wip

[exim.git] / src / src / dns.c

diff --git a/src/src/dns.c b/src/src/dns.c
index 98c44b9f29225553941db47bcd5d93e33add3f46..217fe5f87167637958fc0afa585a519d5088fb89 100644 (file)
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -515,7 +515,7 @@ if (  !h->aa
    || !(trusted = expand_string(dns_trust_aa))
    || !*trusted
    || !(auth_name = dns_extract_auth_name(dnsa))
-   || OK != match_isinlist(auth_name, &trusted, 0, NULL, NULL,
+   || OK != match_isinlist(auth_name, &trusted, 0, &domainlist_anchor, NULL,
                            MCL_DOMAIN, TRUE, NULL)
    )
   return FALSE;
@@ -671,13 +671,10 @@ e = previous->data.ptr;
 val = e->data.val;
 rc = e->expiry && e->expiry <= time(NULL) ? -1 : val;
 
-DEBUG(D_dns) debug_printf("DNS lookup of %.255s-%s: %scached value %s%s\n",
+DEBUG(D_dns) debug_printf("DNS lookup of %.255s (%s): %scached value %s%s\n",
   name, dns_text_type(type),
   rc == -1 ? "" : "using ",
-    val == DNS_NOMATCH ? "DNS_NOMATCH" :
-    val == DNS_NODATA ? "DNS_NODATA" :
-    val == DNS_AGAIN ? "DNS_AGAIN" :
-    val == DNS_FAIL ? "DNS_FAIL" : "??",
+  dns_rc_names[val],
   rc == -1 ? " past valid time" : "");
 
 return rc;
@@ -694,9 +691,11 @@ packet length has been lost inside libresolv, so we have to guess a
 replacement value. (The only way to fix this properly would be to
 re-implement res_search() and res_query() so that they don't muddle their
 success and packet length return values.) For added safety we only reset
-the packet length if the packet header looks plausible. */
+the packet length if the packet header looks plausible.
 
-static void
+Return TRUE iff it seemed ok */
+
+static BOOL
 fake_dnsa_len_for_fail(dns_answer * dnsa, int type)
 {
 const HEADER * h = (const HEADER *)dnsa->answer;
@@ -713,7 +712,11 @@ if (  h->qr == 1                           /* a response */
   DEBUG(D_dns) debug_printf("faking res_search(%s) response length as %d\n",
     dns_text_type(type), (int)sizeof(dnsa->answer));
   dnsa->answerlen = sizeof(dnsa->answer);
+  return TRUE;
   }
+DEBUG(D_dns) debug_printf("DNS: couldn't fake dnsa len\n");
+/* Maybe we should just do a second lookup for an SOA? */
+return FALSE;
 }
 
 
@@ -727,7 +730,7 @@ dns_expire_from_soa(dns_answer * dnsa, int type)
 {
 dns_scan dnss;
 
-fake_dnsa_len_for_fail(dnsa, type);
+if (!fake_dnsa_len_for_fail(dnsa, type)) return 0;
 
 for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
      rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
@@ -907,8 +910,8 @@ if (dnsa->answerlen < 0) switch (h_errno)
 #ifndef STAND_ALONE
     save_domain = deliver_domain;
     deliver_domain = string_copy(name);  /* set $domain */
-    rc = match_isinlist(name, (const uschar **)&dns_again_means_nonexist, 0, NULL, NULL,
-      MCL_DOMAIN, TRUE, NULL);
+    rc = match_isinlist(name, CUSS &dns_again_means_nonexist, 0,
+      &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
     deliver_domain = save_domain;
     if (rc != OK)
       {
@@ -1204,7 +1207,7 @@ switch (type)
 
     if (rc == DNS_NOMATCH)
       {
-      fake_dnsa_len_for_fail(dnsa, T_CSA);
+      if (!fake_dnsa_len_for_fail(dnsa, T_CSA)) return DNS_NOMATCH;
 
       for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
           rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)