X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/7d8d08c484958a90f5d5744894b9bc2f723bee4e..d896cef5f6f3ff1b7509fd832a4ee66403a7c57f:/src/src/dns.c diff --git a/src/src/dns.c b/src/src/dns.c index b309207cf..4750f1b52 100644 --- a/src/src/dns.c +++ b/src/src/dns.c @@ -10,7 +10,6 @@ #include "exim.h" - /************************************************* * Fake DNS resolver * *************************************************/ @@ -617,8 +616,10 @@ Arguments: Returns: the return code */ -/*XXX the derivation of this value needs explaining */ +/* we need: 255 +1 + (max(typetext) == 5) +1 + max(chars_for_long-max) +1 */ #define DNS_FAILTAG_MAX 290 +#define DNS_FAILNODE_SIZE \ + (sizeof(expiring_data) + sizeof(tree_node) + DNS_FAILTAG_MAX) static int dns_fail_return(const uschar * name, int type, time_t expiry, int rc) @@ -632,11 +633,9 @@ if ((previous = tree_search(tree_dns_fails, node_name))) e = previous->data.ptr; else { - new = store_get_perm( - sizeof(tree_node) + DNS_FAILTAG_MAX + sizeof(expiring_data), is_tainted(name)); - + e = store_get_perm(DNS_FAILNODE_SIZE, is_tainted(name)); + new = (void *)(e+1); dns_fail_tag(new->name, name, type); - e = (expiring_data *)((char *)new + sizeof(tree_node) + DNS_FAILTAG_MAX); new->data.ptr = e; (void)tree_insertnode(&tree_dns_fails, new); } @@ -687,7 +686,7 @@ in the SOA. We hope that one was returned in the lookup, and do not bother doing a separate lookup; if not found return a forever TTL. */ -static time_t +time_t dns_expire_from_soa(dns_answer * dnsa) { const HEADER * h = (const HEADER *)dnsa->answer; @@ -733,9 +732,9 @@ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY); /* Skip the SOA serial, refresh, retry & expire. Grab the TTL */ - if (p > dnsa->answer + dnsa->answerlen - 5 * NS_INT32SZ) + if (p > dnsa->answer + dnsa->answerlen - 5 * INT32SZ) break; - p += 4 * NS_INT32SZ; + p += 4 * INT32SZ; GETLONG(ttl, p); return time(NULL) + ttl; @@ -819,34 +818,17 @@ regex has substrings that are used - the default uses a conditional. This test is omitted for PTR records. These occur only in calls from the dnsdb lookup, which constructs the names itself, so they should be OK. Besides, -bitstring labels don't conform to normal name syntax. (But the aren't used any -more.) - -For SRV records, we omit the initial _smtp._tcp. components at the start. -The check has been seen to bite on the destination of a SRV lookup that -initiall hit a CNAME, for which the next name had only two components. -RFC2782 makes no mention of the possibiility of CNAMES, but the Wikipedia -article on SRV says they are not a valid configuration. */ +bitstring labels don't conform to normal name syntax. (But they aren't used any +more.) */ #ifndef STAND_ALONE /* Omit this for stand-alone tests */ if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT) { - const uschar *checkname = name; int ovector[3*(EXPAND_MAXN+1)]; dns_pattern_init(); - - /* For an SRV lookup, skip over the first two components (the service and - protocol names, which both start with an underscore). */ - - if (type == T_SRV || type == T_TLSA) - { - while (*checkname && *checkname++ != '.') ; - while (*checkname && *checkname++ != '.') ; - } - - if (pcre_exec(regex_check_dns_names, NULL, CCS checkname, Ustrlen(checkname), + if (pcre_exec(regex_check_dns_names, NULL, CCS name, Ustrlen(name), 0, PCRE_EOPT, ovector, nelem(ovector)) < 0) { DEBUG(D_dns)