-/* $Cambridge: exim/test/src/fakens.c,v 1.1 2006/02/06 16:24:05 ph10 Exp $ */
-
/*************************************************
* fakens - A Fake Nameserver Program *
*************************************************/
PASS ON NOT FOUND
and the domain is not found. It converts the the result to PASS_ON instead of
-HOST_NOT_FOUND. */
+HOST_NOT_FOUND.
+
+Any DNS record line in a zone file can be prefixed with "DNSSEC" and
+at least one space; if all the records found by a lookup are marked
+as such then the response will have the "AD" bit set. */
#include <ctype.h>
#include <stdarg.h>
#define Ustrncmp(s,t,n) strncmp(CCS(s),CCS(t),n)
#define Ustrncpy(s,t,n) strncpy(CS(s),CCS(t),n)
-
-typedef struct adomainstr {
- struct adomainstr *next;
- uschar name[1];
-} adomainstr;
-
typedef struct zoneitem {
uschar *zone;
uschar *zonefile;
qtypelen the length of qtype
pkptr points to the output buffer pointer; this is updated
countptr points to the record count; this is updated
- adomainptr points to where to hang additional domains
Returns: 0 on success, else HOST_NOT_FOUND or NO_DATA or NO_RECOVERY or
PASS_ON - the latter if a "PASS ON NOT FOUND" line is seen
static int
find_records(FILE *f, uschar *zone, uschar *domain, uschar *qtype,
- int qtypelen, uschar **pkptr, int *countptr, adomainstr **adomainptr)
+ int qtypelen, uschar **pkptr, int *countptr, BOOL * dnssec)
{
int yield = HOST_NOT_FOUND;
-int zonelen = Ustrlen(zone);
int domainlen = Ustrlen(domain);
BOOL pass_on_not_found = FALSE;
tlist *typeptr;
uschar *pk = *pkptr;
uschar buffer[256];
uschar rrdomain[256];
+uschar RRdomain[256];
/* Decode the required type */
rrdomain[0] = 0; /* No previous domain */
(void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
+*dnssec = TRUE; /* cancelled by first nonsecure rec found */
+
/* Scan for RRs */
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
int i, plen, value;
int tvalue = typeptr->value;
int qtlen = qtypelen;
+ BOOL rr_sec = FALSE;
p = buffer;
while (isspace(*p)) p++;
if (*p == 0 || *p == ';') continue;
- if (Ustrncmp(p, "PASS ON NOT FOUND", 17) == 0)
+ if (Ustrncmp(p, US"PASS ON NOT FOUND", 17) == 0)
{
pass_on_not_found = TRUE;
continue;
*ep = 0;
p = buffer;
+ if (Ustrncmp(p, US"DNSSEC ", 7) == 0) /* tagged as secure */
+ {
+ rr_sec = TRUE;
+ p += 7;
+ }
+
if (!isspace(*p))
{
uschar *pp = rrdomain;
- while (!isspace(*p)) *pp++ = tolower(*p++);
- if (pp[-1] != '.') Ustrcpy(pp, zone); else pp[-1] = 0;
+ uschar *PP = RRdomain;
+ while (!isspace(*p))
+ {
+ *pp++ = tolower(*p);
+ *PP++ = *p++;
+ }
+ if (pp[-1] != '.')
+ {
+ Ustrcpy(pp, zone);
+ Ustrcpy(PP, zone);
+ }
+ else
+ {
+ pp[-1] = 0;
+ PP[-1] = 0;
+ }
}
/* Compare domain names; first check for a wildcard */
/* Found a relevant record */
+ if (!rr_sec)
+ *dnssec = FALSE; /* cancel AD return */
+
yield = 0;
*countptr = *countptr + 1;
p += qtlen;
while (isspace(*p)) p++;
- pk = packname(domain, pk); /* Not rrdomain because of wildcard */
+ /* For a wildcard record, use the search name; otherwise use the record's
+ name in its original case because it might contain upper case letters. */
+
+ pk = packname((rrdomain[0] == '*')? domain : RRdomain, pk);
*pk++ = (tvalue >> 8) & 255;
*pk++ = (tvalue) & 255;
*pk++ = 0;
while (isspace(*p)) p++;
*pk++ = (value >> 8) & 255;
*pk++ = value & 255;
- goto PACKNAME;
+ if (ep[-1] != '.') sprintf(ep, "%s.", zone);
+ pk = packname(p, pk);
+ plen = Ustrlen(p);
+ break;
case ns_t_txt:
pp = pk++;
case ns_t_cname:
case ns_t_ns:
case ns_t_ptr:
- PACKNAME:
if (ep[-1] != '.') sprintf(ep, "%s.", zone);
pk = packname(p, pk);
plen = Ustrlen(p);
- if (adomainptr != NULL && plen > zonelen + 2 &&
- Ustrncmp(p + plen - zonelen - 1, zone, zonelen) == 0)
- {
- adomainstr *adomain = (adomainstr *)malloc(sizeof(adomainstr) + plen);
- *adomainptr = adomain;
- adomainptr = &(adomain->next);
- adomain->next = NULL;
- Ustrncpy(adomain->name, p, plen - 1);
- adomain->name[plen-1] = 0;
- }
break;
}
rdlptr[0] = ((pk - rdlptr - 2) >> 8) & 255;
rdlptr[1] = (pk -rdlptr - 2) & 255;
-
- /* If we have just yielded a CNAME, we must change the domain name to the
- new domain, and re-start the scan from the beginning. */
-
- if (found_cname)
- {
- domain = fcopystring("%s", p);
- domainlen = Ustrlen(domain);
- domain[domainlen - 1] = 0; /* Removed trailing dot */
- rrdomain[0] = 0; /* No previous domain */
- (void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
- }
}
*pkptr = pk;
{
FILE *f;
DIR *d;
-int dirlen, domlen, qtypelen;
+int domlen, qtypelen;
int yield, count;
int i;
int zonecount = 0;
-tlist *typeptr;
struct dirent *de;
-adomainstr *adomain = NULL;
zoneitem zones[32];
uschar *qualify = NULL;
uschar *p, *zone;
uschar qtype[12];
uschar packet[512];
uschar *pk = packet;
+BOOL dnssec;
if (argc != 4)
{
/* Find the records we want, and add them to the result. */
count = 0;
-yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count, &adomain);
+yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count, &dnssec);
if (yield == NO_RECOVERY) goto END_OFF;
packet[6] = (count >> 8) & 255;
packet[7] = count & 255;
-/* Search for additional records and add them to the result. */
+/* There is no need to return any additional records because Exim no longer
+(from release 4.61) makes any use of them. */
-count = 0;
-for (; adomain != NULL; adomain = adomain->next)
- {
- (void)find_records(f, zone, adomain->name, US"AAAA", 4, &pk, &count, NULL);
- (void)find_records(f, zone, adomain->name, US"A", 1, &pk, &count, NULL);
- }
+packet[10] = 0;
+packet[11] = 0;
-packet[10] = (count >> 8) & 255;
-packet[11] = count & 255;
+if (dnssec)
+ ((HEADER *)packet)->ad = 1;
/* Close the zone file, write the result, and return. */
return yield;
}
+/* vi: aw ai sw=2
+*/
/* End of fakens.c */
git://git.exim.org / exim.git / blobdiff