GnuTLS: lose DH-param setup, for recent library versions where no longer needed

[exim.git] / src / src / dns.c

diff --git a/src/src/dns.c b/src/src/dns.c
index ece6524d60d877a017e1de8978ca7403fa54a225..4750f1b5210ef536dc8e9711b0c8960cfae5a3ec 100644 (file)
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -616,8 +616,10 @@ Arguments:
 Returns:     the return code
 */
 
 Returns:     the return code
 */
 

-/*XXX the derivation of this value needs explaining */
+/* we need:  255 +1 + (max(typetext) == 5) +1 + max(chars_for_long-max) +1 */

 #define DNS_FAILTAG_MAX 290
 #define DNS_FAILTAG_MAX 290

+#define DNS_FAILNODE_SIZE \
+  (sizeof(expiring_data) + sizeof(tree_node) + DNS_FAILTAG_MAX)

 
 static int
 dns_fail_return(const uschar * name, int type, time_t expiry, int rc)
 
 static int
 dns_fail_return(const uschar * name, int type, time_t expiry, int rc)


@@ -631,11 +633,9 @@ if ((previous = tree_search(tree_dns_fails, node_name)))
   e = previous->data.ptr;
 else
   {
   e = previous->data.ptr;
 else
   {

-  new = store_get_perm(
-    sizeof(tree_node) + DNS_FAILTAG_MAX + sizeof(expiring_data), is_tainted(name));
-
+  e = store_get_perm(DNS_FAILNODE_SIZE, is_tainted(name));
+  new = (void *)(e+1);

   dns_fail_tag(new->name, name, type);
   dns_fail_tag(new->name, name, type);

-  e = (expiring_data *)((char *)new + sizeof(tree_node) + DNS_FAILTAG_MAX);

   new->data.ptr = e;
   (void)tree_insertnode(&tree_dns_fails, new);
   }
   new->data.ptr = e;
   (void)tree_insertnode(&tree_dns_fails, new);
   }


@@ -818,34 +818,17 @@ regex has substrings that are used - the default uses a conditional.
 
 This test is omitted for PTR records. These occur only in calls from the dnsdb
 lookup, which constructs the names itself, so they should be OK. Besides,
 
 This test is omitted for PTR records. These occur only in calls from the dnsdb
 lookup, which constructs the names itself, so they should be OK. Besides,

-bitstring labels don't conform to normal name syntax. (But the aren't used any
-more.)
-
-For SRV records, we omit the initial _smtp._tcp. components at the start.
-The check has been seen to bite on the destination of a SRV lookup that
-initiall hit a CNAME, for which the next name had only two components.
-RFC2782 makes no mention of the possibiility of CNAMES, but the Wikipedia
-article on SRV says they are not a valid configuration. */
+bitstring labels don't conform to normal name syntax. (But they aren't used any
+more.) */

 
 #ifndef STAND_ALONE   /* Omit this for stand-alone tests */
 
 if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT)
   {
 
 #ifndef STAND_ALONE   /* Omit this for stand-alone tests */
 
 if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT)
   {

-  const uschar *checkname = name;

   int ovector[3*(EXPAND_MAXN+1)];
 
   dns_pattern_init();
   int ovector[3*(EXPAND_MAXN+1)];
 
   dns_pattern_init();

-
-  /* For an SRV lookup, skip over the first two components (the service and
-  protocol names, which both start with an underscore). */
-
-  if (type == T_SRV || type == T_TLSA)
-    {
-    while (*checkname && *checkname++ != '.') ;
-    while (*checkname && *checkname++ != '.') ;
-    }
-
-  if (pcre_exec(regex_check_dns_names, NULL, CCS checkname, Ustrlen(checkname),
+  if (pcre_exec(regex_check_dns_names, NULL, CCS name, Ustrlen(name),

       0, PCRE_EOPT, ovector, nelem(ovector)) < 0)
     {
     DEBUG(D_dns)
       0, PCRE_EOPT, ovector, nelem(ovector)) < 0)
     {
     DEBUG(D_dns)