dnsbl: src/dnsbl.cpp comparison

comparison src/dnsbl.cpp @ 61:7f44a4974bf6 stable-4-2

Use resolver processes even if we don't have the interfaces, and need to use gethostbyname.

author	carl
date	Sat, 08 Jan 2005 12:26:30 -0800
parents	390ed250c5d2
children	7ad7d8b100bf

comparison

equal deleted inserted replaced

-:390ed250c5d2
+:7f44a4974bf6
 static char  *resolver_port     = NULL;         // unix domain socket to talk to the dns resolver process
 static int    resolver_socket   = NULL_SOCKET;  // socket used to listen for resolver requests
 static time_t ERROR_SOCKET_TIME = 60;           // number of seconds between attempts to open the spam filter socket
 static time_t last_error_time;
-#ifdef NS_PACKETSZ
 // packed structure to allow a single socket write to dump the
 // length and the following answer. The packing attribute is gcc specific.
 struct glommer {
 int    length;
-u_char answer[NS_PACKETSZ];
+#ifdef NS_PACKETSZ
-} __attribute__ ((packed));
+u_char answer[NS_PACKETSZ];     // with a resolver, we return resolver answers
-#endif
+#else
+int    answer;                  // without a resolver, we return a single ip4 address, 0 == no answer
+#endif
+} __attribute__ ((packed));
 struct mlfiPriv;
 ////////////////////////////////////////////////
 ////////////////////////////////////////////////
 //  read a resolver request from the socket, process it, and
 //  write the result back to the socket.
-#ifdef NS_PACKETSZ
 static void process_resolver_requests(int socket);
 static void process_resolver_requests(int socket) {
 #ifdef NS_MAXDNAME
 char question[NS_MAXDNAME];
 #else
 return;
 }
 }
 // find the answer
+#ifdef NS_PACKETSZ
 //char text[1000];
 //snprintf(text, sizeof(text), "!!child worker process has a question %s", question);
 //my_syslog(text);
 glom.length = res_search(question, ns_c_in, ns_t_a, glom.answer, sizeof(glom.answer));
 if (glom.length < 0) glom.length = 0;   // represent all errors as zero length answers
+#else
+glom.length = sizeof(glom.answer);
+glom.answer = 0;
+struct hostent *host = gethostbyname(question);
+if (host && (host->h_addrtype == AF_INET)) {
+memcpy(&glom.answer, host->h_addr, sizeof(glom.answer));
+}
+#endif
 // write the answer
 char *buf = (char *)&glom;
 int   len = glom.length + sizeof(glom.length);
 //snprintf(text, sizeof(text), "!!child worker process writing answer length %d for total %d", glom.length, len);
 return;
 }
 }
 }
 }
-#endif
 ////////////////////////////////////////////////
 //  ask a dns question and get an A record answer - we don't try
 //  very hard, just using the default resolver retry settings.
 //  If we cannot get an answer, we just accept the mail.
 //
 //
 static int dns_interface(mlfiPriv &priv, char *question, bool maybe_ip, ns_map *nameservers);
 static int dns_interface(mlfiPriv &priv, char *question, bool maybe_ip, ns_map *nameservers) {
-int ret_address = 0;
-#ifdef NS_PACKETSZ
 // this part can be done without locking the resolver mutex. Each
 // milter thread is talking over its own socket to a separate resolver
 // process, which does the actual dns resolution.
 if (priv.err) return 0; // cannot ask more questions on this socket.
 priv.my_write(question, strlen(question)+1);   // write the question including the null terminator
 priv.err = true;
 return 0;  // cannot process overlarge answers
 }
 priv.my_read(buf, glom.length);
+#ifdef NS_PACKETSZ
 // now we need to lock the resolver mutex to keep the milter threads from
 // stepping on each other while parsing the dns answer.
+int ret_address = 0;
 pthread_mutex_lock(&resolve_mutex);
 if (glom.length > 0) {
 // parse the answer
 ns_msg handle;
 ns_rr  rr;
 ret_address = ip.s_addr;
 }
 }
 pthread_mutex_unlock(&resolve_mutex);
 return ret_address;
 #else
-// systems without the resolver interface
+return glom.answer;
-pthread_mutex_lock(&resolve_mutex);
-struct hostent *host = gethostbyname(question);
-if (host && (host->h_addrtype == AF_INET)) {
-memcpy(&ret_address, host->h_addr, sizeof(ret_address));
-}
-pthread_mutex_unlock(&resolve_mutex);
-return ret_address;
 #endif
 }
 ////////////////////////////////////////////////
 if (setuid(pw->pw_uid) == -1) {
 my_syslog("failed to switch to user dnsbl");
 }
 }
-#ifdef NS_PACKETSZ
 // fork off the resolver listener process
 pid_t child = fork();
 if (child < 0) {
 my_syslog("failed to create resolver listener process");
 exit(0);
 int newchild = fork();
 if (newchild == 0) {
 // this is the worker process
 // child does not need the listening socket
 close(resolver_socket);
-my_syslog("child forked a worker process");
+//my_syslog("child forked a worker process");
 process_resolver_requests(s);
-my_syslog("child terminated a worker process");
+//my_syslog("child terminated a worker process");
 exit(0);
 }
 else {
 // this is the parent
 // parent does not need the accepted socket
 exit(0);    // make sure we don't fall thru.
 }
 else {
 sleep(2);   // allow child to get started
 }
-#endif
 // load the initial config
 config = new_conf();
 // only create threads after the fork() in daemon

Mercurial > dnsbl

comparison src/dnsbl.cpp @ 61:7f44a4974bf6 stable-4-2