X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/25bf2076f3e35d9da64fe9fd8a704e06a398dfc1..0cbf2b821bb13da0268556d0e30ea627d5592c60:/src/src/dns.c diff --git a/src/src/dns.c b/src/src/dns.c index 2efcbaaff..02eef25a6 100644 --- a/src/src/dns.c +++ b/src/src/dns.c @@ -40,7 +40,6 @@ fakens_search(const uschar *domain, int type, uschar *answerptr, int size) { int len = Ustrlen(domain); int asize = size; /* Locally modified */ -uschar *endname; uschar name[256]; uschar utilname[256]; uschar *aptr = answerptr; /* Locally modified */ @@ -51,7 +50,6 @@ struct stat statbuf; if (domain[len - 1] == '.') len--; Ustrncpy(name, domain, len); name[len] = 0; -endname = name + len; /* Look for the fakens utility, and if it exists, call it. */ @@ -86,7 +84,7 @@ if (stat(CS utilname, &statbuf) >= 0) asize -= rc; /* may need to be passed on to res_search(). */ } - /* If we ran out of output buffer before exhasting the return, + /* If we ran out of output buffer before exhausting the return, carry on reading and counting it. */ if (asize == 0) @@ -390,7 +388,8 @@ from the following bytes. */ dnss->aptr += namelen; GETSHORT(dnss->srr.type, dnss->aptr); /* Record type */ -dnss->aptr += 6; /* Don't want class or TTL */ +dnss->aptr += 2; /* Don't want class */ +GETLONG(dnss->srr.ttl, dnss->aptr); /* TTL */ GETSHORT(dnss->srr.size, dnss->aptr); /* Size of data portion */ dnss->srr.data = dnss->aptr; /* The record's data follows */ dnss->aptr += dnss->srr.size; /* Advance to next RR */ @@ -402,11 +401,16 @@ return &(dnss->srr); } -/* Extract the AUTHORITY info from the answer. If the -answer isn't authoritive (AA) we do not extract anything. -We've to search for SOA or NS records, since there may be -other records (e.g. NSEC3) too. -*/ +/* Extract the AUTHORITY information from the answer. If the +answer isn't authoritive (AA not set), we do not extract anything. + +The AUTHORITIVE section contains NS records if +the name in question was found, it contains a SOA record +otherwise. (This is just from experience and some tests, is there +some spec?) + +We've cycle through the AUTHORITY section, since it may contain +other records (e.g. NSEC3) too. */ static const uschar * dns_extract_auth_name(const dns_answer * dnsa) /* FIXME: const dns_answer */ @@ -419,7 +423,7 @@ if (!h->nscount || !h->aa) return NULL; for (rr = dns_next_rr((dns_answer*) dnsa, &dnss, RESET_AUTHORITY); rr; rr = dns_next_rr((dns_answer*) dnsa, &dnss, RESET_NEXT)) - if (rr->type == T_SOA || rr->type == T_NS) return rr->name; + if (rr->type == (h->ancount ? T_NS : T_SOA)) return rr->name; return NULL; } @@ -464,7 +468,7 @@ if ( !h->aa || !*trusted || !(auth_name = dns_extract_auth_name(dnsa)) || OK != match_isinlist(auth_name, &trusted, 0, NULL, NULL, - MCL_DOMAIN, TRUE, NULL) + MCL_DOMAIN, TRUE, NULL) ) return FALSE; @@ -616,7 +620,7 @@ if (previous != NULL) return previous->data.val; } -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N /* Convert all names to a-label form before doing lookup */ { uschar * alabel; @@ -847,7 +851,7 @@ for (i = 0; i < 10; i++) if ( rr_name && Ustrcmp(rr_name, *fully_qualified_name) != 0 && rr_name[0] != '*' -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N && ( !string_is_utf8(*fully_qualified_name) || Ustrcmp(rr_name, string_domain_utf8_to_alabel(*fully_qualified_name, NULL)) != 0 @@ -1108,8 +1112,7 @@ return DNS_FAIL; * Get address(es) from DNS record * *************************************************/ -/* The record type is either T_A for an IPv4 address or T_AAAA (or T_A6 when -supported) for an IPv6 address. +/* The record type is either T_A for an IPv4 address or T_AAAA for an IPv6 address. Argument: dnsa the DNS answer block @@ -1141,8 +1144,11 @@ else { if (rr->data + 16 <= dnsa_lim) { + struct in6_addr in6; + int i; + for (i = 0; i < 16; i++) in6.__in6_u.__u6_addr8[i] = rr->data[i]; yield = store_get(sizeof(dns_address) + 50); - inet_ntop(AF_INET6, US rr->data, CS yield->address, 50); + inet_ntop(AF_INET6, &in6, CS yield->address, 50); yield->next = NULL; } }