| 1 | /************************************************* |
| 2 | * Exim - an Internet mail transport agent * |
| 3 | *************************************************/ |
| 4 | |
| 5 | /* Copyright (c) University of Cambridge 1995 - 2018 */ |
| 6 | /* See the file NOTICE for conditions of use and distribution. */ |
| 7 | |
| 8 | #include "../exim.h" |
| 9 | #include "lf_functions.h" |
| 10 | |
| 11 | |
| 12 | |
| 13 | /* Ancient systems (e.g. SunOS4) don't appear to have T_TXT defined in their |
| 14 | header files. */ |
| 15 | |
| 16 | #ifndef T_TXT |
| 17 | # define T_TXT 16 |
| 18 | #endif |
| 19 | |
| 20 | /* Many systems do not have T_SPF. */ |
| 21 | #ifndef T_SPF |
| 22 | # define T_SPF 99 |
| 23 | #endif |
| 24 | |
| 25 | /* New TLSA record for DANE */ |
| 26 | #ifndef T_TLSA |
| 27 | # define T_TLSA 52 |
| 28 | #endif |
| 29 | |
| 30 | /* Table of recognized DNS record types and their integer values. */ |
| 31 | |
| 32 | static const char *type_names[] = { |
| 33 | "a", |
| 34 | #if HAVE_IPV6 |
| 35 | "a+", |
| 36 | "aaaa", |
| 37 | #endif |
| 38 | "cname", |
| 39 | "csa", |
| 40 | "mx", |
| 41 | "mxh", |
| 42 | "ns", |
| 43 | "ptr", |
| 44 | "soa", |
| 45 | "spf", |
| 46 | "srv", |
| 47 | "tlsa", |
| 48 | "txt", |
| 49 | "zns" |
| 50 | }; |
| 51 | |
| 52 | static int type_values[] = { |
| 53 | T_A, |
| 54 | #if HAVE_IPV6 |
| 55 | T_ADDRESSES, /* Private type for AAAA + A */ |
| 56 | T_AAAA, |
| 57 | #endif |
| 58 | T_CNAME, |
| 59 | T_CSA, /* Private type for "Client SMTP Authorization". */ |
| 60 | T_MX, |
| 61 | T_MXH, /* Private type for "MX hostnames" */ |
| 62 | T_NS, |
| 63 | T_PTR, |
| 64 | T_SOA, |
| 65 | T_SPF, |
| 66 | T_SRV, |
| 67 | T_TLSA, |
| 68 | T_TXT, |
| 69 | T_ZNS /* Private type for "zone nameservers" */ |
| 70 | }; |
| 71 | |
| 72 | |
| 73 | /************************************************* |
| 74 | * Open entry point * |
| 75 | *************************************************/ |
| 76 | |
| 77 | /* See local README for interface description. */ |
| 78 | |
| 79 | static void * |
| 80 | dnsdb_open(const uschar * filename, uschar **errmsg) |
| 81 | { |
| 82 | filename = filename; /* Keep picky compilers happy */ |
| 83 | errmsg = errmsg; /* Ditto */ |
| 84 | return (void *)(-1); /* Any non-0 value */ |
| 85 | } |
| 86 | |
| 87 | |
| 88 | |
| 89 | /************************************************* |
| 90 | * Find entry point for dnsdb * |
| 91 | *************************************************/ |
| 92 | |
| 93 | /* See local README for interface description. The query in the "keystring" may |
| 94 | consist of a number of parts. |
| 95 | |
| 96 | (a) If the first significant character is '>' then the next character is the |
| 97 | separator character that is used when multiple records are found. The default |
| 98 | separator is newline. |
| 99 | |
| 100 | (b) If the next character is ',' then the next character is the separator |
| 101 | character used for multiple items of text in "TXT" records. Alternatively, |
| 102 | if the next character is ';' then these multiple items are concatenated with |
| 103 | no separator. With neither of these options specified, only the first item |
| 104 | is output. Similarly for "SPF" records, but the default for joining multiple |
| 105 | items in one SPF record is the empty string, for direct concatenation. |
| 106 | |
| 107 | (c) Options, all comma-terminated, in any order. Any unrecognised option |
| 108 | terminates option processing. Recognised options are: |
| 109 | |
| 110 | - 'defer_FOO': set the defer behaviour to FOO. The possible behaviours are: |
| 111 | 'strict', where any defer causes the whole lookup to defer; 'lax', where a defer |
| 112 | causes the whole lookup to defer only if none of the DNS queries succeeds; and |
| 113 | 'never', where all defers are as if the lookup failed. The default is 'lax'. |
| 114 | |
| 115 | - 'dnssec_FOO', with 'strict', 'lax' (default), and 'never'. The meanings are |
| 116 | require, try and don't-try dnssec respectively. |
| 117 | |
| 118 | - 'retrans_VAL', set the timeout value. VAL is an Exim time specification |
| 119 | (eg "5s"). The default is set by the main configuration option 'dns_retrans'. |
| 120 | |
| 121 | - 'retry_VAL', set the retry count on timeouts. VAL is an integer. The |
| 122 | default is set by the main configuration option "dns_retry". |
| 123 | |
| 124 | (d) If the next sequence of characters is a sequence of letters and digits |
| 125 | followed by '=', it is interpreted as the name of the DNS record type. The |
| 126 | default is "TXT". |
| 127 | |
| 128 | (e) Then there follows list of domain names. This is a generalized Exim list, |
| 129 | which may start with '<' in order to set a specific separator. The default |
| 130 | separator, as always, is colon. */ |
| 131 | |
| 132 | static int |
| 133 | dnsdb_find(void * handle, const uschar * filename, const uschar * keystring, |
| 134 | int length, uschar ** result, uschar ** errmsg, uint * do_cache, |
| 135 | const uschar * opts) |
| 136 | { |
| 137 | int rc; |
| 138 | int sep = 0; |
| 139 | int defer_mode = PASS; |
| 140 | int dnssec_mode = PASS; |
| 141 | int save_retrans = dns_retrans; |
| 142 | int save_retry = dns_retry; |
| 143 | int type; |
| 144 | int failrc = FAIL; |
| 145 | const uschar *outsep = CUS"\n"; |
| 146 | const uschar *outsep2 = NULL; |
| 147 | uschar *equals, *domain, *found; |
| 148 | |
| 149 | dns_answer * dnsa = store_get_dns_answer(); |
| 150 | dns_scan dnss; |
| 151 | |
| 152 | /* Because we're working in the search pool, we try to reclaim as much |
| 153 | store as possible later, so we preallocate the result here */ |
| 154 | |
| 155 | gstring * yield = string_get(256); |
| 156 | |
| 157 | handle = handle; /* Keep picky compilers happy */ |
| 158 | filename = filename; |
| 159 | length = length; |
| 160 | do_cache = do_cache; |
| 161 | |
| 162 | /* If the string starts with '>' we change the output separator. |
| 163 | If it's followed by ';' or ',' we set the TXT output separator. */ |
| 164 | |
| 165 | while (isspace(*keystring)) keystring++; |
| 166 | if (*keystring == '>') |
| 167 | { |
| 168 | outsep = keystring + 1; |
| 169 | keystring += 2; |
| 170 | if (*keystring == ',') |
| 171 | { |
| 172 | outsep2 = keystring + 1; |
| 173 | keystring += 2; |
| 174 | } |
| 175 | else if (*keystring == ';') |
| 176 | { |
| 177 | outsep2 = US""; |
| 178 | keystring++; |
| 179 | } |
| 180 | while (isspace(*keystring)) keystring++; |
| 181 | } |
| 182 | |
| 183 | /* Check for a modifier keyword. */ |
| 184 | |
| 185 | for (;;) |
| 186 | { |
| 187 | if (strncmpic(keystring, US"defer_", 6) == 0) |
| 188 | { |
| 189 | keystring += 6; |
| 190 | if (strncmpic(keystring, US"strict", 6) == 0) |
| 191 | { defer_mode = DEFER; keystring += 6; } |
| 192 | else if (strncmpic(keystring, US"lax", 3) == 0) |
| 193 | { defer_mode = PASS; keystring += 3; } |
| 194 | else if (strncmpic(keystring, US"never", 5) == 0) |
| 195 | { defer_mode = OK; keystring += 5; } |
| 196 | else |
| 197 | { |
| 198 | *errmsg = US"unsupported dnsdb defer behaviour"; |
| 199 | return DEFER; |
| 200 | } |
| 201 | } |
| 202 | else if (strncmpic(keystring, US"dnssec_", 7) == 0) |
| 203 | { |
| 204 | keystring += 7; |
| 205 | if (strncmpic(keystring, US"strict", 6) == 0) |
| 206 | { dnssec_mode = DEFER; keystring += 6; } |
| 207 | else if (strncmpic(keystring, US"lax", 3) == 0) |
| 208 | { dnssec_mode = PASS; keystring += 3; } |
| 209 | else if (strncmpic(keystring, US"never", 5) == 0) |
| 210 | { dnssec_mode = OK; keystring += 5; } |
| 211 | else |
| 212 | { |
| 213 | *errmsg = US"unsupported dnsdb dnssec behaviour"; |
| 214 | return DEFER; |
| 215 | } |
| 216 | } |
| 217 | else if (strncmpic(keystring, US"retrans_", 8) == 0) |
| 218 | { |
| 219 | int timeout_sec; |
| 220 | if ((timeout_sec = readconf_readtime(keystring += 8, ',', FALSE)) <= 0) |
| 221 | { |
| 222 | *errmsg = US"unsupported dnsdb timeout value"; |
| 223 | return DEFER; |
| 224 | } |
| 225 | dns_retrans = timeout_sec; |
| 226 | while (*keystring != ',') keystring++; |
| 227 | } |
| 228 | else if (strncmpic(keystring, US"retry_", 6) == 0) |
| 229 | { |
| 230 | int retries; |
| 231 | if ((retries = (int)strtol(CCS keystring + 6, CSS &keystring, 0)) < 0) |
| 232 | { |
| 233 | *errmsg = US"unsupported dnsdb retry count"; |
| 234 | return DEFER; |
| 235 | } |
| 236 | dns_retry = retries; |
| 237 | } |
| 238 | else |
| 239 | break; |
| 240 | |
| 241 | while (isspace(*keystring)) keystring++; |
| 242 | if (*keystring++ != ',') |
| 243 | { |
| 244 | *errmsg = US"dnsdb modifier syntax error"; |
| 245 | return DEFER; |
| 246 | } |
| 247 | while (isspace(*keystring)) keystring++; |
| 248 | } |
| 249 | |
| 250 | /* Figure out the "type" value if it is not T_TXT. |
| 251 | If the keystring contains an = this must be preceded by a valid type name. */ |
| 252 | |
| 253 | type = T_TXT; |
| 254 | if ((equals = Ustrchr(keystring, '=')) != NULL) |
| 255 | { |
| 256 | int i, len; |
| 257 | uschar *tend = equals; |
| 258 | |
| 259 | while (tend > keystring && isspace(tend[-1])) tend--; |
| 260 | len = tend - keystring; |
| 261 | |
| 262 | for (i = 0; i < nelem(type_names); i++) |
| 263 | if (len == Ustrlen(type_names[i]) && |
| 264 | strncmpic(keystring, US type_names[i], len) == 0) |
| 265 | { |
| 266 | type = type_values[i]; |
| 267 | break; |
| 268 | } |
| 269 | |
| 270 | if (i >= nelem(type_names)) |
| 271 | { |
| 272 | *errmsg = US"unsupported DNS record type"; |
| 273 | return DEFER; |
| 274 | } |
| 275 | |
| 276 | keystring = equals + 1; |
| 277 | while (isspace(*keystring)) keystring++; |
| 278 | } |
| 279 | |
| 280 | /* Initialize the resolver in case this is the first time it has been used. */ |
| 281 | |
| 282 | dns_init(FALSE, FALSE, dnssec_mode != OK); |
| 283 | |
| 284 | /* The remainder of the string must be a list of domains. As long as the lookup |
| 285 | for at least one of them succeeds, we return success. Failure means that none |
| 286 | of them were found. |
| 287 | |
| 288 | The original implementation did not support a list of domains. Adding the list |
| 289 | feature is compatible, except in one case: when PTR records are being looked up |
| 290 | for a single IPv6 address. Fortunately, we can hack in a compatibility feature |
| 291 | here: If the type is PTR and no list separator is specified, and the entire |
| 292 | remaining string is valid as an IP address, set an impossible separator so that |
| 293 | it is treated as one item. */ |
| 294 | |
| 295 | if (type == T_PTR && keystring[0] != '<' && |
| 296 | string_is_ip_address(keystring, NULL) != 0) |
| 297 | sep = -1; |
| 298 | |
| 299 | /* SPF strings should be concatenated without a separator, thus make |
| 300 | it the default if not defined (see RFC 4408 section 3.1.3). |
| 301 | Multiple SPF records are forbidden (section 3.1.2) but are currently |
| 302 | not handled specially, thus they are concatenated with \n by default. |
| 303 | MX priority and value are space-separated by default. |
| 304 | SRV and TLSA record parts are space-separated by default. */ |
| 305 | |
| 306 | if (!outsep2) switch(type) |
| 307 | { |
| 308 | case T_SPF: outsep2 = US""; break; |
| 309 | case T_SRV: case T_MX: case T_TLSA: outsep2 = US" "; break; |
| 310 | } |
| 311 | |
| 312 | /* Now scan the list and do a lookup for each item */ |
| 313 | |
| 314 | while ((domain = string_nextinlist(&keystring, &sep, NULL, 0))) |
| 315 | { |
| 316 | int searchtype = type == T_CSA ? T_SRV : /* record type we want */ |
| 317 | type == T_MXH ? T_MX : |
| 318 | type == T_ZNS ? T_NS : type; |
| 319 | |
| 320 | /* If the type is PTR or CSA, we have to construct the relevant magic lookup |
| 321 | key if the original is an IP address (some experimental protocols are using |
| 322 | PTR records for different purposes where the key string is a host name, and |
| 323 | Exim's extended CSA can be keyed by domains or IP addresses). This code for |
| 324 | doing the reversal is now in a separate function. */ |
| 325 | |
| 326 | if ((type == T_PTR || type == T_CSA) && |
| 327 | string_is_ip_address(domain, NULL) != 0) |
| 328 | domain = dns_build_reverse(domain); |
| 329 | |
| 330 | do |
| 331 | { |
| 332 | DEBUG(D_lookup) debug_printf_indent("dnsdb key: %s\n", domain); |
| 333 | |
| 334 | /* Do the lookup and sort out the result. There are four special types that |
| 335 | are handled specially: T_CSA, T_ZNS, T_ADDRESSES and T_MXH. |
| 336 | The first two are handled in a special lookup function so that the facility |
| 337 | could be used from other parts of the Exim code. T_ADDRESSES is handled by looping |
| 338 | over the types of A lookup. T_MXH affects only what happens later on in |
| 339 | this function, but for tidiness it is handled by the "special". If the |
| 340 | lookup fails, continue with the next domain. In the case of DEFER, adjust |
| 341 | the final "nothing found" result, but carry on to the next domain. */ |
| 342 | |
| 343 | found = domain; |
| 344 | #if HAVE_IPV6 |
| 345 | if (type == T_ADDRESSES) /* NB cannot happen unless HAVE_IPV6 */ |
| 346 | { |
| 347 | if (searchtype == T_ADDRESSES) searchtype = T_AAAA; |
| 348 | else if (searchtype == T_AAAA) searchtype = T_A; |
| 349 | rc = dns_special_lookup(dnsa, domain, searchtype, CUSS &found); |
| 350 | } |
| 351 | else |
| 352 | #endif |
| 353 | rc = dns_special_lookup(dnsa, domain, type, CUSS &found); |
| 354 | |
| 355 | lookup_dnssec_authenticated = dnssec_mode==OK ? NULL |
| 356 | : dns_is_secure(dnsa) ? US"yes" : US"no"; |
| 357 | |
| 358 | if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue; |
| 359 | if ( rc != DNS_SUCCEED |
| 360 | || (dnssec_mode == DEFER && !dns_is_secure(dnsa)) |
| 361 | ) |
| 362 | { |
| 363 | if (defer_mode == DEFER) |
| 364 | { |
| 365 | dns_retrans = save_retrans; |
| 366 | dns_retry = save_retry; |
| 367 | dns_init(FALSE, FALSE, FALSE); /* clr dnssec bit */ |
| 368 | return DEFER; /* always defer */ |
| 369 | } |
| 370 | if (defer_mode == PASS) failrc = DEFER; /* defer only if all do */ |
| 371 | continue; /* treat defer as fail */ |
| 372 | } |
| 373 | |
| 374 | |
| 375 | /* Search the returned records */ |
| 376 | |
| 377 | for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr; |
| 378 | rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) if (rr->type == searchtype) |
| 379 | { |
| 380 | if (*do_cache > rr->ttl) |
| 381 | *do_cache = rr->ttl; |
| 382 | |
| 383 | if (type == T_A || type == T_AAAA || type == T_ADDRESSES) |
| 384 | { |
| 385 | for (dns_address * da = dns_address_from_rr(dnsa, rr); da; da = da->next) |
| 386 | { |
| 387 | if (yield->ptr) yield = string_catn(yield, outsep, 1); |
| 388 | yield = string_cat(yield, da->address); |
| 389 | } |
| 390 | continue; |
| 391 | } |
| 392 | |
| 393 | /* Other kinds of record just have one piece of data each, but there may be |
| 394 | several of them, of course. */ |
| 395 | |
| 396 | if (yield->ptr) yield = string_catn(yield, outsep, 1); |
| 397 | |
| 398 | if (type == T_TXT || type == T_SPF) |
| 399 | { |
| 400 | if (outsep2 == NULL) /* output only the first item of data */ |
| 401 | yield = string_catn(yield, US (rr->data+1), (rr->data)[0]); |
| 402 | else |
| 403 | { |
| 404 | /* output all items */ |
| 405 | int data_offset = 0; |
| 406 | while (data_offset < rr->size) |
| 407 | { |
| 408 | uschar chunk_len = (rr->data)[data_offset++]; |
| 409 | if (outsep2[0] != '\0' && data_offset != 1) |
| 410 | yield = string_catn(yield, outsep2, 1); |
| 411 | yield = string_catn(yield, US ((rr->data)+data_offset), chunk_len); |
| 412 | data_offset += chunk_len; |
| 413 | } |
| 414 | } |
| 415 | } |
| 416 | else if (type == T_TLSA) |
| 417 | { |
| 418 | uint8_t usage, selector, matching_type; |
| 419 | uint16_t payload_length; |
| 420 | uschar s[MAX_TLSA_EXPANDED_SIZE]; |
| 421 | uschar * sp = s; |
| 422 | uschar * p = US rr->data; |
| 423 | |
| 424 | usage = *p++; |
| 425 | selector = *p++; |
| 426 | matching_type = *p++; |
| 427 | /* What's left after removing the first 3 bytes above */ |
| 428 | payload_length = rr->size - 3; |
| 429 | sp += sprintf(CS s, "%d%c%d%c%d%c", usage, *outsep2, |
| 430 | selector, *outsep2, matching_type, *outsep2); |
| 431 | /* Now append the cert/identifier, one hex char at a time */ |
| 432 | while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4)) |
| 433 | sp += sprintf(CS sp, "%02x", *p++); |
| 434 | |
| 435 | yield = string_cat(yield, s); |
| 436 | } |
| 437 | else /* T_CNAME, T_CSA, T_MX, T_MXH, T_NS, T_PTR, T_SOA, T_SRV */ |
| 438 | { |
| 439 | int priority, weight, port; |
| 440 | uschar s[264]; |
| 441 | uschar * p = US rr->data; |
| 442 | |
| 443 | switch (type) |
| 444 | { |
| 445 | case T_MXH: |
| 446 | /* mxh ignores the priority number and includes only the hostnames */ |
| 447 | GETSHORT(priority, p); |
| 448 | break; |
| 449 | |
| 450 | case T_MX: |
| 451 | GETSHORT(priority, p); |
| 452 | sprintf(CS s, "%d%c", priority, *outsep2); |
| 453 | yield = string_cat(yield, s); |
| 454 | break; |
| 455 | |
| 456 | case T_SRV: |
| 457 | GETSHORT(priority, p); |
| 458 | GETSHORT(weight, p); |
| 459 | GETSHORT(port, p); |
| 460 | sprintf(CS s, "%d%c%d%c%d%c", priority, *outsep2, |
| 461 | weight, *outsep2, port, *outsep2); |
| 462 | yield = string_cat(yield, s); |
| 463 | break; |
| 464 | |
| 465 | case T_CSA: |
| 466 | /* See acl_verify_csa() for more comments about CSA. */ |
| 467 | GETSHORT(priority, p); |
| 468 | GETSHORT(weight, p); |
| 469 | GETSHORT(port, p); |
| 470 | |
| 471 | if (priority != 1) continue; /* CSA version must be 1 */ |
| 472 | |
| 473 | /* If the CSA record we found is not the one we asked for, analyse |
| 474 | the subdomain assertions in the port field, else analyse the direct |
| 475 | authorization status in the weight field. */ |
| 476 | |
| 477 | if (Ustrcmp(found, domain) != 0) |
| 478 | { |
| 479 | if (port & 1) *s = 'X'; /* explicit authorization required */ |
| 480 | else *s = '?'; /* no subdomain assertions here */ |
| 481 | } |
| 482 | else |
| 483 | { |
| 484 | if (weight < 2) *s = 'N'; /* not authorized */ |
| 485 | else if (weight == 2) *s = 'Y'; /* authorized */ |
| 486 | else if (weight == 3) *s = '?'; /* unauthorizable */ |
| 487 | else continue; /* invalid */ |
| 488 | } |
| 489 | |
| 490 | s[1] = ' '; |
| 491 | yield = string_catn(yield, s, 2); |
| 492 | break; |
| 493 | |
| 494 | default: |
| 495 | break; |
| 496 | } |
| 497 | |
| 498 | /* GETSHORT() has advanced the pointer to the target domain. */ |
| 499 | |
| 500 | rc = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, p, |
| 501 | (DN_EXPAND_ARG4_TYPE)s, sizeof(s)); |
| 502 | |
| 503 | /* If an overlong response was received, the data will have been |
| 504 | truncated and dn_expand may fail. */ |
| 505 | |
| 506 | if (rc < 0) |
| 507 | { |
| 508 | log_write(0, LOG_MAIN, "host name alias list truncated: type=%s " |
| 509 | "domain=%s", dns_text_type(type), domain); |
| 510 | break; |
| 511 | } |
| 512 | else yield = string_cat(yield, s); |
| 513 | |
| 514 | if (type == T_SOA && outsep2 != NULL) |
| 515 | { |
| 516 | unsigned long serial, refresh, retry, expire, minimum; |
| 517 | |
| 518 | p += rc; |
| 519 | yield = string_catn(yield, outsep2, 1); |
| 520 | |
| 521 | rc = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, p, |
| 522 | (DN_EXPAND_ARG4_TYPE)s, sizeof(s)); |
| 523 | if (rc < 0) |
| 524 | { |
| 525 | log_write(0, LOG_MAIN, "responsible-mailbox truncated: type=%s " |
| 526 | "domain=%s", dns_text_type(type), domain); |
| 527 | break; |
| 528 | } |
| 529 | else yield = string_cat(yield, s); |
| 530 | |
| 531 | p += rc; |
| 532 | GETLONG(serial, p); GETLONG(refresh, p); |
| 533 | GETLONG(retry, p); GETLONG(expire, p); GETLONG(minimum, p); |
| 534 | sprintf(CS s, "%c%lu%c%lu%c%lu%c%lu%c%lu", |
| 535 | *outsep2, serial, *outsep2, refresh, |
| 536 | *outsep2, retry, *outsep2, expire, *outsep2, minimum); |
| 537 | yield = string_cat(yield, s); |
| 538 | } |
| 539 | } |
| 540 | } /* Loop for list of returned records */ |
| 541 | |
| 542 | /* Loop for set of A-lookup types */ |
| 543 | } while (type == T_ADDRESSES && searchtype != T_A); |
| 544 | |
| 545 | } /* Loop for list of domains */ |
| 546 | |
| 547 | /* Reclaim unused memory */ |
| 548 | |
| 549 | gstring_release_unused(yield); |
| 550 | |
| 551 | /* If yield NULL we have not found anything. Otherwise, insert the terminating |
| 552 | zero and return the result. */ |
| 553 | |
| 554 | dns_retrans = save_retrans; |
| 555 | dns_retry = save_retry; |
| 556 | dns_init(FALSE, FALSE, FALSE); /* clear the dnssec bit for getaddrbyname */ |
| 557 | |
| 558 | if (!yield || !yield->ptr) return failrc; |
| 559 | |
| 560 | *result = string_from_gstring(yield); |
| 561 | return OK; |
| 562 | } |
| 563 | |
| 564 | |
| 565 | |
| 566 | /************************************************* |
| 567 | * Version reporting entry point * |
| 568 | *************************************************/ |
| 569 | |
| 570 | /* See local README for interface description. */ |
| 571 | |
| 572 | #include "../version.h" |
| 573 | |
| 574 | void |
| 575 | dnsdb_version_report(FILE *f) |
| 576 | { |
| 577 | #ifdef DYNLOOKUP |
| 578 | fprintf(f, "Library version: DNSDB: Exim version %s\n", EXIM_VERSION_STR); |
| 579 | #endif |
| 580 | } |
| 581 | |
| 582 | |
| 583 | static lookup_info _lookup_info = { |
| 584 | US"dnsdb", /* lookup name */ |
| 585 | lookup_querystyle, /* query style */ |
| 586 | dnsdb_open, /* open function */ |
| 587 | NULL, /* check function */ |
| 588 | dnsdb_find, /* find function */ |
| 589 | NULL, /* no close function */ |
| 590 | NULL, /* no tidy function */ |
| 591 | NULL, /* no quoting function */ |
| 592 | dnsdb_version_report /* version reporting */ |
| 593 | }; |
| 594 | |
| 595 | #ifdef DYNLOOKUP |
| 596 | #define dnsdb_lookup_module_info _lookup_module_info |
| 597 | #endif |
| 598 | |
| 599 | static lookup_info *_lookup_list[] = { &_lookup_info }; |
| 600 | lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; |
| 601 | |
| 602 | /* vi: aw ai sw=2 |
| 603 | */ |
| 604 | /* End of lookups/dnsdb.c */ |