFER\n");
1608 host_lookup_deferred = TRUE;
1612 /* Do lookups directly in the DNS or via gethostbyaddr() (or equivalent), in
1613 the order specified by the host_lookup_order option. */
1615 while ((ordername = string_nextinlist(&list, &sep, buffer, sizeof(buffer)))
1618 if (strcmpic(ordername, US"bydns") == 0)
1620 dns_init(FALSE, FALSE);
1621 dns_build_reverse(sender_host_address, buffer);
1622 rc = dns_lookup(&dnsa, buffer, T_PTR, NULL);
1624 /* The first record we come across is used for the name; others are
1625 considered to be aliases. We have to scan twice, in order to find out the
1626 number of aliases. However, if all the names are empty, we will behave as
1627 if failure. (PTR records that yield empty names have been encountered in
1630 if (rc == DNS_SUCCEED)
1632 uschar **aptr = NULL;
1635 int old_pool = store_pool;
1637 store_pool = POOL_PERM; /* Save names in permanent storage */
1639 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
1641 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
1643 if (rr->type == T_PTR) count++;
1646 /* Get store for the list of aliases. For compatibility with
1647 gethostbyaddr, we make an empty list if there are none. */
1649 aptr = sender_host_aliases = store_get(count * sizeof(uschar *));
1651 /* Re-scan and extract the names */
1653 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
1655 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
1658 if (rr->type != T_PTR) continue;
1659 s = store_get(ssize);
1661 /* If an overlong response was received, the data will have been
1662 truncated and dn_expand may fail. */
1664 if (dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen,
1665 (uschar *)(rr->data), (DN_EXPAND_ARG4_TYPE)(s), ssize) < 0)
1667 log_write(0, LOG_MAIN, "host name alias list truncated for %s",
1668 sender_host_address);
1672 store_reset(s + Ustrlen(s) + 1);
1675 HDEBUG(D_host_lookup) debug_printf("IP address lookup yielded an "
1676 "empty name: treated as non-existent host name\n");
1679 if (sender_host_name == NULL) sender_host_name = s;
1681 while (*s != 0) { *s = tolower(*s); s++; }
1684 *aptr = NULL; /* End of alias list */
1685 store_pool = old_pool; /* Reset store pool */
1687 /* If we've found a names, break out of the "order" loop */
1689 if (sender_host_name != NULL) break;
1692 /* If the DNS lookup deferred, we must also defer. */
1694 if (rc == DNS_AGAIN)
1696 HDEBUG(D_host_lookup)
1697 debug_printf("IP address PTR lookup gave temporary error\n");
1698 host_lookup_deferred = TRUE;
1703 /* Do a lookup using gethostbyaddr() - or equivalent */
1705 else if (strcmpic(ordername, US"byaddr") == 0)
1707 HDEBUG(D_host_lookup)
1708 debug_printf("IP address lookup using gethostbyaddr()\n");
1709 rc = host_name_lookup_byaddr();
1712 host_lookup_deferred = TRUE;
1713 return rc; /* Can't carry on */
1715 if (rc == OK) break; /* Found a name */
1717 } /* Loop for bydns/byaddr scanning */
1719 /* If we have failed to find a name, return FAIL and log when required.
1720 NB host_lookup_msg must be in permanent store. */
1722 if (sender_host_name == NULL)
1724 if (host_checking || !log_testing_mode)
1725 log_write(L_host_lookup_failed, LOG_MAIN, "no host name found for IP "
1726 "address %s", sender_host_address);
1727 host_lookup_msg = US" (failed to find host name from IP address)";
1728 host_lookup_failed = TRUE;
1732 /* We have a host name. If we are running in the test harness, we want the host
1733 name and its alias to appear always the same way round. There are only ever two
1734 names in these tests. If one of them contains "alias", make sure it is second;
1735 otherwise put them in alphabetical order. */
1737 if (running_in_test_harness && *sender_host_aliases != NULL &&
1739 Ustrstr(sender_host_name, "alias") != NULL ||
1741 Ustrstr(*sender_host_aliases, "alias") == NULL &&
1742 Ustrcmp(sender_host_name, *sender_host_aliases) > 0
1746 uschar *temp = sender_host_name;
1747 sender_host_name = *sender_host_aliases;
1748 *sender_host_aliases = temp;
1751 /* Debug output what was found, after test harness swapping, for consistency */
1753 HDEBUG(D_host_lookup)
1755 uschar **aliases = sender_host_aliases;
1756 debug_printf("IP address lookup yielded %s\n", sender_host_name);
1757 while (*aliases != NULL) debug_printf(" alias %s\n", *aliases++);
1760 /* We need to verify that a forward lookup on the name we found does indeed
1761 correspond to the address. This is for security: in principle a malefactor who
1762 happened to own a reverse zone could set it to point to any names at all.
1764 This code was present in versions of Exim before 3.20. At that point I took it
1765 out because I thought that gethostbyaddr() did the check anyway. It turns out
1766 that this isn't always the case, so it's coming back in at 4.01. This version
1767 is actually better, because it also checks aliases.
1769 The code was made more robust at release 4.21. Prior to that, it accepted all
1770 the names if any of them had the correct IP address. Now the code checks all
1771 the names, and accepts only those that have the correct IP address. */
1773 save_hostname = sender_host_name; /* Save for error messages */
1774 aliases = sender_host_aliases;
1775 for (hname = sender_host_name; hname != NULL; hname = *aliases++)
1785 /* When called with the 5th argument FALSE, host_find_byname() won't return
1786 HOST_FOUND_LOCAL. If the incoming address is an IPv4 address expressed in
1787 IPv6 format, we must compare the IPv4 part to any IPv4 addresses. */
1789 if ((rc = host_find_byname(&h, NULL, NULL, FALSE)) == HOST_FOUND)
1792 uschar *address_ipv4 = (Ustrncmp(sender_host_address, "::ffff:", 7) == 0)?
1793 sender_host_address + 7 : sender_host_address;
1794 HDEBUG(D_host_lookup) debug_printf("checking addresses for %s\n", hname);
1795 for (hh = &h; hh != NULL; hh = hh->next)
1797 if ((Ustrcmp(hh->address, (Ustrchr(hh->address, ':') == NULL)?
1798 address_ipv4 : sender_host_address)) == 0)
1800 HDEBUG(D_host_lookup) debug_printf(" %s OK\n", hh->address);
1806 HDEBUG(D_host_lookup) debug_printf(" %s\n", hh->address);
1809 if (!ok) HDEBUG(D_host_lookup)
1810 debug_printf("no IP address for %s matched %s\n", hname,
1811 sender_host_address);
1813 else if (rc == HOST_FIND_AGAIN)
1815 HDEBUG(D_host_lookup) debug_printf("temporary error for host name lookup\n");
1816 host_lookup_deferred = TRUE;
1821 HDEBUG(D_host_lookup) debug_printf("no IP addresses found for %s\n", hname);
1824 /* If this name is no good, and it's the sender name, set it null pro tem;
1825 if it's an alias, just remove it from the list. */
1829 if (hname == sender_host_name) sender_host_name = NULL; else
1831 uschar **a; /* Don't amalgamate - some */
1832 a = --aliases; /* compilers grumble */
1833 while (*a != NULL) { *a = a[1]; a++; }
1838 /* If sender_host_name == NULL, it means we didn't like the name. Replace
1839 it with the first alias, if there is one. */
1841 if (sender_host_name == NULL && *sender_host_aliases != NULL)
1842 sender_host_name = *sender_host_aliases++;
1844 /* If we now have a main name, all is well. */
1846 if (sender_host_name != NULL) return OK;
1848 /* We have failed to find an address that matches. */
1850 HDEBUG(D_host_lookup)
1851 debug_printf("%s does not match any IP address for %s\n",
1852 sender_host_address, save_hostname);
1854 /* This message must be in permanent store */
1856 old_pool = store_pool;
1857 store_pool = POOL_PERM;
1858 host_lookup_msg = string_sprintf(" (%s does not match any IP address for %s)",
1859 sender_host_address, save_hostname);
1860 store_pool = old_pool;
1861 host_lookup_failed = TRUE;
1868 /*************************************************
1869 * Find IP address(es) for host by name *
1870 *************************************************/
1872 /* The input is a host_item structure with the name filled in and the address
1873 field set to NULL. We use gethostbyname(). Of course, gethostbyname() may use
1874 the DNS, but it doesn't do MX processing. If more than one address is given,
1875 chain on additional host items, with other relevant fields copied.
1877 The second argument provides a host list (usually an IP list) of hosts to
1878 ignore. This makes it possible to ignore IPv6 link-local addresses or loopback
1879 addresses in unreasonable places.
1881 The lookup may result in a change of name. For compatibility with the dns
1882 lookup, return this via fully_qualified_name as well as updating the host item.
1883 The lookup may also yield more than one IP address, in which case chain on
1884 subsequent host_item structures.
1887 host a host item with the name and MX filled in;
1888 the address is to be filled in;
1889 multiple IP addresses cause other host items to be
1891 ignore_target_hosts a list of hosts to ignore
1892 fully_qualified_name if not NULL, set to point to host name for
1893 compatibility with host_find_bydns
1894 local_host_check TRUE if a check for the local host is wanted
1896 Returns: HOST_FIND_FAILED Failed to find the host or domain
1897 HOST_FIND_AGAIN Try again later
1898 HOST_FOUND Host found - data filled in
1899 HOST_FOUND_LOCAL Host found and is the local host
1903 host_find_byname(host_item *host, uschar *ignore_target_hosts,
1904 uschar **fully_qualified_name, BOOL local_host_check)
1906 int i, yield, times;
1908 host_item *last = NULL;
1909 BOOL temp_error = FALSE;
1914 /* If we are in the test harness, a name ending in .test.again.dns always
1915 forces a temporary error response. */
1917 if (running_in_test_harness)
1919 uschar *endname = host->name + Ustrlen(host->name);
1920 if (Ustrcmp(endname - 14, "test.again.dns") == 0)
1921 return HOST_FIND_AGAIN;
1924 /* In an IPv6 world, we need to scan for both kinds of address, so go round the
1925 loop twice. Note that we have ensured that AF_INET6 is defined even in an IPv4
1926 world, which makes for slightly tidier code. However, if dns_ipv4_lookup
1927 matches the domain, we also just do IPv4 lookups here (except when testing
1932 if (dns_ipv4_lookup != NULL &&
1933 match_isinlist(host->name, &dns_ipv4_lookup, 0, NULL, NULL, MCL_DOMAIN,
1935 { af = AF_INET; times = 1; }
1937 #endif /* STAND_ALONE */
1939 { af = AF_INET6; times = 2; }
1941 /* No IPv6 support */
1943 #else /* HAVE_IPV6 */
1945 #endif /* HAVE_IPV6 */
1947 /* Initialize the flag that gets set for DNS syntax check errors, so that the
1948 interface to this function can be similar to host_find_bydns. */
1950 host_find_failed_syntax = FALSE;
1952 /* Loop to look up both kinds of address in an IPv6 world */
1954 for (i = 1; i <= times;
1956 af = AF_INET, /* If 2 passes, IPv4 on the second */
1962 struct hostent *hostdata;
1965 if (running_in_test_harness)
1966 hostdata = host_fake_gethostbyname(host->name, af, &error_num);
1969 #if HAVE_GETIPNODEBYNAME
1970 hostdata = getipnodebyname(CS host->name, af, 0, &error_num);
1972 hostdata = gethostbyname2(CS host->name, af);
1973 error_num = h_errno;
1977 #else /* not HAVE_IPV6 */
1978 if (running_in_test_harness)
1979 hostdata = host_fake_gethostbyname(host->name, AF_INET, &error_num);
1982 hostdata = gethostbyname(CS host->name);
1983 error_num = h_errno;
1985 #endif /* HAVE_IPV6 */
1987 if (hostdata == NULL)
1992 case HOST_NOT_FOUND: error = US"HOST_NOT_FOUND"; break;
1993 case TRY_AGAIN: error = US"TRY_AGAIN"; break;
1994 case NO_RECOVERY: error = US"NO_RECOVERY"; break;
1995 case NO_DATA: error = US"NO_DATA"; break;
1996 #if NO_DATA != NO_ADDRESS
1997 case NO_ADDRESS: error = US"NO_ADDRESS"; break;
1999 default: error = US"?"; break;
2002 DEBUG(D_host_lookup) debug_printf("%s returned %d (%s)\n",
2004 #if HAVE_GETIPNODEBYNAME
2005 (af == AF_INET6)? "getipnodebyname(af=inet6)" : "getipnodebyname(af=inet)",
2007 (af == AF_INET6)? "gethostbyname2(af=inet6)" : "gethostbyname2(af=inet)",
2014 if (error_num == TRY_AGAIN || error_num == NO_RECOVERY) temp_error = TRUE;
2017 if ((hostdata->h_addr_list)[0] == NULL) continue;
2019 /* Replace the name with the fully qualified one if necessary, and fill in
2020 the fully_qualified_name pointer. */
2022 if (hostdata->h_name[0] != 0 &&
2023 Ustrcmp(host->name, hostdata->h_name) != 0)
2024 host->name = string_copy_dnsdomain((uschar *)hostdata->h_name);
2025 if (fully_qualified_name != NULL) *fully_qualified_name = host->name;
2027 /* Get the list of addresses. IPv4 and IPv6 addresses can be distinguished
2028 by their different lengths. Scan the list, ignoring any that are to be
2029 ignored, and build a chain from the rest. */
2031 ipv4_addr = hostdata->h_length == sizeof(struct in_addr);
2033 for (addrlist = USS hostdata->h_addr_list; *addrlist != NULL; addrlist++)
2035 uschar *text_address =
2036 host_ntoa(ipv4_addr? AF_INET:AF_INET6, *addrlist, NULL, NULL);
2039 if (ignore_target_hosts != NULL &&
2040 verify_check_this_host(&ignore_target_hosts, NULL, host->name,
2041 text_address, NULL) == OK)
2043 DEBUG(D_host_lookup)
2044 debug_printf("ignored host %s [%s]\n", host->name, text_address);
2049 /* If this is the first address, last == NULL and we put the data in the
2054 host->address = text_address;
2055 host->port = PORT_NONE;
2056 host->status = hstatus_unknown;
2057 host->why = hwhy_unknown;
2061 /* Else add further host item blocks for any other addresses, keeping
2066 host_item *next = store_get(sizeof(host_item));
2067 next->name = host->name;
2068 next->mx = host->mx;
2069 next->address = text_address;
2070 next->port = PORT_NONE;
2071 next->status = hstatus_unknown;
2072 next->why = hwhy_unknown;
2074 next->next = last->next;
2081 /* If no hosts were found, the address field in the original host block will be
2082 NULL. If temp_error is set, at least one of the lookups gave a temporary error,
2083 so we pass that back. */
2085 if (host->address == NULL)
2089 (message_id[0] == 0 && smtp_in != NULL)?
2090 string_sprintf("no IP address found for host %s (during %s)", host->name,
2091 smtp_get_connection_info()) :
2093 string_sprintf("no IP address found for host %s", host->name);
2095 HDEBUG(D_host_lookup) debug_printf("%s\n", msg);
2096 if (temp_error) return HOST_FIND_AGAIN;
2097 if (host_checking || !log_testing_mode)
2098 log_write(L_host_lookup_failed, LOG_MAIN, "%s", msg);
2099 return HOST_FIND_FAILED;
2102 /* Remove any duplicate IP addresses, then check to see if this is the local
2103 host if required. */
2105 host_remove_duplicates(host, &last);
2106 yield = local_host_check?
2107 host_scan_for_local_hosts(host, &last, NULL) : HOST_FOUND;
2109 /* When running in the test harness, sort into the order of addresses so as to
2110 get repeatability. */
2112 if (running_in_test_harness) sort_addresses(host, last);
2114 HDEBUG(D_host_lookup)
2117 if (fully_qualified_name != NULL)
2118 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
2119 debug_printf("%s looked up these IP addresses:\n",
2121 #if HAVE_GETIPNODEBYNAME
2130 for (h = host; h != last->next; h = h->next)
2131 debug_printf(" name=%s address=%s\n", h->name,
2132 (h->address == NULL)? US"<null>" : h->address);
2135 /* Return the found status. */
2142 /*************************************************
2143 * Fill in a host address from the DNS *
2144 *************************************************/
2146 /* Given a host item, with its name and mx fields set, and its address field
2147 set to NULL, fill in its IP address from the DNS. If it is multi-homed, create
2148 additional host items for the additional addresses, copying all the other
2149 fields, and randomizing the order.
2151 On IPv6 systems, A6 records are sought first (but only if support for A6 is
2152 configured - they may never become mainstream), then AAAA records are sought,
2153 and finally A records are sought as well.
2155 The host name may be changed if the DNS returns a different name - e.g. fully
2156 qualified or changed via CNAME. If fully_qualified_name is not NULL, dns_lookup
2157 ensures that it points to the fully qualified name. However, this is the fully
2158 qualified version of the original name; if a CNAME is involved, the actual
2159 canonical host name may be different again, and so we get it directly from the
2160 relevant RR. Note that we do NOT change the mx field of the host item in this
2161 function as it may be called to set the addresses of hosts taken from MX
2165 host points to the host item we're filling in
2166 lastptr points to pointer to last host item in a chain of
2167 host items (may be updated if host is last and gets
2168 extended because multihomed)
2169 ignore_target_hosts list of hosts to ignore
2170 allow_ip if TRUE, recognize an IP address and return it
2171 fully_qualified_name if not NULL, return fully qualified name here if
2172 the contents are different (i.e. it must be preset
2175 Returns: HOST_FIND_FAILED couldn't find A record
2176 HOST_FIND_AGAIN try again later
2177 HOST_FOUND found AAAA and/or A record(s)
2178 HOST_IGNORED found, but all IPs ignored
2182 set_address_from_dns(host_item *host, host_item **lastptr,
2183 uschar *ignore_target_hosts, BOOL allow_ip, uschar **fully_qualified_name)
2186 host_item *thishostlast = NULL; /* Indicates not yet filled in anything */
2187 BOOL v6_find_again = FALSE;
2190 /* If allow_ip is set, a name which is an IP address returns that value
2191 as its address. This is used for MX records when allow_mx_to_ip is set, for
2192 those sites that feel they have to flaunt the RFC rules. */
2194 if (allow_ip && string_is_ip_address(host->name, NULL) != 0)
2197 if (ignore_target_hosts != NULL &&
2198 verify_check_this_host(&ignore_target_hosts, NULL, host->name,
2199 host->name, NULL) == OK)
2200 return HOST_IGNORED;
2203 host->address = host->name;
2204 host->port = PORT_NONE;
2208 /* On an IPv6 system, go round the loop up to three times, looking for A6 and
2209 AAAA records the first two times. However, unless doing standalone testing, we
2210 force an IPv4 lookup if the domain matches dns_ipv4_lookup is set. Since A6
2211 records look like being abandoned, support them only if explicitly configured
2212 to do so. On an IPv4 system, go round the loop once only, looking only for A
2217 if (dns_ipv4_lookup != NULL &&
2218 match_isinlist(host->name, &dns_ipv4_lookup, 0, NULL, NULL, MCL_DOMAIN,
2220 i = 0; /* look up A records only */
2222 #endif /* STAND_ALONE */
2225 i = 2; /* look up A6 and AAAA and A records */
2227 i = 1; /* look up AAAA and A records */
2228 #endif /* SUPPORT_A6 */
2230 /* The IPv4 world */
2232 #else /* HAVE_IPV6 */
2233 i = 0; /* look up A records only */
2234 #endif /* HAVE_IPV6 */
2238 static int types[] = { T_A, T_AAAA, T_A6 };
2239 int type = types[i];
2240 int randoffset = (i == 0)? 500 : 0; /* Ensures v6 sorts before v4 */
2244 int rc = dns_lookup(&dnsa, host->name, type, fully_qualified_name);
2246 /* We want to return HOST_FIND_AGAIN if one of the A, A6, or AAAA lookups
2247 fails or times out, but not if another one succeeds. (In the early
2248 IPv6 days there are name servers that always fail on AAAA, but are happy
2249 to give out an A record. We want to proceed with that A record.) */
2251 if (rc != DNS_SUCCEED)
2253 if (i == 0) /* Just tried for an A record, i.e. end of loop */
2255 if (host->address != NULL) return HOST_FOUND; /* A6 or AAAA was found */
2256 if (rc == DNS_AGAIN || rc == DNS_FAIL || v6_find_again)
2257 return HOST_FIND_AGAIN;
2258 return HOST_FIND_FAILED; /* DNS_NOMATCH or DNS_NODATA */
2261 /* Tried for an A6 or AAAA record: remember if this was a temporary
2262 error, and look for the next record type. */
2264 if (rc != DNS_NOMATCH && rc != DNS_NODATA) v6_find_again = TRUE;
2268 /* Lookup succeeded: fill in the given host item with the first non-ignored
2269 address found; create additional items for any others. A single A6 record
2270 may generate more than one address. */
2272 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
2274 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2276 if (rr->type == type)
2278 /* dns_address *da = dns_address_from_rr(&dnsa, rr); */
2281 da = dns_address_from_rr(&dnsa, rr);
2283 DEBUG(D_host_lookup)
2286 debug_printf("no addresses extracted from A6 RR for %s\n",
2290 /* This loop runs only once for A and AAAA records, but may run
2291 several times for an A6 record that generated multiple addresses. */
2293 for (; da != NULL; da = da->next)
2296 if (ignore_target_hosts != NULL &&
2297 verify_check_this_host(&ignore_target_hosts, NULL,
2298 host->name, da->address, NULL) == OK)
2300 DEBUG(D_host_lookup)
2301 debug_printf("ignored host %s [%s]\n", host->name, da->address);
2306 /* If this is the first address, stick it in the given host block,
2307 and change the name if the returned RR has a different name. */
2309 if (thishostlast == NULL)
2311 if (strcmpic(host->name, rr->name) != 0)
2312 host->name = string_copy_dnsdomain(rr->name);
2313 host->address = da->address;
2314 host->port = PORT_NONE;
2315 host->sort_key = host->mx * 1000 + random_number(500) + randoffset;
2316 host->status = hstatus_unknown;
2317 host->why = hwhy_unknown;
2318 thishostlast = host;
2321 /* Not the first address. Check for, and ignore, duplicates. Then
2322 insert in the chain at a random point. */
2329 /* End of our local chain is specified by "thishostlast". */
2331 for (next = host;; next = next->next)
2333 if (Ustrcmp(CS da->address, next->address) == 0) break;
2334 if (next == thishostlast) { next = NULL; break; }
2336 if (next != NULL) continue; /* With loop for next address */
2338 /* Not a duplicate */
2340 new_sort_key = host->mx * 1000 + random_number(500) + randoffset;
2341 next = store_get(sizeof(host_item));
2343 /* New address goes first: insert the new block after the first one
2344 (so as not to disturb the original pointer) but put the new address
2345 in the original block. */
2347 if (new_sort_key < host->sort_key)
2351 host->address = da->address;
2352 host->port = PORT_NONE;
2353 host->sort_key = new_sort_key;
2354 if (thishostlast == host) thishostlast = next; /* Local last */
2355 if (*lastptr == host) *lastptr = next; /* Global last */
2358 /* Otherwise scan down the addresses for this host to find the
2359 one to insert after. */
2363 host_item *h = host;
2364 while (h != thishostlast)
2366 if (new_sort_key < h->next->sort_key) break;
2371 next->address = da->address;
2372 next->port = PORT_NONE;
2373 next->sort_key = new_sort_key;
2374 if (h == thishostlast) thishostlast = next; /* Local last */
2375 if (h == *lastptr) *lastptr = next; /* Global last */
2383 /* Control gets here only if the third lookup (the A record) succeeded.
2384 However, the address may not be filled in if it was ignored. */
2386 return (host->address == NULL)? HOST_IGNORED : HOST_FOUND;
2392 /*************************************************
2393 * Find IP addresses and names for host via DNS *
2394 *************************************************/
2396 /* The input is a host_item structure with the name filled in and the address
2397 field set to NULL. This may be in a chain of other host items. The lookup may
2398 result in more than one IP address, in which case we must created new host
2399 blocks for the additional addresses, and insert them into the chain. The
2400 original name may not be fully qualified. Use the fully_qualified_name argument
2401 to return the official name, as returned by the resolver.
2404 host point to initial host item
2405 ignore_target_hosts a list of hosts to ignore
2406 whichrrs flags indicating which RRs to look for:
2407 HOST_FIND_BY_SRV => look for SRV
2408 HOST_FIND_BY_MX => look for MX
2409 HOST_FIND_BY_A => look for A or AAAA
2410 also flags indicating how the lookup is done
2411 HOST_FIND_QUALIFY_SINGLE ) passed to the
2412 HOST_FIND_SEARCH_PARENTS ) resolver
2413 srv_service when SRV used, the service name
2414 srv_fail_domains DNS errors for these domains => assume nonexist
2415 mx_fail_domains DNS errors for these domains => assume nonexist
2416 fully_qualified_name if not NULL, return fully-qualified name
2417 removed set TRUE if local host was removed from the list
2419 Returns: HOST_FIND_FAILED Failed to find the host or domain;
2420 if there was a syntax error,
2421 host_find_failed_syntax is set.
2422 HOST_FIND_AGAIN Could not resolve at this time
2423 HOST_FOUND Host found
2424 HOST_FOUND_LOCAL The lowest MX record points to this
2425 machine, if MX records were found, or
2426 an A record that was found contains
2427 an address of the local host
2431 host_find_bydns(host_item *host, uschar *ignore_target_hosts, int whichrrs,
2432 uschar *srv_service, uschar *srv_fail_domains, uschar *mx_fail_domains,
2433 uschar **fully_qualified_name, BOOL *removed)
2435 host_item *h, *last;
2443 /* Set the default fully qualified name to the incoming name, initialize the
2444 resolver if necessary, set up the relevant options, and initialize the flag
2445 that gets set for DNS syntax check errors. */
2447 if (fully_qualified_name != NULL) *fully_qualified_name = host->name;
2448 dns_init((whichrrs & HOST_FIND_QUALIFY_SINGLE) != 0,
2449 (whichrrs & HOST_FIND_SEARCH_PARENTS) != 0);
2450 host_find_failed_syntax = FALSE;
2452 /* First, if requested, look for SRV records. The service name is given; we
2453 assume TCP progocol. DNS domain names are constrained to a maximum of 256
2454 characters, so the code below should be safe. */
2456 if ((whichrrs & HOST_FIND_BY_SRV) != 0)
2459 uschar *temp_fully_qualified_name = buffer;
2462 (void)sprintf(CS buffer, "_%s._tcp.%n%.256s", srv_service, &prefix_length,
2466 /* Search for SRV records. If the fully qualified name is different to
2467 the input name, pass back the new original domain, without the prepended
2470 rc = dns_lookup(&dnsa, buffer, ind_type, &temp_fully_qualified_name);
2471 if (temp_fully_qualified_name != buffer && fully_qualified_name != NULL)
2472 *fully_qualified_name = temp_fully_qualified_name + prefix_length;
2474 /* On DNS failures, we give the "try again" error unless the domain is
2475 listed as one for which we continue. */
2477 if (rc == DNS_FAIL || rc == DNS_AGAIN)
2480 if (match_isinlist(host->name, &srv_fail_domains, 0, NULL, NULL, MCL_DOMAIN,
2483 return HOST_FIND_AGAIN;
2484 DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
2485 "(domain in srv_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN");
2489 /* If we did not find any SRV records, search the DNS for MX records, if
2490 requested to do so. If the result is DNS_NOMATCH, it means there is no such
2491 domain, and there's no point in going on to look for address records with the
2492 same domain. The result will be DNS_NODATA if the domain exists but has no MX
2493 records. On DNS failures, we give the "try again" error unless the domain is
2494 listed as one for which we continue. */
2496 if (rc != DNS_SUCCEED && (whichrrs & HOST_FIND_BY_MX) != 0)
2499 rc = dns_lookup(&dnsa, host->name, ind_type, fully_qualified_name);
2500 if (rc == DNS_NOMATCH) return HOST_FIND_FAILED;
2501 if (rc == DNS_FAIL || rc == DNS_AGAIN)
2504 if (match_isinlist(host->name, &mx_fail_domains, 0, NULL, NULL, MCL_DOMAIN,
2507 return HOST_FIND_AGAIN;
2508 DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
2509 "(domain in mx_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN");
2513 /* If we haven't found anything yet, and we are requested to do so, try for an
2514 A or AAAA record. If we find it (or them) check to see that it isn't the local
2517 if (rc != DNS_SUCCEED)
2519 if ((whichrrs & HOST_FIND_BY_A) == 0)
2521 DEBUG(D_host_lookup) debug_printf("Address records are not being sought\n");
2522 return HOST_FIND_FAILED;
2525 last = host; /* End of local chainlet */
2527 host->port = PORT_NONE;
2528 rc = set_address_from_dns(host, &last, ignore_target_hosts, FALSE,
2529 fully_qualified_name);
2531 /* If one or more address records have been found, check that none of them
2532 are local. Since we know the host items all have their IP addresses
2533 inserted, host_scan_for_local_hosts() can only return HOST_FOUND or
2534 HOST_FOUND_LOCAL. We do not need to scan for duplicate IP addresses here,
2535 because set_address_from_dns() removes them. */
2537 if (rc == HOST_FOUND)
2538 rc = host_scan_for_local_hosts(host, &last, removed);
2540 if (rc == HOST_IGNORED) rc = HOST_FIND_FAILED; /* No special action */
2542 /* When running in the test harness, sort into the order of addresses so as
2543 to get repeatability. */
2545 if (running_in_test_harness) sort_addresses(host, last);
2547 DEBUG(D_host_lookup)
2550 if (host->address != NULL)
2552 if (fully_qualified_name != NULL)
2553 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
2554 for (h = host; h != last->next; h = h->next)
2555 debug_printf("%s %s mx=%d sort=%d %s\n", h->name,
2556 (h->address == NULL)? US"<null>" : h->address, h->mx, h->sort_key,
2557 (h->status >= hstatus_unusable)? US"*" : US"");
2564 /* We have found one or more MX or SRV records. Sort them according to
2565 precedence. Put the data for the first one into the existing host block, and
2566 insert new host_item blocks into the chain for the remainder. For equal
2567 precedences one is supposed to randomize the order. To make this happen, the
2568 sorting is actually done on the MX value * 1000 + a random number. This is put
2569 into a host field called sort_key.
2571 In the case of hosts with both IPv6 and IPv4 addresses, we want to choose the
2572 IPv6 address in preference. At this stage, we don't know what kind of address
2573 the host has. We choose a random number < 500; if later we find an A record
2574 first, we add 500 to the random number. Then for any other address records, we
2575 use random numbers in the range 0-499 for AAAA records and 500-999 for A
2578 At this point we remove any duplicates that point to the same host, retaining
2579 only the one with the lowest precedence. We cannot yet check for precedence
2580 greater than that of the local host, because that test cannot be properly done
2581 until the addresses have been found - an MX record may point to a name for this
2582 host which is not the primary hostname. */
2584 last = NULL; /* Indicates that not even the first item is filled yet */
2586 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
2588 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2591 int weight = 0; /* For SRV records */
2592 int port = PORT_NONE; /* For SRV records */
2593 uschar *s; /* MUST be unsigned for GETSHORT */
2596 if (rr->type != ind_type) continue;
2598 GETSHORT(precedence, s); /* Pointer s is advanced */
2600 /* For MX records, we use a random "weight" which causes multiple records of
2601 the same precedence to sort randomly. */
2603 if (ind_type == T_MX)
2605 weight = random_number(500);
2608 /* SRV records are specified with a port and a weight. The weight is used
2609 in a special algorithm. However, to start with, we just use it to order the
2610 records of equal priority (precedence). */
2614 GETSHORT(weight, s);
2618 /* Get the name of the host pointed to. */
2620 (void)dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, s,
2621 (DN_EXPAND_ARG4_TYPE)data, sizeof(data));
2623 /* Check that we haven't already got this host on the chain; if we have,
2624 keep only the lower precedence. This situation shouldn't occur, but you
2625 never know what junk might get into the DNS (and this case has been seen on
2626 more than one occasion). */
2628 if (last != NULL) /* This is not the first record */
2630 host_item *prev = NULL;
2632 for (h = host; h != last->next; prev = h, h = h->next)
2634 if (strcmpic(h->name, data) == 0)
2636 DEBUG(D_host_lookup)
2637 debug_printf("discarded duplicate host %s (MX=%d)\n", data,
2638 (precedence > h->mx)? precedence : h->mx);
2639 if (precedence >= h->mx) goto NEXT_MX_RR; /* Skip greater precedence */
2640 if (h == host) /* Override first item */
2643 host->sort_key = precedence * 1000 + weight;
2647 /* Unwanted host item is not the first in the chain, so we can get
2648 get rid of it by cutting it out. */
2650 prev->next = h->next;
2651 if (h == last) last = prev;
2657 /* If this is the first MX or SRV record, put the data into the existing host
2658 block. Otherwise, add a new block in the correct place; if it has to be
2659 before the first block, copy the first block's data to a new second block. */
2663 host->name = string_copy_dnsdomain(data);
2664 host->address = NULL;
2666 host->mx = precedence;
2667 host->sort_key = precedence * 1000 + weight;
2668 host->status = hstatus_unknown;
2669 host->why = hwhy_unknown;
2673 /* Make a new host item and seek the correct insertion place */
2677 int sort_key = precedence * 1000 + weight;
2678 host_item *next = store_get(sizeof(host_item));
2679 next->name = string_copy_dnsdomain(data);
2680 next->address = NULL;
2682 next->mx = precedence;
2683 next->sort_key = sort_key;
2684 next->status = hstatus_unknown;
2685 next->why = hwhy_unknown;
2688 /* Handle the case when we have to insert before the first item. */
2690 if (sort_key < host->sort_key)
2697 if (last == host) last = next;
2700 /* Else scan down the items we have inserted as part of this exercise;
2701 don't go further. */
2705 for (h = host; h != last; h = h->next)
2707 if (sort_key < h->next->sort_key)
2709 next->next = h->next;
2715 /* Join on after the last host item that's part of this
2716 processing if we haven't stopped sooner. */
2720 next->next = last->next;
2727 NEXT_MX_RR: continue;
2730 /* If the list of hosts was obtained from SRV records, there are two things to
2731 do. First, if there is only one host, and it's name is ".", it means there is
2732 no SMTP service at this domain. Otherwise, we have to sort the hosts of equal
2733 priority according to their weights, using an algorithm that is defined in RFC
2734 2782. The hosts are currently sorted by priority and weight. For each priority
2735 group we have to pick off one host and put it first, and then repeat for any
2736 remaining in the same priority group. */
2738 if (ind_type == T_SRV)
2742 if (host == last && host->name[0] == 0)
2744 DEBUG(D_host_lookup) debug_printf("the single SRV record is \".\"\n");
2745 return HOST_FIND_FAILED;
2748 DEBUG(D_host_lookup)
2750 debug_printf("original ordering of hosts from SRV records:\n");
2751 for (h = host; h != last->next; h = h->next)
2752 debug_printf(" %s P=%d W=%d\n", h->name, h->mx, h->sort_key % 1000);
2755 for (pptr = &host, h = host; h != last; pptr = &(h->next), h = h->next)
2760 /* Find the last following host that has the same precedence. At the same
2761 time, compute the sum of the weights and the running totals. These can be
2762 stored in the sort_key field. */
2764 for (hh = h; hh != last; hh = hh->next)
2766 int weight = hh->sort_key % 1000; /* was precedence * 1000 + weight */
2769 if (hh->mx != hh->next->mx) break;
2772 /* If there's more than one host at this precedence (priority), we need to
2773 pick one to go first. */
2779 int randomizer = random_number(sum + 1);
2781 for (ppptr = pptr, hhh = h;
2783 ppptr = &(hhh->next), hhh = hhh->next)
2785 if (hhh->sort_key >= randomizer) break;
2788 /* hhh now points to the host that should go first; ppptr points to the
2789 place that points to it. Unfortunately, if the start of the minilist is
2790 the start of the entire list, we can't just swap the items over, because
2791 we must not change the value of host, since it is passed in from outside.
2792 One day, this could perhaps be changed.
2794 The special case is fudged by putting the new item *second* in the chain,
2795 and then transferring the data between the first and second items. We
2796 can't just swap the first and the chosen item, because that would mean
2797 that an item with zero weight might no longer be first. */
2801 *ppptr = hhh->next; /* Cuts it out of the chain */
2805 host_item temp = *h;
2808 hhh->next = temp.next;
2814 hhh->next = h; /* The rest of the chain follows it */
2815 *pptr = hhh; /* It takes the place of h */
2816 h = hhh; /* It's now the start of this minilist */
2821 /* A host has been chosen to be first at this priority and h now points
2822 to this host. There may be others at the same priority, or others at a
2823 different priority. Before we leave this host, we need to put back a sort
2824 key of the traditional MX kind, in case this host is multihomed, because
2825 the sort key is used for ordering the multiple IP addresses. We do not need
2826 to ensure that these new sort keys actually reflect the order of the hosts,
2829 h->sort_key = h->mx * 1000 + random_number(500);
2830 } /* Move on to the next host */
2833 /* Now we have to ensure addresses exist for all the hosts. We have ensured
2834 above that the names in the host items are all unique. The addresses may have
2835 been returned in the additional data section of the DNS query. Because it is
2836 more expensive to scan the returned DNS records (because you have to expand the
2837 names) we do a single scan over them, and multiple scans of the chain of host
2838 items (which is typically only 3 or 4 long anyway.) Add extra host items for
2839 multi-homed hosts. */
2841 for (rr = dns_next_rr(&dnsa, &dnss, RESET_ADDITIONAL);
2843 rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
2846 int status = hstatus_unknown;
2847 int why = hwhy_unknown;
2852 && rr->type != T_AAAA
2859 /* Find the first host that matches this record's name. If there isn't
2860 one, move on to the next RR. */
2862 for (h = host; h != last->next; h = h->next)
2863 { if (strcmpic(h->name, rr->name) == 0) break; }
2864 if (h == last->next) continue;
2866 /* For IPv4 addresses, add 500 to the random part of the sort key, to ensure
2867 they sort after IPv6 addresses. */
2869 randoffset = (rr->type == T_A)? 500 : 0;
2871 /* Get the list of textual addresses for this RR. There may be more than one
2872 if it is an A6 RR. Then loop to handle multiple addresses from an A6 record.
2873 If there are none, nothing will get done - the record is ignored. */
2875 for (da = dns_address_from_rr(&dnsa, rr); da != NULL; da = da->next)
2877 /* Set status for an ignorable host. */
2880 if (ignore_target_hosts != NULL &&
2881 verify_check_this_host(&ignore_target_hosts, NULL, h->name,
2882 da->address, NULL) == OK)
2884 DEBUG(D_host_lookup)
2885 debug_printf("ignored host %s [%s]\n", h->name, da->address);
2886 status = hstatus_unusable;
2891 /* If the address is already set for this host, it may be that
2892 we just have a duplicate DNS record. Alternatively, this may be
2893 a multi-homed host. Search all items with the same host name
2894 (they will all be together) and if this address is found, skip
2897 if (h->address != NULL)
2900 host_item *thishostlast;
2905 if (hh->address != NULL && Ustrcmp(CS da->address, hh->address) == 0)
2906 goto DNS_NEXT_RR; /* Need goto to escape from inner loop */
2910 while (hh != last->next && strcmpic(hh->name, rr->name) == 0);
2912 /* We have a multi-homed host, since we have a new address for
2913 an existing name. Create a copy of the current item, and give it
2914 the new address. RRs can be in arbitrary order, but one is supposed
2915 to randomize the addresses of multi-homed hosts, so compute a new
2916 sorting key and do that. [Latest SMTP RFC says not to randomize multi-
2917 homed hosts, but to rely on the resolver. I'm not happy about that -
2918 caching in the resolver will not rotate as often as the name server
2921 new_sort_key = h->mx * 1000 + random_number(500) + randoffset;
2922 hh = store_get(sizeof(host_item));
2924 /* New address goes first: insert the new block after the first one
2925 (so as not to disturb the original pointer) but put the new address
2926 in the original block. */
2928 if (new_sort_key < h->sort_key)
2930 *hh = *h; /* Note: copies the port */
2932 h->address = da->address;
2933 h->sort_key = new_sort_key;
2938 /* Otherwise scan down the addresses for this host to find the
2939 one to insert after. */
2943 while (h != thishostlast)
2945 if (new_sort_key < h->next->sort_key) break;
2948 *hh = *h; /* Note: copies the port */
2950 hh->address = da->address;
2951 hh->sort_key = new_sort_key;
2952 hh->status = status;
2956 if (h == last) last = hh; /* Inserted after last */
2959 /* The existing item doesn't have its address set yet, so just set it.
2960 Ensure that an IPv4 address gets its sort key incremented in case an IPv6
2961 address is found later. */
2965 h->address = da->address; /* Port should be set already */
2968 h->sort_key += randoffset;
2970 } /* Loop for addresses extracted from one RR */
2972 /* Carry on to the next RR. It would be nice to be able to be able to stop
2973 when every host on the list has an address, but we can't be sure there won't
2974 be an additional address for a multi-homed host further down the list, so
2975 we have to continue to the end. */
2977 DNS_NEXT_RR: continue;
2980 /* Set the default yield to failure */
2982 yield = HOST_FIND_FAILED;
2984 /* If we haven't found all the addresses in the additional section, we
2985 need to search for A or AAAA records explicitly. The names shouldn't point to
2986 CNAMES, but we use the general lookup function that handles them, just
2987 in case. If any lookup gives a soft error, change the default yield.
2989 For these DNS lookups, we must disable qualify_single and search_parents;
2990 otherwise invalid host names obtained from MX or SRV records can cause trouble
2991 if they happen to match something local. */
2993 dns_init(FALSE, FALSE);
2995 for (h = host; h != last->next; h = h->next)
2997 if (h->address != NULL || h->status == hstatus_unusable) continue;
2998 rc = set_address_from_dns(h, &last, ignore_target_hosts, allow_mx_to_ip, NULL);
2999 if (rc != HOST_FOUND)
3001 h->status = hstatus_unusable;
3002 if (rc == HOST_FIND_AGAIN)
3005 h->why = hwhy_deferred;
3008 h->why = (rc == HOST_IGNORED)? hwhy_ignored : hwhy_failed;
3012 /* Scan the list for any hosts that are marked unusable because they have
3013 been explicitly ignored, and remove them from the list, as if they did not
3014 exist. If we end up with just a single, ignored host, flatten its fields as if
3015 nothing was found. */
3017 if (ignore_target_hosts != NULL)
3019 host_item *prev = NULL;
3020 for (h = host; h != last->next; h = h->next)
3023 if (h->why != hwhy_ignored) /* Non ignored host, just continue */
3025 else if (prev == NULL) /* First host is ignored */
3027 if (h != last) /* First is not last */
3029 if (h->next == last) last = h; /* Overwrite it with next */
3030 *h = *(h->next); /* and reprocess it. */
3031 goto REDO; /* C should have redo, like Perl */
3034 else /* Ignored host is not first - */
3036 prev->next = h->next;
3037 if (h == last) last = prev;
3041 if (host->why == hwhy_ignored) host->address = NULL;
3044 /* There is still one complication in the case of IPv6. Although the code above
3045 arranges that IPv6 addresses take precedence over IPv4 addresses for multihomed
3046 hosts, it doesn't do this for addresses that apply to different hosts with the
3047 same MX precedence, because the sorting on MX precedence happens first. So we
3048 have to make another pass to check for this case. We ensure that, within a
3049 single MX preference value, IPv6 addresses come first. This can separate the
3050 addresses of a multihomed host, but that should not matter. */
3055 for (h = host; h != last; h = h->next)
3058 host_item *next = h->next;
3059 if (h->mx != next->mx || /* If next is different MX value */
3060 (h->sort_key % 1000) < 500 || /* OR this one is IPv6 */
3061 (next->sort_key % 1000) >= 500) /* OR next is IPv4 */
3062 continue; /* move on to next */
3064 temp.next = next->next;
3072 /* When running in the test harness, we want the hosts always to be in the same
3073 order so that the debugging output is the same and can be compared. Having a
3074 fixed set of "random" numbers doesn't actually achieve this, because the RRs
3075 come back from the resolver in a random order, so the non-random random numbers
3076 get used in a different order. We therefore have to sort the hosts that have
3077 the same MX values. We chose do to this by their name and then by IP address.
3078 The fact that the sort is slow matters not - this is testing only! */
3080 if (running_in_test_harness)
3086 for (h = host; h != last; h = h->next)
3088 int c = Ustrcmp(h->name, h->next->name);
3089 if (c == 0) c = Ustrcmp(h->address, h->next->address);
3090 if (h->mx == h->next->mx && c > 0)
3092 host_item *next = h->next;
3093 host_item temp = *h;
3094 temp.next = next->next;
3105 /* Remove any duplicate IP addresses and then scan the list of hosts for any
3106 whose IP addresses are on the local host. If any are found, all hosts with the
3107 same or higher MX values are removed. However, if the local host has the lowest
3108 numbered MX, then HOST_FOUND_LOCAL is returned. Otherwise, if at least one host
3109 with an IP address is on the list, HOST_FOUND is returned. Otherwise,
3110 HOST_FIND_FAILED is returned, but in this case do not update the yield, as it
3111 might have been set to HOST_FIND_AGAIN just above here. If not, it will already
3112 be HOST_FIND_FAILED. */
3114 host_remove_duplicates(host, &last);
3115 rc = host_scan_for_local_hosts(host, &last, removed);
3116 if (rc != HOST_FIND_FAILED) yield = rc;
3118 DEBUG(D_host_lookup)
3120 if (fully_qualified_name != NULL)
3121 debug_printf("fully qualified name = %s\n", *fully_qualified_name);
3122 debug_printf("host_find_bydns yield = %s (%d); returned hosts:\n",
3123 (yield == HOST_FOUND)? "HOST_FOUND" :
3124 (yield == HOST_FOUND_LOCAL)? "HOST_FOUND_LOCAL" :
3125 (yield == HOST_FIND_AGAIN)? "HOST_FIND_AGAIN" :
3126 (yield == HOST_FIND_FAILED)? "HOST_FIND_FAILED" : "?",
3128 for (h = host; h != last->next; h = h->next)
3130 debug_printf(" %s %s MX=%d ", h->name,
3131 (h->address == NULL)? US"<null>" : h->address, h->mx);
3132 if (h->port != PORT_NONE) debug_printf("port=%d ", h->port);
3133 if (h->status >= hstatus_unusable) debug_printf("*");
3144 /*************************************************
3145 **************************************************
3146 * Stand-alone test program *
3147 **************************************************
3148 *************************************************/
3152 int main(int argc, char **cargv)
3155 int whichrrs = HOST_FIND_BY_MX | HOST_FIND_BY_A;
3156 BOOL byname = FALSE;
3157 BOOL qualify_single = TRUE;
3158 BOOL search_parents = FALSE;
3159 uschar **argv = USS cargv;
3162 primary_hostname = US"";
3163 store_pool = POOL_MAIN;
3164 debug_selector = D_host_lookup|D_interface;
3165 debug_file = stdout;
3166 debug_fd = fileno(debug_file);
3168 printf("Exim stand-alone host functions test\n");
3170 host_find_interfaces();
3171 debug_selector = D_host_lookup | D_dns;
3173 if (argc > 1) primary_hostname = argv[1];
3175 /* So that debug level changes can be done first */
3177 dns_init(qualify_single, search_parents);
3179 printf("Testing host lookup\n");
3181 while (Ufgets(buffer, 256, stdin) != NULL)
3184 int len = Ustrlen(buffer);
3185 uschar *fully_qualified_name;
3187 while (len > 0 && isspace(buffer[len-1])) len--;
3190 if (Ustrcmp(buffer, "q") == 0) break;
3192 if (Ustrcmp(buffer, "byname") == 0) byname = TRUE;
3193 else if (Ustrcmp(buffer, "no_byname") == 0) byname = FALSE;
3194 else if (Ustrcmp(buffer, "a_only") == 0) whichrrs = HOST_FIND_BY_A;
3195 else if (Ustrcmp(buffer, "mx_only") == 0) whichrrs = HOST_FIND_BY_MX;
3196 else if (Ustrcmp(buffer, "srv_only") == 0) whichrrs = HOST_FIND_BY_SRV;
3197 else if (Ustrcmp(buffer, "srv+a") == 0)
3198 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_A;
3199 else if (Ustrcmp(buffer, "srv+mx") == 0)
3200 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_MX;
3201 else if (Ustrcmp(buffer, "srv+mx+a") == 0)
3202 whichrrs = HOST_FIND_BY_SRV | HOST_FIND_BY_MX | HOST_FIND_BY_A;
3203 else if (Ustrcmp(buffer, "qualify_single") == 0) qualify_single = TRUE;
3204 else if (Ustrcmp(buffer, "no_qualify_single") == 0) qualify_single = FALSE;
3205 else if (Ustrcmp(buffer, "search_parents") == 0) search_parents = TRUE;
3206 else if (Ustrcmp(buffer, "no_search_parents") == 0) search_parents = FALSE;
3207 else if (Ustrcmp(buffer, "test_harness") == 0)
3208 running_in_test_harness = !running_in_test_harness;
3209 else if (Ustrcmp(buffer, "res_debug") == 0)
3211 _res.options ^= RES_DEBUG;
3213 else if (Ustrncmp(buffer, "retrans", 7) == 0)
3215 (void)sscanf(CS(buffer+8), "%d", &dns_retrans);
3216 _res.retrans = dns_retrans;
3218 else if (Ustrncmp(buffer, "retry", 5) == 0)
3220 (void)sscanf(CS(buffer+6), "%d", &dns_retry);
3221 _res.retry = dns_retry;
3225 int flags = whichrrs;
3231 h.status = hstatus_unknown;
3232 h.why = hwhy_unknown;
3235 if (qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
3236 if (search_parents) flags |= HOST_FIND_SEARCH_PARENTS;
3239 host_find_byname(&h, NULL, &fully_qualified_name, TRUE)
3241 host_find_bydns(&h, NULL, flags, US"smtp", NULL, NULL,
3242 &fully_qualified_name, NULL);
3244 if (rc == HOST_FIND_FAILED) printf("Failed\n");
3245 else if (rc == HOST_FIND_AGAIN) printf("Again\n");
3246 else if (rc == HOST_FOUND_LOCAL) printf("Local\n");
3252 printf("Testing host_aton\n");
3254 while (Ufgets(buffer, 256, stdin) != NULL)
3258 int len = Ustrlen(buffer);
3260 while (len > 0 && isspace(buffer[len-1])) len--;
3263 if (Ustrcmp(buffer, "q") == 0) break;
3265 len = host_aton(buffer, x);
3266 printf("length = %d ", len);
3267 for (i = 0; i < len; i++)
3269 printf("%04x ", (x[i] >> 16) & 0xffff);
3270 printf("%04x ", x[i] & 0xffff);
3277 printf("Testing host_name_lookup\n");
3279 while (Ufgets(buffer, 256, stdin) != NULL)
3281 int len = Ustrlen(buffer);
3282 while (len > 0 && isspace(buffer[len-1])) len--;
3284 if (Ustrcmp(buffer, "q") == 0) break;
3285 sender_host_address = buffer;
3286 sender_host_name = NULL;
3287 sender_host_aliases = NULL;
3288 host_lookup_msg = US"";
3289 host_lookup_failed = FALSE;
3290 if (host_name_lookup() == FAIL) /* Debug causes printing */
3291 printf("Lookup failed:%s\n", host_lookup_msg);
3299 #endif /* STAND_ALONE */
git://git.exim.org / exim.git / blob