From eae0036b2dfac1547351908f77a6154b898c45d6 Mon Sep 17 00:00:00 2001 From: Phil Pennock Date: Thu, 17 May 2012 00:39:38 -0400 Subject: [PATCH] dnsdb SPF support, from Janne Snabb --- doc/doc-docbook/spec.xfpt | 13 +++++++++---- doc/doc-txt/ChangeLog | 4 +++- doc/doc-txt/NewStuff | 5 ++++- src/src/dns.c | 1 + src/src/exim.h | 6 ++++++ src/src/lookups/dnsdb.c | 9 ++++++++- 6 files changed, 31 insertions(+), 7 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 167208ac9..22b805c18 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -6756,11 +6756,13 @@ is used on its own as the result. If the lookup does not succeed, the &`fail`& keyword causes a &'forced expansion failure'& &-- see section &<>& for an explanation of what this means. -The supported DNS record types are A, CNAME, MX, NS, PTR, SRV, and TXT, and, -when Exim is compiled with IPv6 support, AAAA (and A6 if that is also +.new +The supported DNS record types are A, CNAME, MX, NS, PTR, SPF, SRV, and TXT, +and, when Exim is compiled with IPv6 support, AAAA (and A6 if that is also configured). If no type is given, TXT is assumed. When the type is PTR, the data can be an IP address, written as normal; inversion and the addition of &%in-addr.arpa%& or &%ip6.arpa%& happens automatically. For example: +.wen .code ${lookup dnsdb{ptr=192.168.4.5}{$value}fail} .endd @@ -6786,10 +6788,13 @@ It is permitted to specify a space as the separator character. Further white space is ignored. .cindex "TXT record" "in &(dnsdb)& lookup" -For TXT records with multiple items of data, only the first item is returned, +.cindex "SPF record" "in &(dnsdb)& lookup" +.new +For TXT and SPF records with multiple items of data, only the first item is returned, unless a separator for them is specified using a comma after the separator -character followed immediately by the TXT record item separator. To concatenate +character followed immediately by the TXT/SPF record item separator. To concatenate items without a separator, use a semicolon instead. +.wen .code ${lookup dnsdb{>\n,: txt=a.b.example}} ${lookup dnsdb{>\n; txt=a.b.example}} diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 991f59f08..ff463b1a4 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -45,7 +45,7 @@ PP/12 MAIL args handles TAB as well as SP, for better interop with non-compliant senders. Analysis and variant patch by Todd Lyons. -NM/04 Bugzilla 1237 - fix cases where printf format usage no indicated +NM/04 Bugzilla 1237 - fix cases where printf format usage not indicated Bug report from Lars Müller (via SUSE), Patch from Dirk Mueller @@ -109,6 +109,8 @@ PP/25 Revamped GnuTLS support, passing tls_require_ciphers to PP/26 Added EXPERIMENTAL_OCSP for OpenSSL. +PP/27 Applied dnsdb SPF support patch from Janne Snabb. + Exim version 4.77 ----------------- diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index d41d79c83..82eaeb73b 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -69,7 +69,7 @@ Version 4.78 "socket activation", but forcing the activated socket to fd 0. We're interested in adding more support for modern variants. -10. ${eval } now uses 64-bit values on supporting platforms. A new "G" suffux +10. ${eval } now uses 64-bit values on supporting platforms. A new "G" suffix for numbers indicates multiplication by 1024^3. 11. The GnuTLS support has been revamped; the three options gnutls_require_kx, @@ -88,6 +88,9 @@ Version 4.78 See "experimental-spec.txt" for more details. +13. ${lookup dnsdb{ }} supports now SPF record types. They are handled + identically to TXT record lookups. + Version 4.77 ------------ diff --git a/src/src/dns.c b/src/src/dns.c index c903d0ba9..d5214901d 100644 --- a/src/src/dns.c +++ b/src/src/dns.c @@ -415,6 +415,7 @@ switch(t) case T_AAAA: return US"AAAA"; case T_A6: return US"A6"; case T_TXT: return US"TXT"; + case T_SPF: return US"SPF"; case T_PTR: return US"PTR"; case T_SOA: return US"SOA"; case T_SRV: return US"SRV"; diff --git a/src/src/exim.h b/src/src/exim.h index 49f52474a..4a5375514 100644 --- a/src/src/exim.h +++ b/src/src/exim.h @@ -299,6 +299,12 @@ header files. I don't suppose they have T_SRV either. */ #define T_SRV 33 #endif +/* Many systems do not have T_SPF. */ + +#ifndef T_SPF +#define T_SPF 99 +#endif + /* It seems that some versions of arpa/nameser.h don't define *any* of the T_xxx macros, which seem to be non-standard nowadays. Just to be on the safe side, put in definitions for all the ones that Exim uses. */ diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c index 2862a5bc9..6848317e8 100644 --- a/src/src/lookups/dnsdb.c +++ b/src/src/lookups/dnsdb.c @@ -17,6 +17,11 @@ header files. */ #define T_TXT 16 #endif +/* Many systems do not have T_SPF. */ +#ifndef T_SPF +#define T_SPF 99 +#endif + /* Table of recognized DNS record types and their integer values. */ static const char *type_names[] = { @@ -33,6 +38,7 @@ static const char *type_names[] = { "mxh", "ns", "ptr", + "spf", "srv", "txt", "zns" @@ -52,6 +58,7 @@ static int type_values[] = { T_MXH, /* Private type for "MX hostnames" */ T_NS, T_PTR, + T_SPF, T_SRV, T_TXT, T_ZNS /* Private type for "zone nameservers" */ @@ -316,7 +323,7 @@ while ((domain = string_nextinlist(&keystring, &sep, buffer, sizeof(buffer))) if (ptr != 0) yield = string_cat(yield, &size, &ptr, outsep, 1); - if (type == T_TXT) + if (type == T_TXT || type == T_SPF) { if (outsep2 == NULL) { -- 2.30.2