X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=blobdiff_plain;f=src%2Fsrc%2Flookups%2Fdnsdb.c;h=cc711c5c353b34292a4f2f05ebc1303359b011ed;hp=9e95b9038ca79053c7a54d6fca2796207a620cec;hb=d447dbd160a0fb503ed1e763f3f23d28744b6ddd;hpb=94e1f16d6033683bdebaf5092f64c58bc044dd2d

diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c
index 9e95b9038..cc711c5c3 100644
--- a/src/src/lookups/dnsdb.c
+++ b/src/src/lookups/dnsdb.c
@@ -2,7 +2,7 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2015 */
+/* Copyright (c) University of Cambridge 1995 - 2018 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 #include "../exim.h"
@@ -77,7 +77,7 @@ static int type_values[] = {
 /* See local README for interface description. */
 
 static void *
-dnsdb_open(uschar *filename, uschar **errmsg)
+dnsdb_open(const uschar * filename, uschar **errmsg)
 {
 filename = filename;   /* Keep picky compilers happy */
 errmsg = errmsg;       /* Ditto */
@@ -112,7 +112,7 @@ terminates option processing.  Recognised options are:
 causes the whole lookup to defer only if none of the DNS queries succeeds; and
 'never', where all defers are as if the lookup failed. The default is 'lax'.
 
-- 'dnssec_FOO', with 'strict', 'lax' and 'never' (default).  The meanings are
+- 'dnssec_FOO', with 'strict', 'lax' (default), and 'never'.  The meanings are
 require, try and don't-try dnssec respectively.
 
 - 'retrans_VAL', set the timeout value.  VAL is an Exim time specification
@@ -130,13 +130,13 @@ which may start with '<' in order to set a specific separator. The default
 separator, as always, is colon. */
 
 static int
-dnsdb_find(void *handle, uschar *filename, const uschar *keystring, int length,
-  uschar **result, uschar **errmsg, uint *do_cache)
+dnsdb_find(void * handle, const uschar * filename, const uschar * keystring,
+ int length, uschar ** result, uschar ** errmsg, uint * do_cache)
 {
 int rc;
 int sep = 0;
 int defer_mode = PASS;
-int dnssec_mode = OK;
+int dnssec_mode = PASS;
 int save_retrans = dns_retrans;
 int save_retry =   dns_retry;
 int type;
@@ -145,15 +145,14 @@ const uschar *outsep = CUS"\n";
 const uschar *outsep2 = NULL;
 uschar *equals, *domain, *found;
 
+dns_answer * dnsa = store_get_dns_answer();
+dns_scan dnss;
+
 /* Because we're working in the search pool, we try to reclaim as much
 store as possible later, so we preallocate the result here */
 
 gstring * yield = string_get(256);
 
-dns_record *rr;
-dns_answer dnsa;
-dns_scan dnss;
-
 handle = handle;           /* Keep picky compilers happy */
 filename = filename;
 length = length;
@@ -313,10 +312,9 @@ if (!outsep2) switch(type)
 
 while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
   {
-  uschar rbuffer[256];
-  int searchtype = (type == T_CSA)? T_SRV :         /* record type we want */
-                   (type == T_MXH)? T_MX :
-                   (type == T_ZNS)? T_NS : type;
+  int searchtype = type == T_CSA ? T_SRV :         /* record type we want */
+                   type == T_MXH ? T_MX :
+                   type == T_ZNS ? T_NS : type;
 
   /* If the type is PTR or CSA, we have to construct the relevant magic lookup
   key if the original is an IP address (some experimental protocols are using
@@ -326,14 +324,11 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
 
   if ((type == T_PTR || type == T_CSA) &&
       string_is_ip_address(domain, NULL) != 0)
-    {
-    dns_build_reverse(domain, rbuffer);
-    domain = rbuffer;
-    }
+    domain = dns_build_reverse(domain);
 
   do
     {
-    DEBUG(D_lookup) debug_printf("dnsdb key: %s\n", domain);
+    DEBUG(D_lookup) debug_printf_indent("dnsdb key: %s\n", domain);
 
     /* Do the lookup and sort out the result. There are four special types that
     are handled specially: T_CSA, T_ZNS, T_ADDRESSES and T_MXH.
@@ -350,18 +345,18 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
       {
       if (searchtype == T_ADDRESSES) searchtype = T_AAAA;
       else if (searchtype == T_AAAA) searchtype = T_A;
-      rc = dns_special_lookup(&dnsa, domain, searchtype, CUSS &found);
+      rc = dns_special_lookup(dnsa, domain, searchtype, CUSS &found);
       }
     else
 #endif
-      rc = dns_special_lookup(&dnsa, domain, type, CUSS &found);
+      rc = dns_special_lookup(dnsa, domain, type, CUSS &found);
 
     lookup_dnssec_authenticated = dnssec_mode==OK ? NULL
-      : dns_is_secure(&dnsa) ? US"yes" : US"no";
+      : dns_is_secure(dnsa) ? US"yes" : US"no";
 
     if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue;
     if (  rc != DNS_SUCCEED
-       || (dnssec_mode == DEFER && !dns_is_secure(&dnsa))
+       || (dnssec_mode == DEFER && !dns_is_secure(dnsa))
        )
       {
       if (defer_mode == DEFER)
@@ -378,16 +373,15 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
 
     /* Search the returned records */
 
-    for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
-         rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == searchtype)
+    for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
+         rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) if (rr->type == searchtype)
       {
       if (*do_cache > rr->ttl)
 	*do_cache = rr->ttl;
 
       if (type == T_A || type == T_AAAA || type == T_ADDRESSES)
         {
-        dns_address *da;
-        for (da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
+        for (dns_address * da = dns_address_from_rr(dnsa, rr); da; da = da->next)
           {
           if (yield->ptr) yield = string_catn(yield, outsep, 1);
           yield = string_cat(yield, da->address);
@@ -421,7 +415,7 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
       else if (type == T_TLSA)
         {
         uint8_t usage, selector, matching_type;
-        uint16_t i, payload_length;
+        uint16_t payload_length;
         uschar s[MAX_TLSA_EXPANDED_SIZE];
 	uschar * sp = s;
         uschar * p = US rr->data;
@@ -434,10 +428,8 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
         sp += sprintf(CS s, "%d%c%d%c%d%c", usage, *outsep2,
 		selector, *outsep2, matching_type, *outsep2);
         /* Now append the cert/identifier, one hex char at a time */
-        for (i=0;
-             i < payload_length && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4);
-             i++)
-          sp += sprintf(CS sp, "%02x", (unsigned char)p[i]);
+	while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4))
+          sp += sprintf(CS sp, "%02x", *p++);
 
         yield = string_cat(yield, s);
         }
@@ -504,7 +496,7 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
 
         /* GETSHORT() has advanced the pointer to the target domain. */
 
-        rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
+        rc = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, p,
           (DN_EXPAND_ARG4_TYPE)s, sizeof(s));
 
         /* If an overlong response was received, the data will have been
@@ -525,7 +517,7 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
 	  p += rc;
 	  yield = string_catn(yield, outsep2, 1);
 
-	  rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
+	  rc = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, p,
 	    (DN_EXPAND_ARG4_TYPE)s, sizeof(s));
 	  if (rc < 0)
 	    {
@@ -553,7 +545,7 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
 
 /* Reclaim unused memory */
 
-store_reset(yield->s + yield->ptr + 1);
+gstring_release_unused(yield);
 
 /* If yield NULL we have not found anything. Otherwise, insert the terminating
 zero and return the result. */