Add compile-time guard against BDB library version 6

[exim.git] / src / src / spf.c

diff --git a/src/src/spf.c b/src/src/spf.c
index 0d2316e2e88064ce2f284dc532e4e5c3e7e29288..c4c5ef7612030cd754c731661a8120270528c1ac 100644 (file)
--- a/src/src/spf.c
+++ b/src/src/spf.c
@@ -1,12 +1,12 @@
-/* $Cambridge: exim/src/src/spf.c,v 1.7 2007/05/17 19:55:10 tom Exp $ */
-
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
 /* Experimental SPF support.
-   Copyright (c) Tom Kistner <tom@duncanthrax.net> 2004
-   License: GPL */
+   Copyright (c) Tom Kistner <tom@duncanthrax.net> 2004 - 2014
+   License: GPL
+   Copyright (c) The Exim Maintainers 2017
+*/
 
 /* Code for calling spf checks via libspf-alt. Called from acl.c. */
 
@@ -15,14 +15,17 @@
 
 /* must be kept in numeric order */
 static spf_result_id spf_result_id_list[] = {
-  { US"invalid", 0},
-  { US"neutral", 1 },
-  { US"pass", 2 },
-  { US"fail", 3 },
-  { US"softfail", 4 },
-  { US"none", 5 },
-  { US"err_temp", 6 },
-  { US"err_perm", 7 }
+  /* name              value */
+  { US"invalid",       0},
+  { US"neutral",       1 },
+  { US"pass",          2 },
+  { US"fail",          3 },
+  { US"softfail",      4 },
+  { US"none",          5 },
+  { US"err_temp",      6 },  /* Deprecated Apr 2014 */
+  { US"err_perm",      7 },  /* Deprecated Apr 2014 */
+  { US"temperror",     6 }, /* RFC 4408 defined */
+  { US"permerror",     7 }  /* RFC 4408 defined */
 };
 
 SPF_server_t    *spf_server = NULL;
@@ -43,23 +46,24 @@ int spf_init(uschar *spf_helo_domain, uschar *spf_remote_addr) {
     return 0;
   }
 
-  if (SPF_server_set_rec_dom(spf_server, primary_hostname)) {
-    debug_printf("spf: SPF_server_set_rec_dom() failed.\n");
+  if (SPF_server_set_rec_dom(spf_server, CS primary_hostname)) {
+    debug_printf("spf: SPF_server_set_rec_dom(\"%s\") failed.\n", primary_hostname);
     spf_server = NULL;
     return 0;
   }
 
   spf_request = SPF_request_new(spf_server);
 
-  if (SPF_request_set_ipv4_str(spf_request, spf_remote_addr)) {
-    debug_printf("spf: SPF_request_set_ipv4_str() failed.\n");
+  if (SPF_request_set_ipv4_str(spf_request, CS spf_remote_addr)
+      && SPF_request_set_ipv6_str(spf_request, CS spf_remote_addr)) {
+    debug_printf("spf: SPF_request_set_ipv4_str() and SPF_request_set_ipv6_str() failed [%s]\n", spf_remote_addr);
     spf_server = NULL;
     spf_request = NULL;
     return 0;
   }
 
-  if (SPF_request_set_helo_dom(spf_request, spf_helo_domain)) {
-    debug_printf("spf: SPF_set_helo_dom() failed.\n");
+  if (SPF_request_set_helo_dom(spf_request, CS spf_helo_domain)) {
+    debug_printf("spf: SPF_set_helo_dom(\"%s\") failed.\n", spf_helo_domain);
     spf_server = NULL;
     spf_request = NULL;
     return 0;
@@ -73,9 +77,9 @@ int spf_init(uschar *spf_helo_domain, uschar *spf_remote_addr) {
    context (if any), retrieves the result, sets up expansion
    strings and evaluates the condition outcome. */
 
-int spf_process(uschar **listptr, uschar *spf_envelope_sender) {
+int spf_process(const uschar **listptr, uschar *spf_envelope_sender, int action) {
   int sep = 0;
-  uschar *list = *listptr;
+  const uschar *list = *listptr;
   uschar *spf_result_id;
   uschar spf_result_id_buffer[128];
   int rc = SPF_RESULT_PERMERROR;
@@ -86,26 +90,33 @@ int spf_process(uschar **listptr, uschar *spf_envelope_sender) {
     goto SPF_EVALUATE;
   };
 
-  if (SPF_request_set_env_from(spf_request, spf_envelope_sender)) {
+  if (SPF_request_set_env_from(spf_request, CS spf_envelope_sender)) {
     /* Invalid sender address. This should be a real rare occurence */
     rc = SPF_RESULT_PERMERROR;
     goto SPF_EVALUATE;
   }
 
   /* get SPF result */
-  SPF_request_query_mailfrom(spf_request, &spf_response);
+  if (action == SPF_PROCESS_FALLBACK)
+    SPF_request_query_fallback(spf_request, &spf_response, CS spf_guess);
+  else
+    SPF_request_query_mailfrom(spf_request, &spf_response);
 
   /* set up expansion items */
-  spf_header_comment     = (uschar *)SPF_response_get_header_comment(spf_response);
-  spf_received           = (uschar *)SPF_response_get_received_spf(spf_response);
-  spf_result             = (uschar *)SPF_strresult(SPF_response_result(spf_response));
-  spf_smtp_comment       = (uschar *)SPF_response_get_smtp_comment(spf_response);
+  spf_header_comment     = US SPF_response_get_header_comment(spf_response);
+  spf_received           = US SPF_response_get_received_spf(spf_response);
+  spf_result             = US SPF_strresult(SPF_response_result(spf_response));
+  spf_smtp_comment       = US SPF_response_get_smtp_comment(spf_response);
 
   rc = SPF_response_result(spf_response);
 
   /* We got a result. Now see if we should return OK or FAIL for it */
   SPF_EVALUATE:
   debug_printf("SPF result is %s (%d)\n", SPF_strresult(rc), rc);
+
+  if (action == SPF_PROCESS_GUESS && (!strcmp (SPF_strresult(rc), "none")))
+    return spf_process(listptr, spf_envelope_sender, SPF_PROCESS_FALLBACK);
+
   while ((spf_result_id = string_nextinlist(&list, &sep,
                                      spf_result_id_buffer,
                                      sizeof(spf_result_id_buffer))) != NULL) {