|| !(trusted = expand_string(dns_trust_aa))
|| !*trusted
|| !(auth_name = dns_extract_auth_name(dnsa))
- || OK != match_isinlist(auth_name, &trusted, 0, NULL, NULL,
+ || OK != match_isinlist(auth_name, &trusted, 0, &domainlist_anchor, NULL,
MCL_DOMAIN, TRUE, NULL)
)
return FALSE;
val = e->data.val;
rc = e->expiry && e->expiry <= time(NULL) ? -1 : val;
-DEBUG(D_dns) debug_printf("DNS lookup of %.255s-%s: %scached value %s%s\n",
+DEBUG(D_dns) debug_printf("DNS lookup of %.255s (%s): %scached value %s%s\n",
name, dns_text_type(type),
rc == -1 ? "" : "using ",
- val == DNS_NOMATCH ? "DNS_NOMATCH" :
- val == DNS_NODATA ? "DNS_NODATA" :
- val == DNS_AGAIN ? "DNS_AGAIN" :
- val == DNS_FAIL ? "DNS_FAIL" : "??",
+ dns_rc_names[val],
rc == -1 ? " past valid time" : "");
return rc;
replacement value. (The only way to fix this properly would be to
re-implement res_search() and res_query() so that they don't muddle their
success and packet length return values.) For added safety we only reset
-the packet length if the packet header looks plausible. */
+the packet length if the packet header looks plausible.
-static void
+Return TRUE iff it seemed ok */
+
+static BOOL
fake_dnsa_len_for_fail(dns_answer * dnsa, int type)
{
const HEADER * h = (const HEADER *)dnsa->answer;
DEBUG(D_dns) debug_printf("faking res_search(%s) response length as %d\n",
dns_text_type(type), (int)sizeof(dnsa->answer));
dnsa->answerlen = sizeof(dnsa->answer);
+ return TRUE;
}
+DEBUG(D_dns) debug_printf("DNS: couldn't fake dnsa len\n");
+/* Maybe we should just do a second lookup for an SOA? */
+return FALSE;
}
{
dns_scan dnss;
-fake_dnsa_len_for_fail(dnsa, type);
+if (!fake_dnsa_len_for_fail(dnsa, type)) return 0;
for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
#ifndef STAND_ALONE
save_domain = deliver_domain;
deliver_domain = string_copy(name); /* set $domain */
- rc = match_isinlist(name, (const uschar **)&dns_again_means_nonexist, 0, NULL, NULL,
- MCL_DOMAIN, TRUE, NULL);
+ rc = match_isinlist(name, CUSS &dns_again_means_nonexist, 0,
+ &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
deliver_domain = save_domain;
if (rc != OK)
{
if (rc == DNS_NOMATCH)
{
- fake_dnsa_len_for_fail(dnsa, T_CSA);
+ if (!fake_dnsa_len_for_fail(dnsa, T_CSA)) return DNS_NOMATCH;
for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)