* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2017 */
+/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
#include "../exim.h"
causes the whole lookup to defer only if none of the DNS queries succeeds; and
'never', where all defers are as if the lookup failed. The default is 'lax'.
-- 'dnssec_FOO', with 'strict', 'lax' and 'never' (default). The meanings are
+- 'dnssec_FOO', with 'strict', 'lax' (default), and 'never'. The meanings are
require, try and don't-try dnssec respectively.
- 'retrans_VAL', set the timeout value. VAL is an Exim time specification
int rc;
int sep = 0;
int defer_mode = PASS;
-int dnssec_mode = OK;
+int dnssec_mode = PASS;
int save_retrans = dns_retrans;
int save_retry = dns_retry;
int type;
const uschar *outsep2 = NULL;
uschar *equals, *domain, *found;
+dns_answer * dnsa = store_get_dns_answer();
+dns_scan dnss;
+
/* Because we're working in the search pool, we try to reclaim as much
store as possible later, so we preallocate the result here */
gstring * yield = string_get(256);
-dns_record *rr;
-dns_answer dnsa;
-dns_scan dnss;
-
handle = handle; /* Keep picky compilers happy */
filename = filename;
length = length;
while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
{
- uschar rbuffer[256];
- int searchtype = (type == T_CSA)? T_SRV : /* record type we want */
- (type == T_MXH)? T_MX :
- (type == T_ZNS)? T_NS : type;
+ int searchtype = type == T_CSA ? T_SRV : /* record type we want */
+ type == T_MXH ? T_MX :
+ type == T_ZNS ? T_NS : type;
/* If the type is PTR or CSA, we have to construct the relevant magic lookup
key if the original is an IP address (some experimental protocols are using
if ((type == T_PTR || type == T_CSA) &&
string_is_ip_address(domain, NULL) != 0)
- {
- dns_build_reverse(domain, rbuffer);
- domain = rbuffer;
- }
+ domain = dns_build_reverse(domain);
do
{
- DEBUG(D_lookup) debug_printf("dnsdb key: %s\n", domain);
+ DEBUG(D_lookup) debug_printf_indent("dnsdb key: %s\n", domain);
/* Do the lookup and sort out the result. There are four special types that
are handled specially: T_CSA, T_ZNS, T_ADDRESSES and T_MXH.
{
if (searchtype == T_ADDRESSES) searchtype = T_AAAA;
else if (searchtype == T_AAAA) searchtype = T_A;
- rc = dns_special_lookup(&dnsa, domain, searchtype, CUSS &found);
+ rc = dns_special_lookup(dnsa, domain, searchtype, CUSS &found);
}
else
#endif
- rc = dns_special_lookup(&dnsa, domain, type, CUSS &found);
+ rc = dns_special_lookup(dnsa, domain, type, CUSS &found);
lookup_dnssec_authenticated = dnssec_mode==OK ? NULL
- : dns_is_secure(&dnsa) ? US"yes" : US"no";
+ : dns_is_secure(dnsa) ? US"yes" : US"no";
if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue;
if ( rc != DNS_SUCCEED
- || (dnssec_mode == DEFER && !dns_is_secure(&dnsa))
+ || (dnssec_mode == DEFER && !dns_is_secure(dnsa))
)
{
if (defer_mode == DEFER)
/* Search the returned records */
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == searchtype)
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
+ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) if (rr->type == searchtype)
{
if (*do_cache > rr->ttl)
*do_cache = rr->ttl;
if (type == T_A || type == T_AAAA || type == T_ADDRESSES)
{
- dns_address *da;
- for (da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
+ for (dns_address * da = dns_address_from_rr(dnsa, rr); da; da = da->next)
{
if (yield->ptr) yield = string_catn(yield, outsep, 1);
yield = string_cat(yield, da->address);
else if (type == T_TLSA)
{
uint8_t usage, selector, matching_type;
- uint16_t i, payload_length;
+ uint16_t payload_length;
uschar s[MAX_TLSA_EXPANDED_SIZE];
uschar * sp = s;
uschar * p = US rr->data;
sp += sprintf(CS s, "%d%c%d%c%d%c", usage, *outsep2,
selector, *outsep2, matching_type, *outsep2);
/* Now append the cert/identifier, one hex char at a time */
- for (i=0;
- i < payload_length && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4);
- i++)
- sp += sprintf(CS sp, "%02x", (unsigned char)p[i]);
+ while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4))
+ sp += sprintf(CS sp, "%02x", *p++);
yield = string_cat(yield, s);
}
/* GETSHORT() has advanced the pointer to the target domain. */
- rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
+ rc = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, p,
(DN_EXPAND_ARG4_TYPE)s, sizeof(s));
/* If an overlong response was received, the data will have been
p += rc;
yield = string_catn(yield, outsep2, 1);
- rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
+ rc = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, p,
(DN_EXPAND_ARG4_TYPE)s, sizeof(s));
if (rc < 0)
{
/* Reclaim unused memory */
-store_reset(yield->s + yield->ptr + 1);
+gstring_release_unused(yield);
/* If yield NULL we have not found anything. Otherwise, insert the terminating
zero and return the result. */
git://git.exim.org / exim.git / blobdiff