From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 4 Aug 2019 13:38:18 +0000 (+0100)
Subject: Lookups: support IPv6 addresses in the spf lookup type.  Bug 2378
X-Git-Tag: exim-4.93-RC0~110
X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=de2e5b3dc657ad28e291f43b0850ab42e0012313;ds=sidebyside

Lookups: support IPv6 addresses in the spf lookup type.  Bug 2378
---

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 32d57d027..736ac0fe4 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -40323,7 +40323,11 @@ would relax host matching rules to a broader network range.
 .cindex SPF "lookup expansion"
 .cindex lookup spf
 A lookup expansion is also available. It takes an email
-address as the key and an IP address as the database:
+address as the key and an IP address
+.new
+(v4 or v6)
+.wen
+as the database:
 
 .code
   ${lookup {username@domain} spf {ip.ip.ip.ip}}
@@ -40331,7 +40335,6 @@ address as the key and an IP address as the database:
 
 The lookup will return the same result strings as can appear in
 &$spf_result$& (pass,fail,softfail,neutral,none,err_perm,err_temp).
-Currently, only IPv4 addresses are supported.
 
 
 
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index a416b8c1f..bcfbe7c77 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -31,6 +31,8 @@ Version 4.93
  9. Router variables, $r_... settable from router options and usable in routers
     and transports.
 
+10. The spf lookup now supports IPv6.
+
 
 Version 4.92
 --------------
diff --git a/src/src/lookups/spf.c b/src/src/lookups/spf.c
index 48d6ce3b5..6defad72b 100644
--- a/src/src/lookups/spf.c
+++ b/src/src/lookups/spf.c
@@ -35,50 +35,68 @@ static void dummy(int x) { dummy2(x-1); }
 static void *
 spf_open(uschar *filename, uschar **errmsg)
 {
-  SPF_server_t *spf_server = NULL;
-  spf_server = SPF_server_new(SPF_DNS_CACHE, 0);
-  if (spf_server == NULL) {
-    *errmsg = US"SPF_server_new() failed";
-    return NULL;
-  }
+SPF_server_t *spf_server;
+if ((spf_server = SPF_server_new(SPF_DNS_CACHE, 0)))
   return (void *) spf_server;
+*errmsg = US"SPF_server_new() failed";
+return NULL;
 }
 
 static void
 spf_close(void *handle)
 {
-  SPF_server_t *spf_server = handle;
-  if (spf_server) SPF_server_free(spf_server);
+SPF_server_t *spf_server = handle;
+if (spf_server) SPF_server_free(spf_server);
 }
 
 static int
 spf_find(void *handle, uschar *filename, const uschar *keystring, int key_len,
              uschar **result, uschar **errmsg, uint *do_cache)
 {
-  SPF_server_t *spf_server = handle;
-  SPF_request_t *spf_request = NULL;
-  SPF_response_t *spf_response = NULL;
+SPF_server_t *spf_server = handle;
+SPF_request_t *spf_request;
+SPF_response_t *spf_response = NULL;
+
+if (!(spf_request = SPF_request_new(spf_server)))
+  {
+  *errmsg = US"SPF_request_new() failed";
+  return FAIL;
+  }
 
-  spf_request = SPF_request_new(spf_server);
-  if (spf_request == NULL) {
-    *errmsg = US"SPF_request_new() failed";
+#if HAVE_IPV6
+switch (string_is_ip_address(filename, NULL))
+  {
+  case 4:
+#endif
+    if (!SPF_request_set_ipv4_str(spf_request, CS filename))
+      break;
+    *errmsg = string_sprintf("invalid IPv4 address '%s'", filename);
     return FAIL;
-  }
+#if HAVE_IPV6
 
-  if (SPF_request_set_ipv4_str(spf_request, CS filename)) {
-    *errmsg = string_sprintf("invalid IP address '%s'", filename);
+  case 6:
+    if (!SPF_request_set_ipv6_str(spf_request, CS filename))
+      break;
+    *errmsg = string_sprintf("invalid IPv6 address '%s'", filename);
     return FAIL;
-  }
-  if (SPF_request_set_env_from(spf_request, CS keystring)) {
-    *errmsg = string_sprintf("invalid envelope from address '%s'", keystring);
+
+  default:
+    *errmsg = string_sprintf("invalid IP address '%s'", filename);
     return FAIL;
   }
+#endif
+
+if (SPF_request_set_env_from(spf_request, CS keystring))
+    {
+  *errmsg = string_sprintf("invalid envelope from address '%s'", keystring);
+  return FAIL;
+}
 
-  SPF_request_query_mailfrom(spf_request, &spf_response);
-  *result = string_copy(US SPF_strresult(SPF_response_result(spf_response)));
-  SPF_response_free(spf_response);
-  SPF_request_free(spf_request);
-  return OK;
+SPF_request_query_mailfrom(spf_request, &spf_response);
+*result = string_copy(US SPF_strresult(SPF_response_result(spf_response)));
+SPF_response_free(spf_response);
+SPF_request_free(spf_request);
+return OK;
 }