projects / exim.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Make name= in control=submission swallow the rest of the string, thus
[exim.git] / src / src / dns.c
1 /* $Cambridge: exim/src/src/dns.c,v 1.11 2005/09/16 14:44:11 ph10 Exp $ */
2
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
6
7 /* Copyright (c) University of Cambridge 1995 - 2005 */
8 /* See the file NOTICE for conditions of use and distribution. */
9
10 /* Functions for interfacing with the DNS. */
11
12 #include "exim.h"
13
14
15 /* Function declaration needed for mutual recursion when A6 records
16 are supported. */
17
18 #if HAVE_IPV6
19 #ifdef SUPPORT_A6
20 static void dns_complete_a6(dns_address ***, dns_answer *, dns_record *,
21 int, uschar *);
22 #endif
23 #endif
24
25
26 /*************************************************
27 * Fake DNS resolver *
28 *************************************************/
29
30 /* This function is called instead of res_search() when Exim is running in its
31 test harness. It recognizes some special domain names, and uses them to force
32 failure and retry responses (optionally with a delay). It also recognises the
33 zones test.ex, 10.in-addr.arpa, and 0.8.e.f.ip6.arpa, and for those it calls an
34 external utility that mock-up a nameserver, if it can find the utility.
35 Otherwise, it passes its arguments on to res_search().
36
37 Background: the original test suite required a real nameserver to carry the
38 test zones, whereas the new test suit has the fake server for portability. This
39 code supports both.
40
41 Arguments:
42 domain the domain name
43 type the DNS record type
44 answerptr where to put the answer
45 size size of the answer area
46
47 Returns: length of returned data, or -1 on error (h_errno set)
48 */
49
50 static int
51 fakens_search(uschar *domain, int type, uschar *answerptr, int size)
52 {
53 int len = Ustrlen(domain);
54 uschar *endname;
55 uschar name[256];
56
57 if (domain[len - 1] == '.') len--;
58 Ustrncpy(name, domain, len);
59 name[len] = 0;
60 endname = name + len;
61
62 if (len >= 14 && Ustrcmp(endname - 14, "test.again.dns") == 0)
63 {
64 int delay = Uatoi(name); /* digits at the start of the name */
65 DEBUG(D_dns) debug_printf("Return from DNS lookup of %s (%s) faked for testing\n",
66 name, dns_text_type(type));
67 if (delay > 0)
68 {
69 DEBUG(D_dns) debug_printf("delaying %d seconds\n", delay);
70 sleep(delay);
71 }
72 h_errno = TRY_AGAIN;
73 return -1;
74 }
75
76 if (len >= 13 && Ustrcmp(endname - 13, "test.fail.dns") == 0)
77 {
78 DEBUG(D_dns) debug_printf("Return from DNS lookup of %s (%s) faked for testing\n",
79 name, dns_text_type(type));
80 h_errno = NO_RECOVERY;
81 return -1;
82 }
83
84 if (Ustrcmp(name, "test.ex") == 0 ||
85 (len > 8 && Ustrcmp(endname - 8, ".test.ex") == 0) ||
86 (len >= 16 && Ustrcmp(endname - 16, ".10.in-addr.arpa") == 0) ||
87 (len >= 17 && Ustrcmp(endname - 17, ".0.8.e.f.ip6.arpa") == 0))
88 {
89 uschar utilname[256];
90 struct stat statbuf;
91
92 (void)string_format(utilname, sizeof(utilname), "%s/../bin/fakens",
93 spool_directory);
94
95 if (stat(CS utilname, &statbuf) >= 0)
96 {
97 pid_t pid;
98 int infd, outfd, rc;
99 uschar *argv[5];
100
101 DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) using fakens\n",
102 name, dns_text_type(type));
103
104 argv[0] = utilname;
105 argv[1] = spool_directory;
106 argv[2] = name;
107 argv[3] = dns_text_type(type);
108 argv[4] = NULL;
109
110 pid = child_open(argv, NULL, 0000, &infd, &outfd, FALSE);
111 if (pid < 0)
112 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to run fakens: %s",
113 strerror(errno));
114
115 len = 0;
116 rc = -1;
117 while (size > 0 && (rc = read(outfd, answerptr, size)) > 0)
118 {
119 len += rc;
120 answerptr += rc;
121 size -= rc;
122 }
123
124 if (rc < 0)
125 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "read from fakens failed: %s",
126 strerror(errno));
127
128 switch(child_close(pid, 0))
129 {
130 case 0: return len;
131 case 1: h_errno = HOST_NOT_FOUND; break;
132 case 2: h_errno = TRY_AGAIN; break;
133 default:
134 case 3: h_errno = NO_RECOVERY; break;
135 case 4: h_errno = NO_DATA; break;
136 }
137 return -1;
138 }
139 }
140
141 /* Not test.ex or 10.in-addr.arpa, or fakens utility not found. */
142
143 DEBUG(D_dns) debug_printf("passing %s on to res_search\n", domain);
144
145 return res_search(CS domain, C_IN, type, answerptr, size);
146 }
147
148
149
150 /*************************************************
151 * Initialize and configure resolver *
152 *************************************************/
153
154 /* Initialize the resolver and the storage for holding DNS answers if this is
155 the first time we have been here, and set the resolver options.
156
157 Arguments:
158 qualify_single TRUE to set the RES_DEFNAMES option
159 search_parents TRUE to set the RES_DNSRCH option
160
161 Returns: nothing
162 */
163
164 void
165 dns_init(BOOL qualify_single, BOOL search_parents)
166 {
167 if ((_res.options & RES_INIT) == 0)
168 {
169 DEBUG(D_resolver) _res.options |= RES_DEBUG; /* For Cygwin */
170 res_init();
171 DEBUG(D_resolver) _res.options |= RES_DEBUG;
172 }
173
174 _res.options &= ~(RES_DNSRCH | RES_DEFNAMES);
175 _res.options |= (qualify_single? RES_DEFNAMES : 0) |
176 (search_parents? RES_DNSRCH : 0);
177 if (dns_retrans > 0) _res.retrans = dns_retrans;
178 if (dns_retry > 0) _res.retry = dns_retry;
179 }
180
181
182
183 /*************************************************
184 * Build key name for PTR records *
185 *************************************************/
186
187 /* This function inverts an IP address and adds the relevant domain, to produce
188 a name that can be used to look up PTR records.
189
190 Arguments:
191 string the IP address as a string
192 buffer a suitable buffer, long enough to hold the result
193
194 Returns: nothing
195 */
196
197 void
198 dns_build_reverse(uschar *string, uschar *buffer)
199 {
200 uschar *p = string + Ustrlen(string);
201 uschar *pp = buffer;
202
203 /* Handle IPv4 address */
204
205 #if HAVE_IPV6
206 if (Ustrchr(string, ':') == NULL)
207 #endif
208 {
209 int i;
210 for (i = 0; i < 4; i++)
211 {
212 uschar *ppp = p;
213 while (ppp > string && ppp[-1] != '.') ppp--;
214 Ustrncpy(pp, ppp, p - ppp);
215 pp += p - ppp;
216 *pp++ = '.';
217 p = ppp - 1;
218 }
219 Ustrcpy(pp, "in-addr.arpa");
220 }
221
222 /* Handle IPv6 address; convert to binary so as to fill out any
223 abbreviation in the textual form. */
224
225 #if HAVE_IPV6
226 else
227 {
228 int i;
229 int v6[4];
230 (void)host_aton(string, v6);
231
232 /* The original specification for IPv6 reverse lookup was to invert each
233 nibble, and look in the ip6.int domain. The domain was subsequently
234 changed to ip6.arpa. */
235
236 for (i = 3; i >= 0; i--)
237 {
238 int j;
239 for (j = 0; j < 32; j += 4)
240 {
241 sprintf(CS pp, "%x.", (v6[i] >> j) & 15);
242 pp += 2;
243 }
244 }
245 Ustrcpy(pp, "ip6.arpa.");
246
247 /* Another way of doing IPv6 reverse lookups was proposed in conjunction
248 with A6 records. However, it fell out of favour when they did. The
249 alternative was to construct a binary key, and look in ip6.arpa. I tried
250 to make this code do that, but I could not make it work on Solaris 8. The
251 resolver seems to lose the initial backslash somehow. However, now that
252 this style of reverse lookup has been dropped, it doesn't matter. These
253 lines are left here purely for historical interest. */
254
255 /**************************************************
256 Ustrcpy(pp, "\\[x");
257 pp += 3;
258
259 for (i = 0; i < 4; i++)
260 {
261 sprintf(pp, "%08X", v6[i]);
262 pp += 8;
263 }
264 Ustrcpy(pp, "].ip6.arpa.");
265 **************************************************/
266
267 }
268 #endif
269 }
270
271
272
273
274 /*************************************************
275 * Get next DNS record from answer block *
276 *************************************************/
277
278 /* Call this with reset == RESET_ANSWERS to scan the answer block, reset ==
279 RESET_AUTHORITY to scan the authority records, reset == RESET_ADDITIONAL to
280 scan the additional records, and reset == RESET_NEXT to get the next record.
281 The result is in static storage which must be copied if it is to be preserved.
282
283 Arguments:
284 dnsa pointer to dns answer block
285 dnss pointer to dns scan block
286 reset option specifing what portion to scan, as described above
287
288 Returns: next dns record, or NULL when no more
289 */
290
291 dns_record *
292 dns_next_rr(dns_answer *dnsa, dns_scan *dnss, int reset)
293 {
294 HEADER *h = (HEADER *)dnsa->answer;
295 int namelen;
296
297 /* Reset the saved data when requested to, and skip to the first required RR */
298
299 if (reset != RESET_NEXT)
300 {
301 dnss->rrcount = ntohs(h->qdcount);
302 dnss->aptr = dnsa->answer + sizeof(HEADER);
303
304 /* Skip over questions; failure to expand the name just gives up */
305
306 while (dnss->rrcount-- > 0)
307 {
308 namelen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
309 dnss->aptr, (DN_EXPAND_ARG4_TYPE) &(dnss->srr.name), DNS_MAXNAME);
310 if (namelen < 0) { dnss->rrcount = 0; return NULL; }
311 dnss->aptr += namelen + 4; /* skip name & type & class */
312 }
313
314 /* Get the number of answer records. */
315
316 dnss->rrcount = ntohs(h->ancount);
317
318 /* Skip over answers if we want to look at the authority section. Also skip
319 the NS records (i.e. authority section) if wanting to look at the additional
320 records. */
321
322 if (reset == RESET_ADDITIONAL) dnss->rrcount += ntohs(h->nscount);
323
324 if (reset == RESET_AUTHORITY || reset == RESET_ADDITIONAL)
325 {
326 while (dnss->rrcount-- > 0)
327 {
328 namelen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
329 dnss->aptr, (DN_EXPAND_ARG4_TYPE) &(dnss->srr.name), DNS_MAXNAME);
330 if (namelen < 0) { dnss->rrcount = 0; return NULL; }
331 dnss->aptr += namelen + 8; /* skip name, type, class & TTL */
332 GETSHORT(dnss->srr.size, dnss->aptr); /* size of data portion */
333 dnss->aptr += dnss->srr.size; /* skip over it */
334 }
335 dnss->rrcount = (reset == RESET_AUTHORITY)
336 ? ntohs(h->nscount) : ntohs(h->arcount);
337 }
338 }
339
340 /* The variable dnss->aptr is now pointing at the next RR, and dnss->rrcount
341 contains the number of RR records left. */
342
343 if (dnss->rrcount-- <= 0) return NULL;
344
345 /* If expanding the RR domain name fails, behave as if no more records
346 (something safe). */
347
348 namelen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, dnss->aptr,
349 (DN_EXPAND_ARG4_TYPE) &(dnss->srr.name), DNS_MAXNAME);
350 if (namelen < 0) { dnss->rrcount = 0; return NULL; }
351
352 /* Move the pointer past the name and fill in the rest of the data structure
353 from the following bytes. */
354
355 dnss->aptr += namelen;
356 GETSHORT(dnss->srr.type, dnss->aptr); /* Record type */
357 dnss->aptr += 6; /* Don't want class or TTL */
358 GETSHORT(dnss->srr.size, dnss->aptr); /* Size of data portion */
359 dnss->srr.data = dnss->aptr; /* The record's data follows */
360 dnss->aptr += dnss->srr.size; /* Advance to next RR */
361
362 /* Return a pointer to the dns_record structure within the dns_answer. This is
363 for convenience so that the scans can use nice-looking for loops. */
364
365 return &(dnss->srr);
366 }
367
368
369
370
371 /*************************************************
372 * Turn DNS type into text *
373 *************************************************/
374
375 /* Turn the coded record type into a string for printing. All those that Exim
376 uses should be included here.
377
378 Argument: record type
379 Returns: pointer to string
380 */
381
382 uschar *
383 dns_text_type(int t)
384 {
385 switch(t)
386 {
387 case T_A: return US"A";
388 case T_MX: return US"MX";
389 case T_AAAA: return US"AAAA";
390 case T_A6: return US"A6";
391 case T_TXT: return US"TXT";
392 case T_PTR: return US"PTR";
393 case T_SOA: return US"SOA";
394 case T_SRV: return US"SRV";
395 case T_NS: return US"NS";
396 case T_CNAME: return US"CNAME";
397 default: return US"?";
398 }
399 }
400
401
402
403 /*************************************************
404 * Cache a failed DNS lookup result *
405 *************************************************/
406
407 /* We cache failed lookup results so as not to experience timeouts many
408 times for the same domain. We need to retain the resolver options because they
409 may change. For successful lookups, we rely on resolver and/or name server
410 caching.
411
412 Arguments:
413 name the domain name
414 type the lookup type
415 rc the return code
416
417 Returns: the return code
418 */
419
420 static int
421 dns_return(uschar *name, int type, int rc)
422 {
423 tree_node *node = store_get_perm(sizeof(tree_node) + 290);
424 sprintf(CS node->name, "%.255s-%s-%lx", name, dns_text_type(type),
425 _res.options);
426 node->data.val = rc;
427 (void)tree_insertnode(&tree_dns_fails, node);
428 return rc;
429 }
430
431
432
433 /*************************************************
434 * Do basic DNS lookup *
435 *************************************************/
436
437 /* Call the resolver to look up the given domain name, using the given type,
438 and check the result. The error code TRY_AGAIN is documented as meaning "non-
439 Authoritive Host not found, or SERVERFAIL". Sometimes there are badly set
440 up nameservers that produce this error continually, so there is the option of
441 providing a list of domains for which this is treated as a non-existent
442 host.
443
444 Arguments:
445 dnsa pointer to dns_answer structure
446 name name to look up
447 type type of DNS record required (T_A, T_MX, etc)
448
449 Returns: DNS_SUCCEED successful lookup
450 DNS_NOMATCH name not found (NXDOMAIN)
451 or name contains illegal characters (if checking)
452 DNS_NODATA domain exists, but no data for this type (NODATA)
453 DNS_AGAIN soft failure, try again later
454 DNS_FAIL DNS failure
455 */
456
457 int
458 dns_basic_lookup(dns_answer *dnsa, uschar *name, int type)
459 {
460 int rc = -1;
461 #ifndef STAND_ALONE
462 uschar *save;
463 #endif
464
465 tree_node *previous;
466 uschar node_name[290];
467
468 /* DNS lookup failures of any kind are cached in a tree. This is mainly so that
469 a timeout on one domain doesn't happen time and time again for messages that
470 have many addresses in the same domain. We rely on the resolver and name server
471 caching for successful lookups. */
472
473 sprintf(CS node_name, "%.255s-%s-%lx", name, dns_text_type(type),
474 _res.options);
475 previous = tree_search(tree_dns_fails, node_name);
476 if (previous != NULL)
477 {
478 DEBUG(D_dns) debug_printf("DNS lookup of %.255s-%s: using cached value %s\n",
479 name, dns_text_type(type),
480 (previous->data.val == DNS_NOMATCH)? "DNS_NOMATCH" :
481 (previous->data.val == DNS_NODATA)? "DNS_NODATA" :
482 (previous->data.val == DNS_AGAIN)? "DNS_AGAIN" :
483 (previous->data.val == DNS_FAIL)? "DNS_FAIL" : "??");
484 return previous->data.val;
485 }
486
487 /* If configured, check the hygene of the name passed to lookup. Otherwise,
488 although DNS lookups may give REFUSED at the lower level, some resolvers
489 turn this into TRY_AGAIN, which is silly. Give a NOMATCH return, since such
490 domains cannot be in the DNS. The check is now done by a regular expression;
491 give it space for substring storage to save it having to get its own if the
492 regex has substrings that are used - the default uses a conditional.
493
494 This test is omitted for PTR records. These occur only in calls from the dnsdb
495 lookup, which constructs the names itself, so they should be OK. Besides,
496 bitstring labels don't conform to normal name syntax. (But the aren't used any
497 more.)
498
499 For SRV records, we omit the initial _smtp._tcp. components at the start. */
500
501 #ifndef STAND_ALONE /* Omit this for stand-alone tests */
502
503 if (check_dns_names_pattern[0] != 0 && type != T_PTR)
504 {
505 uschar *checkname = name;
506 int ovector[3*(EXPAND_MAXN+1)];
507
508 if (regex_check_dns_names == NULL)
509 regex_check_dns_names =
510 regex_must_compile(check_dns_names_pattern, FALSE, TRUE);
511
512 /* For an SRV lookup, skip over the first two components (the service and
513 protocol names, which both start with an underscore). */
514
515 if (type == T_SRV)
516 {
517 while (*checkname++ != '.');
518 while (*checkname++ != '.');
519 }
520
521 if (pcre_exec(regex_check_dns_names, NULL, CS checkname, Ustrlen(checkname),
522 0, PCRE_EOPT, ovector, sizeof(ovector)/sizeof(int)) < 0)
523 {
524 DEBUG(D_dns)
525 debug_printf("DNS name syntax check failed: %s (%s)\n", name,
526 dns_text_type(type));
527 host_find_failed_syntax = TRUE;
528 return DNS_NOMATCH;
529 }
530 }
531
532 #endif /* STAND_ALONE */
533
534 /* Call the resolver; for an overlong response, res_search() will return the
535 number of bytes the message would need, so we need to check for this case. The
536 effect is to truncate overlong data.
537
538 If we are running in the test harness, instead of calling the normal resolver
539 (res_search), we call fakens_search(), which recognizes certain special
540 domains, and interfaces to a fake nameserver for certain special zones. */
541
542 if (running_in_test_harness)
543 dnsa->answerlen = fakens_search(name, type, dnsa->answer, MAXPACKET);
544 else
545 dnsa->answerlen = res_search(CS name, C_IN, type, dnsa->answer, MAXPACKET);
546
547 if (dnsa->answerlen > MAXPACKET) dnsa->answerlen = MAXPACKET;
548
549 if (dnsa->answerlen < 0) switch (h_errno)
550 {
551 case HOST_NOT_FOUND:
552 DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave HOST_NOT_FOUND\n"
553 "returning DNS_NOMATCH\n", name, dns_text_type(type));
554 return dns_return(name, type, DNS_NOMATCH);
555
556 case TRY_AGAIN:
557 DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave TRY_AGAIN\n",
558 name, dns_text_type(type));
559
560 /* Cut this out for various test programs */
561 #ifndef STAND_ALONE
562 save = deliver_domain;
563 deliver_domain = name; /* set $domain */
564 rc = match_isinlist(name, &dns_again_means_nonexist, 0, NULL, NULL,
565 MCL_DOMAIN, TRUE, NULL);
566 deliver_domain = save;
567 if (rc != OK)
568 {
569 DEBUG(D_dns) debug_printf("returning DNS_AGAIN\n");
570 return dns_return(name, type, DNS_AGAIN);
571 }
572 DEBUG(D_dns) debug_printf("%s is in dns_again_means_nonexist: returning "
573 "DNS_NOMATCH\n", name);
574 return dns_return(name, type, DNS_NOMATCH);
575
576 #else /* For stand-alone tests */
577 return dns_return(name, type, DNS_AGAIN);
578 #endif
579
580 case NO_RECOVERY:
581 DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave NO_RECOVERY\n"
582 "returning DNS_FAIL\n", name, dns_text_type(type));
583 return dns_return(name, type, DNS_FAIL);
584
585 case NO_DATA:
586 DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave NO_DATA\n"
587 "returning DNS_NODATA\n", name, dns_text_type(type));
588 return dns_return(name, type, DNS_NODATA);
589
590 default:
591 DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave unknown DNS error %d\n"
592 "returning DNS_FAIL\n", name, dns_text_type(type), h_errno);
593 return dns_return(name, type, DNS_FAIL);
594 }
595
596 DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) succeeded\n",
597 name, dns_text_type(type));
598
599 return DNS_SUCCEED;
600 }
601
602
603
604
605 /************************************************
606 * Do a DNS lookup and handle CNAMES *
607 ************************************************/
608
609 /* Look up the given domain name, using the given type. Follow CNAMEs if
610 necessary, but only so many times. There aren't supposed to be CNAME chains in
611 the DNS, but you are supposed to cope with them if you find them.
612
613 The assumption is made that if the resolver gives back records of the
614 requested type *and* a CNAME, we don't need to make another call to look up
615 the CNAME. I can't see how it could return only some of the right records. If
616 it's done a CNAME lookup in the past, it will have all of them; if not, it
617 won't return any.
618
619 If fully_qualified_name is not NULL, set it to point to the full name
620 returned by the resolver, if this is different to what it is given, unless
621 the returned name starts with "*" as some nameservers seem to be returning
622 wildcards in this form.
623
624 Arguments:
625 dnsa pointer to dns_answer structure
626 name domain name to look up
627 type DNS record type (T_A, T_MX, etc)
628 fully_qualified_name if not NULL, return the returned name here if its
629 contents are different (i.e. it must be preset)
630
631 Returns: DNS_SUCCEED successful lookup
632 DNS_NOMATCH name not found
633 DNS_NODATA no data found
634 DNS_AGAIN soft failure, try again later
635 DNS_FAIL DNS failure
636 */
637
638 int
639 dns_lookup(dns_answer *dnsa, uschar *name, int type, uschar **fully_qualified_name)
640 {
641 int i;
642 uschar *orig_name = name;
643
644 /* Loop to follow CNAME chains so far, but no further... */
645
646 for (i = 0; i < 10; i++)
647 {
648 uschar data[256];
649 dns_record *rr, cname_rr, type_rr;
650 dns_scan dnss;
651 int datalen, rc;
652
653 /* DNS lookup failures get passed straight back. */
654
655 if ((rc = dns_basic_lookup(dnsa, name, type)) != DNS_SUCCEED) return rc;
656
657 /* We should have either records of the required type, or a CNAME record,
658 or both. We need to know whether both exist for getting the fully qualified
659 name, but avoid scanning more than necessary. Note that we must copy the
660 contents of any rr blocks returned by dns_next_rr() as they use the same
661 area in the dnsa block. */
662
663 cname_rr.data = type_rr.data = NULL;
664 for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
665 rr != NULL;
666 rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
667 {
668 if (rr->type == type)
669 {
670 if (type_rr.data == NULL) type_rr = *rr;
671 if (cname_rr.data != NULL) break;
672 }
673 else if (rr->type == T_CNAME) cname_rr = *rr;
674 }
675
676 /* If a CNAME was found, take the fully qualified name from it; otherwise
677 from the first data record, if present. For testing, there is a magic name
678 that gets its casing adjusted, because my resolver doesn't seem to pass back
679 upper case letters in domain names. */
680
681 if (fully_qualified_name != NULL)
682 {
683 if (cname_rr.data != NULL)
684 {
685 if (Ustrcmp(cname_rr.name, *fully_qualified_name) != 0 &&
686 cname_rr.name[0] != '*')
687 *fully_qualified_name = string_copy_dnsdomain(cname_rr.name);
688 }
689 else if (type_rr.data != NULL)
690 {
691 if (running_in_test_harness &&
692 Ustrcmp(type_rr.name, "uppercase.test.ex") == 0)
693 *fully_qualified_name = US"UpperCase.test.ex";
694 else
695 {
696 if (Ustrcmp(type_rr.name, *fully_qualified_name) != 0 &&
697 type_rr.name[0] != '*')
698 *fully_qualified_name = string_copy_dnsdomain(type_rr.name);
699 }
700 }
701 }
702
703 /* If any data records of the correct type were found, we are done. */
704
705 if (type_rr.data != NULL) return DNS_SUCCEED;
706
707 /* If there are no data records, we need to re-scan the DNS using the
708 domain given in the CNAME record, which should exist (otherwise we should
709 have had a failure from dns_lookup). However code against the possibility of
710 its not existing. */
711
712 if (cname_rr.data == NULL) return DNS_FAIL;
713 datalen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
714 cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, 256);
715 if (datalen < 0) return DNS_FAIL;
716 name = data;
717 } /* Loop back to do another lookup */
718
719 /*Control reaches here after 10 times round the CNAME loop. Something isn't
720 right... */
721
722 log_write(0, LOG_MAIN, "CNAME loop for %s encountered", orig_name);
723 return DNS_FAIL;
724 }
725
726
727
728
729
730
731 /************************************************
732 * Do a DNS lookup and handle virtual types *
733 ************************************************/
734
735 /* This function handles some invented "lookup types" that synthesize feature
736 not available in the basic types. The special types all have negative values.
737 Positive type values are passed straight on to dns_lookup().
738
739 Arguments:
740 dnsa pointer to dns_answer structure
741 name domain name to look up
742 type DNS record type (T_A, T_MX, etc or a "special")
743 fully_qualified_name if not NULL, return the returned name here if its
744 contents are different (i.e. it must be preset)
745
746 Returns: DNS_SUCCEED successful lookup
747 DNS_NOMATCH name not found
748 DNS_NODATA no data found
749 DNS_AGAIN soft failure, try again later
750 DNS_FAIL DNS failure
751 */
752
753 int
754 dns_special_lookup(dns_answer *dnsa, uschar *name, int type,
755 uschar **fully_qualified_name)
756 {
757 if (type >= 0) return dns_lookup(dnsa, name, type, fully_qualified_name);
758
759 /* The "mx hosts only" type doesn't require any special action here */
760
761 if (type == T_MXH) return dns_lookup(dnsa, name, T_MX, fully_qualified_name);
762
763 /* Find nameservers for the domain or the nearest enclosing zone, excluding the
764 root servers. */
765
766 if (type == T_ZNS)
767 {
768 uschar *d = name;
769 while (d != 0)
770 {
771 int rc = dns_lookup(dnsa, d, T_NS, fully_qualified_name);
772 if (rc != DNS_NOMATCH && rc != DNS_NODATA) return rc;
773 while (*d != 0 && *d != '.') d++;
774 if (*d++ == 0) break;
775 }
776 return DNS_NOMATCH;
777 }
778
779 /* Try to look up the Client SMTP Authorization SRV record for the name. If
780 there isn't one, search from the top downwards for a CSA record in a parent
781 domain, which might be making assertions about subdomains. If we find a record
782 we set fully_qualified_name to whichever lookup succeeded, so that the caller
783 can tell whether to look at the explicit authorization field or the subdomain
784 assertion field. */
785
786 if (type == T_CSA)
787 {
788 uschar *srvname, *namesuff, *tld, *p;
789 int priority, weight, port;
790 int limit, rc, i;
791 BOOL ipv6;
792 dns_record *rr;
793 dns_scan dnss;
794
795 DEBUG(D_dns) debug_printf("CSA lookup of %s\n", name);
796
797 srvname = string_sprintf("_client._smtp.%s", name);
798 rc = dns_lookup(dnsa, srvname, T_SRV, NULL);
799 if (rc == DNS_SUCCEED || rc == DNS_AGAIN)
800 {
801 if (rc == DNS_SUCCEED) *fully_qualified_name = name;
802 return rc;
803 }
804
805 /* Search for CSA subdomain assertion SRV records from the top downwards,
806 starting with the 2nd level domain. This order maximizes cache-friendliness.
807 We skip the top level domains to avoid loading their nameservers and because
808 we know they'll never have CSA SRV records. */
809
810 namesuff = Ustrrchr(name, '.');
811 if (namesuff == NULL) return DNS_NOMATCH;
812 tld = namesuff + 1;
813 ipv6 = FALSE;
814 limit = dns_csa_search_limit;
815
816 /* Use more appropriate search parameters if we are in the reverse DNS. */
817
818 if (strcmpic(namesuff, US".arpa") == 0)
819 {
820 if (namesuff - 8 > name && strcmpic(namesuff - 8, US".in-addr.arpa") == 0)
821 {
822 namesuff -= 8;
823 tld = namesuff + 1;
824 limit = 3;
825 }
826 else if (namesuff - 4 > name && strcmpic(namesuff - 4, US".ip6.arpa") == 0)
827 {
828 namesuff -= 4;
829 tld = namesuff + 1;
830 ipv6 = TRUE;
831 limit = 3;
832 }
833 }
834
835 DEBUG(D_dns) debug_printf("CSA TLD %s\n", tld);
836
837 /* Do not perform the search if the top level or 2nd level domains do not
838 exist. This is quite common, and when it occurs all the search queries would
839 go to the root or TLD name servers, which is not friendly. So we check the
840 AUTHORITY section; if it contains the root's SOA record or the TLD's SOA then
841 the TLD or the 2LD (respectively) doesn't exist and we can skip the search.
842 If the TLD and the 2LD exist but the explicit CSA record lookup failed, then
843 the AUTHORITY SOA will be the 2LD's or a subdomain thereof. */
844
845 if (rc == DNS_NOMATCH)
846 {
847 /* This is really gross. The successful return value from res_search() is
848 the packet length, which is stored in dnsa->answerlen. If we get a
849 negative DNS reply then res_search() returns -1, which causes the bounds
850 checks for name decompression to fail when it is treated as a packet
851 length, which in turn causes the authority search to fail. The correct
852 packet length has been lost inside libresolv, so we have to guess a
853 replacement value. (The only way to fix this properly would be to
854 re-implement res_search() and res_query() so that they don't muddle their
855 success and packet length return values.) For added safety we only reset
856 the packet length if the packet header looks plausible. */
857
858 HEADER *h = (HEADER *)dnsa->answer;
859 if (h->qr == 1 && h->opcode == QUERY && h->tc == 0
860 && (h->rcode == NOERROR || h->rcode == NXDOMAIN)
861 && ntohs(h->qdcount) == 1 && ntohs(h->ancount) == 0
862 && ntohs(h->nscount) >= 1)
863 dnsa->answerlen = MAXPACKET;
864
865 for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
866 rr != NULL;
867 rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
868 if (rr->type != T_SOA) continue;
869 else if (strcmpic(rr->name, US"") == 0 ||
870 strcmpic(rr->name, tld) == 0) return DNS_NOMATCH;
871 else break;
872 }
873
874 for (i = 0; i < limit; i++)
875 {
876 if (ipv6)
877 {
878 /* Scan through the IPv6 reverse DNS in chunks of 16 bits worth of IP
879 address, i.e. 4 hex chars and 4 dots, i.e. 8 chars. */
880 namesuff -= 8;
881 if (namesuff <= name) return DNS_NOMATCH;
882 }
883 else
884 /* Find the start of the preceding domain name label. */
885 do
886 if (--namesuff <= name) return DNS_NOMATCH;
887 while (*namesuff != '.');
888
889 DEBUG(D_dns) debug_printf("CSA parent search at %s\n", namesuff + 1);
890
891 srvname = string_sprintf("_client._smtp.%s", namesuff + 1);
892 rc = dns_lookup(dnsa, srvname, T_SRV, NULL);
893 if (rc == DNS_AGAIN) return rc;
894 if (rc != DNS_SUCCEED) continue;
895
896 /* Check that the SRV record we have found is worth returning. We don't
897 just return the first one we find, because some lower level SRV record
898 might make stricter assertions than its parent domain. */
899
900 for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
901 rr != NULL;
902 rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
903 {
904 if (rr->type != T_SRV) continue;
905
906 /* Extract the numerical SRV fields (p is incremented) */
907 p = rr->data;
908 GETSHORT(priority, p);
909 GETSHORT(weight, p);
910 GETSHORT(port, p);
911
912 /* Check the CSA version number */
913 if (priority != 1) continue;
914
915 /* If it's making an interesting assertion, return this response. */
916 if (port & 1)
917 {
918 *fully_qualified_name = namesuff + 1;
919 return DNS_SUCCEED;
920 }
921 }
922 }
923 return DNS_NOMATCH;
924 }
925
926 /* Control should never reach here */
927
928 return DNS_FAIL;
929 }
930
931
932
933 /* Support for A6 records has been commented out since they were demoted to
934 experimental status at IETF 51. */
935
936 #if HAVE_IPV6 && defined(SUPPORT_A6)
937
938 /*************************************************
939 * Search DNS block for prefix RRs *
940 *************************************************/
941
942 /* Called from dns_complete_a6() to search an additional section or a main
943 answer section for required prefix records to complete an IPv6 address obtained
944 from an A6 record. For each prefix record, a recursive call to dns_complete_a6
945 is made, with a new copy of the address so far.
946
947 Arguments:
948 dnsa the DNS answer block
949 which RESET_ADDITIONAL or RESET_ANSWERS
950 name name of prefix record
951 yptrptr pointer to the pointer that points to where to hang the next
952 dns_address structure
953 bits number of bits we have already got
954 bitvec the bits we have already got
955
956 Returns: TRUE if any records were found
957 */
958
959 static BOOL
960 dns_find_prefix(dns_answer *dnsa, int which, uschar *name, dns_address
961 ***yptrptr, int bits, uschar *bitvec)
962 {
963 BOOL yield = FALSE;
964 dns_record *rr;
965 dns_scan dnss;
966
967 for (rr = dns_next_rr(dnsa, &dnss, which);
968 rr != NULL;
969 rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
970 {
971 uschar cbitvec[16];
972 if (rr->type != T_A6 || strcmpic(rr->name, name) != 0) continue;
973 yield = TRUE;
974 memcpy(cbitvec, bitvec, sizeof(cbitvec));
975 dns_complete_a6(yptrptr, dnsa, rr, bits, cbitvec);
976 }
977
978 return yield;
979 }
980
981
982
983 /*************************************************
984 * Follow chains of A6 records *
985 *************************************************/
986
987 /* A6 records may be incomplete, with pointers to other records containing more
988 bits of the address. There can be a tree structure, leading to a number of
989 addresses originating from a single initial A6 record.
990
991 Arguments:
992 yptrptr pointer to the pointer that points to where to hang the next
993 dns_address structure
994 dnsa the current DNS answer block
995 rr the RR we have at present
996 bits number of bits we have already got
997 bitvec the bits we have already got
998
999 Returns: nothing
1000 */
1001
1002 static void
1003 dns_complete_a6(dns_address ***yptrptr, dns_answer *dnsa, dns_record *rr,
1004 int bits, uschar *bitvec)
1005 {
1006 static uschar bitmask[] = { 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 };
1007 uschar *p = (uschar *)(rr->data);
1008 int prefix_len, suffix_len;
1009 int i, j, k;
1010 uschar *chainptr;
1011 uschar chain[264];
1012 dns_answer cdnsa;
1013
1014 /* The prefix length is the first byte. It defines the prefix which is missing
1015 from the data in this record as a number of bits. Zero means this is the end of
1016 a chain. The suffix is the data in this record; only sufficient bytes to hold
1017 it are supplied. There may be zero bytes. We have to ignore trailing bits that
1018 we have already obtained from earlier RRs in the chain. */
1019
1020 prefix_len = *p++; /* bits */
1021 suffix_len = (128 - prefix_len + 7)/8; /* bytes */
1022
1023 /* If the prefix in this record is greater than the prefix in the previous
1024 record in the chain, we have to ignore the record (RFC 2874). */
1025
1026 if (prefix_len > 128 - bits) return;
1027
1028 /* In this little loop, the number of bits up to and including the current byte
1029 is held in k. If we have none of the bits in this byte, we can just or it into
1030 the current data. If we have all of the bits in this byte, we skip it.
1031 Otherwise, some masking has to be done. */
1032
1033 for (i = suffix_len - 1, j = 15, k = 8; i >= 0; i--)
1034 {
1035 int required = k - bits;
1036 if (required >= 8) bitvec[j] |= p[i];
1037 else if (required > 0) bitvec[j] |= p[i] & bitmask[required];
1038 j--; /* I tried putting these in the "for" statement, but gcc muttered */
1039 k += 8; /* about computed values not being used. */
1040 }
1041
1042 /* If the prefix_length is zero, we are at the end of a chain. Build a
1043 dns_address item with the current data, hang it onto the end of the chain,
1044 adjust the hanging pointer, and we are done. */
1045
1046 if (prefix_len == 0)
1047 {
1048 dns_address *new = store_get(sizeof(dns_address) + 50);
1049 inet_ntop(AF_INET6, bitvec, CS new->address, 50);
1050 new->next = NULL;
1051 **yptrptr = new;
1052 *yptrptr = &(new->next);
1053 return;
1054 }
1055
1056 /* Prefix length is not zero. Reset the number of bits that we have collected
1057 so far, and extract the chain name. */
1058
1059 bits = 128 - prefix_len;
1060 p += suffix_len;
1061
1062 chainptr = chain;
1063 while ((i = *p++) != 0)
1064 {
1065 if (chainptr != chain) *chainptr++ = '.';
1066 memcpy(chainptr, p, i);
1067 chainptr += i;
1068 p += i;
1069 }
1070 *chainptr = 0;
1071 chainptr = chain;
1072
1073 /* Now scan the current DNS response record to see if the additional section
1074 contains the records we want. This processing can be cut out for testing
1075 purposes. */
1076
1077 if (dns_find_prefix(dnsa, RESET_ADDITIONAL, chainptr, yptrptr, bits, bitvec))
1078 return;
1079
1080 /* No chain records were found in the current DNS response block. Do a new DNS
1081 lookup to try to find these records. This opens up the possibility of DNS
1082 failures. We ignore them at this point; if all branches of the tree fail, there
1083 will be no addresses at the end. */
1084
1085 if (dns_lookup(&cdnsa, chainptr, T_A6, NULL) == DNS_SUCCEED)
1086 (void)dns_find_prefix(&cdnsa, RESET_ANSWERS, chainptr, yptrptr, bits, bitvec);
1087 }
1088 #endif /* HAVE_IPV6 && defined(SUPPORT_A6) */
1089
1090
1091
1092
1093 /*************************************************
1094 * Get address(es) from DNS record *
1095 *************************************************/
1096
1097 /* The record type is either T_A for an IPv4 address or T_AAAA (or T_A6 when
1098 supported) for an IPv6 address. In the A6 case, there may be several addresses,
1099 generated by following chains. A recursive function does all the hard work. A6
1100 records now look like passing into history, so the code is only included when
1101 explicitly asked for.
1102
1103 Argument:
1104 dnsa the DNS answer block
1105 rr the RR
1106
1107 Returns: pointer a chain of dns_address items
1108 */
1109
1110 dns_address *
1111 dns_address_from_rr(dns_answer *dnsa, dns_record *rr)
1112 {
1113 dns_address *yield = NULL;
1114
1115 #if HAVE_IPV6 && defined(SUPPORT_A6)
1116 dns_address **yieldptr = &yield;
1117 uschar bitvec[16];
1118 #else
1119 dnsa = dnsa; /* Stop picky compilers warning */
1120 #endif
1121
1122 if (rr->type == T_A)
1123 {
1124 uschar *p = (uschar *)(rr->data);
1125 yield = store_get(sizeof(dns_address) + 20);
1126 (void)sprintf(CS yield->address, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
1127 yield->next = NULL;
1128 }
1129
1130 #if HAVE_IPV6
1131
1132 #ifdef SUPPORT_A6
1133 else if (rr->type == T_A6)
1134 {
1135 memset(bitvec, 0, sizeof(bitvec));
1136 dns_complete_a6(&yieldptr, dnsa, rr, 0, bitvec);
1137 }
1138 #endif /* SUPPORT_A6 */
1139
1140 else
1141 {
1142 yield = store_get(sizeof(dns_address) + 50);
1143 inet_ntop(AF_INET6, (uschar *)(rr->data), CS yield->address, 50);
1144 yield->next = NULL;
1145 }
1146 #endif /* HAVE_IPV6 */
1147
1148 return yield;
1149 }
1150
1151 /* End of dns.c */
Unnamed repository; edit this file 'description' to name the repository.