git://git.exim.org / exim.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b17ea87)
SPF: fix handling mix of spf and other txt records. Bug 2499
authorWolfgang Breyha <wbreyha@gmx.net>
Sat, 28 Dec 2019 17:14:42 +0000 (17:14 +0000)
committerJeremy Harris <jgh146exb@wizmail.org>
Sat, 28 Dec 2019 17:53:49 +0000 (17:53 +0000)
src/src/spf.c patch | blob | history
test/scripts/4600-SPF/4601 patch | blob | history
test/stdout/4601 patch | blob | history

diff --git a/src/src/spf.c b/src/src/spf.c
index 3ca289656482fb2217811d2321a2cc389bedd5f4..7192ef462912f21ff0889284e7014ee59a02454e 100644 (file)
--- a/src/src/spf.c
+++ b/src/src/spf.c
@@ -37,7 +37,7 @@ SPF_dns_rr_t  * spf_nxdomain = NULL;
 
 static SPF_dns_rr_t *
 SPF_dns_exim_lookup(SPF_dns_server_t *spf_dns_server,
-const char *domain, ns_type rr_type, int should_cache)
+  const char *domain, ns_type rr_type, int should_cache)
 {
 dns_answer * dnsa = store_get_dns_answer();
 dns_scan dnss;
@@ -56,22 +56,30 @@ SPF_dns_rr_t srr = {
   .hook = NULL,                                /* misc information */
   .source = spf_dns_server
 };
+int dns_rc;
 
 DEBUG(D_receive) debug_printf("SPF_dns_exim_lookup '%s'\n", domain);
 
-if (dns_lookup(dnsa, US domain, rr_type, NULL) == DNS_NOMATCH)
+switch (dns_rc = dns_lookup(dnsa, US domain, rr_type, NULL))
   {
-  SPF_dns_rr_dup(&spfrr, spf_nxdomain);
-  return spfrr;
-}
+  case DNS_SUCCEED:    srr.herrno = NETDB_SUCCESS;     break;
+  case DNS_AGAIN:      srr.herrno = TRY_AGAIN;         break;
+  case DNS_NOMATCH:    srr.herrno = HOST_NOT_FOUND;    break;
+  case DNS_FAIL:
+  default:             srr.herrno = NO_RECOVERY;       break;
+  } 
 
 for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
      rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
   if (rr->type == rr_type) found++;
 
-srr.num_rr = found;
+if (found == 0)
+  {
+  SPF_dns_rr_dup(&spfrr, &srr);
+  return spfrr;
+  }
+
 srr.rr = store_malloc(sizeof(SPF_dns_rr_data_t) * found);
-srr.herrno = h_errno,
 
 found = 0;
 for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
@@ -84,7 +92,7 @@ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
     switch(rr_type)
       {
       case T_MX:
-       s += 2;                 /* skip the MX precedence field */
+       s += 2; /* skip the MX precedence field */
       case T_PTR:
        {
        uschar * buf = store_malloc(256);
@@ -130,6 +138,7 @@ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
     srr.rr[found++] = (void *) s;
     }
 
+srr.num_rr = found;
 /* spfrr->rr must have been malloc()d for this */
 SPF_dns_rr_dup(&spfrr, &srr);
 return spfrr;
diff --git a/test/scripts/4600-SPF/4601 b/test/scripts/4600-SPF/4601
index 72ef10d3f67ab6b299af015175ea492864d6510a..77258a8e884e5f95b91c93e2949a061dd2f80412 100644 (file)
--- a/test/scripts/4600-SPF/4601
+++ b/test/scripts/4600-SPF/4601
@@ -30,8 +30,8 @@ killdaemon
 # - and not crash with non-spf txt records
 # v=spf1 is casr-insensitive
 exim -be
-${lookup {fred@test.again.dns} spf {HOSTIPV4}}
-${lookup {fred@double.example.com} spf {8.8.8.8}}
-${lookup {fred@doubleplus.example.com} spf {8.8.8.8}}
-${lookup {fred@uppercase.example.com} spf {HOSTIPV4}}
+temperror ${lookup {fred@test.again.dns} spf {HOSTIPV4}}
+permerror ${lookup {fred@double.example.com} spf {8.8.8.8}}
+permerror ${lookup {fred@doubleplus.example.com} spf {8.8.8.8}}
+pass      ${lookup {fred@uppercase.example.com} spf {HOSTIPV4}}
 ****
diff --git a/test/stdout/4601 b/test/stdout/4601
index 9f69eb29c85142d6388198815b6397cbb9b0d1e8..de4df33ae0716ff30bae757601a00a789d60928b 100644 (file)
--- a/test/stdout/4601
+++ b/test/stdout/4601
@@ -26,6 +26,8 @@ Connecting to 127.0.0.1 port 1224 ... connected
 <<< 250 Accepted
 >>> quit
 End of script
-> permerror
-> pass
+> temperror temperror
+> permerror permerror
+> permerror permerror
+> pass      pass
 > 
Master Exim source repository