Mercurial > dnsbl
diff src/dnsbl.cpp @ 214:82886d4dd71f stable-6-0-19
Fixes to compile on Fedora 9 and for const correctness.
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Tue, 10 Jun 2008 08:58:42 -0700 |
| parents | 4db1457cd11a |
| children | 784030ac71f1 |
line wrap: on
line diff
--- a/src/dnsbl.cpp Wed Apr 30 13:11:32 2008 -0700 +++ b/src/dnsbl.cpp Tue Jun 10 08:58:42 2008 -0700 @@ -95,9 +95,9 @@ std::set<int> fd_pool; int NULL_SOCKET = -1; const time_t ERROR_SOCKET_TIME = 60; // number of seconds between attempts to open a socket to the dns resolver process -char *resolver_port = NULL; // unix domain socket to talk to the dns resolver process +const char *resolver_port = NULL; // unix domain socket to talk to the dns resolver process int resolver_socket = NULL_SOCKET; // socket used to listen for resolver requests -char *dccifd_port = NULL; // unix domain socket to talk to the dcc interface daemon +const char *dccifd_port = NULL; // unix domain socket to talk to the dcc interface daemon time_t last_error_time; int resolver_sock_count = 0; // protected with fd_pool_mutex int resolver_pool_size = 0; // protected with fd_pool_mutex @@ -109,23 +109,23 @@ string_map ns_host; // nameserver name -> host name that uses this name server ns_mapper ns_ip; // nameserver name -> ip address of the name server ~ns_map(); - void add(char *name, char *refer); + void add(const char *name, const char *refer); }; ns_map::~ns_map() { for (string_map::iterator i=ns_host.begin(); i!=ns_host.end(); i++) { - char *x = (*i).first; - char *y = (*i).second; - free(x); - free(y); + const char *x = (*i).first; + const char *y = (*i).second; + free((void*)x); + free((void*)y); } ns_ip.clear(); ns_host.clear(); } -void ns_map::add(char *name, char *refer) { +void ns_map::add(const char *name, const char *refer) { string_map::iterator i = ns_host.find(name); if (i != ns_host.end()) return; char *x = strdup(name); @@ -138,7 +138,7 @@ // packed structure to allow a single socket write to dump the // length and the following answer. The packing attribute is gcc specific. struct glommer { - int length; + size_t length; #ifdef NS_PACKETSZ u_char answer[NS_PACKETSZ*4]; // with a resolver, we return resolver answers #else @@ -150,8 +150,8 @@ //////////////////////////////////////////////// // helper to manipulate recipient counts // -int incr_rcpt_count(char *user); -int incr_rcpt_count(char *user) { +int incr_rcpt_count(const char *user); +int incr_rcpt_count(const char *user) { pthread_mutex_lock(&rate_mutex); rcpt_rates::iterator i = rcpt_counts.find(user); int c = 1; @@ -172,8 +172,8 @@ void discard(context_map &cm); void discard(context_map &cm) { for (context_map::iterator i=cm.begin(); i!=cm.end(); i++) { - char *x = (*i).first; - free(x); + const char *x = (*i).first; + free((void*)x); } cm.clear(); } @@ -182,8 +182,8 @@ //////////////////////////////////////////////// // helper to register a string in a context_map // -void register_string(context_map &cm, char *name, CONTEXT *con); -void register_string(context_map &cm, char *name, CONTEXT *con) { +void register_string(context_map &cm, const char *name, CONTEXT *con); +void register_string(context_map &cm, const char *name, CONTEXT *con) { context_map::iterator i = cm.find(name); if (i != cm.end()) return; char *x = strdup(name); @@ -280,7 +280,7 @@ bool last = (!pc->reference_count) && (pc != config); pthread_mutex_unlock(&config_mutex); if (last) delete pc; // free this config, since we were the last reference to it - if (helo) free(helo); + if (helo) free((void*)helo); reset(true); } @@ -290,10 +290,10 @@ delete dwp; delayer.pop_front(); } - if (mailaddr) free(mailaddr); - if (queueid) free(queueid); - if (authenticated) free(authenticated); - if (client_name) free(client_name); + if (mailaddr) free((void*)mailaddr); + if (queueid) free((void*)queueid); + if (authenticated) free((void*)authenticated); + if (client_name) free((void*)client_name); delayer.clear(); discard(env_to); if (memory) delete memory; @@ -423,7 +423,7 @@ return rs; } -void mlfiPriv::need_content_filter(char *rcpt, CONTEXT &con) { +void mlfiPriv::need_content_filter(const char *rcpt, CONTEXT &con) { register_string(env_to, rcpt, &con); if (!memory) { // first recipient that needs content filtering sets @@ -453,7 +453,7 @@ //////////////////////////////////////////////// // syslog a message // -void my_syslog(mlfiPriv *priv, char *text) { +void my_syslog(mlfiPriv *priv, const char *text) { char buf[maxlen]; if (priv) { snprintf(buf, sizeof(buf), "%s: %s", priv->queueid, text); @@ -473,7 +473,7 @@ } } -void my_syslog(mlfiPriv *priv, string text) { +void my_syslog(mlfiPriv *priv, const string text) { if (debug_syslog > 3) { char buf[maxlen]; strncpy(buf, text.c_str(), sizeof(buf)); @@ -482,7 +482,7 @@ } } -void my_syslog(char *text) { +void my_syslog(const char *text) { my_syslog(NULL, text); } @@ -579,8 +579,8 @@ // If we cannot get an answer, we just accept the mail. // // -int dns_interface(mlfiPriv &priv, char *question, bool maybe_ip, ns_map *nameservers); -int dns_interface(mlfiPriv &priv, char *question, bool maybe_ip, ns_map *nameservers) { +int dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers); +int dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers) { // tell sendmail we are still working #if _FFR_SMFI_PROGRESS if (priv.eom) smfi_progress(priv.ctx); @@ -639,7 +639,7 @@ char nam[NS_MAXDNAME+1]; char *n = nam; const u_char *p = ns_rr_rdata(rr); - while (((n-nam) < NS_MAXDNAME) && ((p-glom.answer) < glom.length) && *p) { + while (((n-nam) < NS_MAXDNAME) && ((size_t)(p-glom.answer) < glom.length) && *p) { size_t s = *(p++); if (s > 191) { // compression pointer @@ -649,8 +649,8 @@ s = *(p++); } if (s > 0) { - if ((n-nam) >= (NS_MAXDNAME-s)) break; // destination would overflow name buffer - if ((p-glom.answer) >= (glom.length-s)) break; // source outside bounds of answer + if ((size_t)(n-nam) >= (NS_MAXDNAME-s)) break; // destination would overflow name buffer + if ((size_t)(p-glom.answer) >= (glom.length-s)) break; // source outside bounds of answer memcpy(n, p, s); n += s; p += s; @@ -697,8 +697,8 @@ //////////////////////////////////////////////// // check a single dnsbl // -bool check_single(mlfiPriv &priv, int ip, char *suffix); -bool check_single(mlfiPriv &priv, int ip, char *suffix) { +bool check_single(mlfiPriv &priv, int ip, const char *suffix); +bool check_single(mlfiPriv &priv, int ip, const char *suffix) { // make a dns question const u_char *src = (const u_char *)&ip; if (src[0] == 127) return false; // don't do dns lookups on localhost @@ -758,8 +758,8 @@ // as a string registered in hosts. // otherwise, return false and preserve the value of found. // -bool uriblookup(mlfiPriv &priv, string_set &hosts, char *hostname, char *top, char *&found) ; -bool uriblookup(mlfiPriv &priv, string_set &hosts, char *hostname, char *top, char *&found) { +bool uriblookup(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *top, const char *&found) ; +bool uriblookup(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *top, const char *&found) { // top is pointer to '.' char at end of base domain, or null for ip address form // so for hostname of www.fred.mydomain.co.uk // top points to-----------------------^ @@ -767,10 +767,8 @@ char buf[maxlen]; if (top) { // add one more component - *top = '\0'; - char *x = strrchr(hostname, '.'); + const char *x = (const char *)memrchr(hostname, '.', top-hostname); if (x) hostname = x+1; - *top = '.'; } snprintf(buf, sizeof(buf), "%s.%s.", hostname, priv.uribl_suffix); if (dns_interface(priv, buf, false, NULL)) { @@ -798,8 +796,8 @@ // as a string registered in hosts. // otherwise, return false and preserve the value of found. // -bool check_uribl(mlfiPriv &priv, string_set &hosts, char *hostname, char *&found) ; -bool check_uribl(mlfiPriv &priv, string_set &hosts, char *hostname, char *&found) { +bool check_uribl(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *&found) ; +bool check_uribl(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *&found) { in_addr ip; if (inet_aton(hostname, &ip)) { const u_char *src = (const u_char *)&ip.s_addr; @@ -813,12 +811,10 @@ return (uriblookup(priv, hosts, adr, NULL, found)); } - char *top, *top2, *top3; + const char *top, *top2, *top3; top = strrchr(hostname, '.'); if (top) { - *top = '\0'; - top2 = strrchr(hostname, '.'); - *top = '.'; + top2 = (const char *)memrchr(hostname, '.', top-hostname); if (top2) { string_set::iterator i = priv.memory->get_cctlds()->find(top2+1); @@ -826,12 +822,10 @@ // if we have a 2-level-cctld, just look at top three levels of the name if (i != x) return uriblookup(priv, hosts, hostname, top2, found); - *top2 = '\0'; - top3 = strrchr(hostname, '.'); - *top2 = '.'; + // if we have more than 3 levels in the name, look at the top three levels of the name + top3 = (const char *)memrchr(hostname, '.', top2-hostname); + if (top3 && uriblookup(priv, hosts, hostname, top2, found)) return true; - // if we have more than 3 levels in the name, look at the top three levels of the name - if (top3 && uriblookup(priv, hosts, hostname, top2, found)) return true; // if that was not found, fall thru to looking at the top two levels } // look at the top two levels of the name @@ -845,11 +839,10 @@ // check the hosts from the body against the content filter and uribl dnsbls // // -bool check_hosts(mlfiPriv &priv, bool random, int limit, char *&msg, char *&host, int &ip, char *&found); -bool check_hosts(mlfiPriv &priv, bool random, int limit, char *&msg, char *&host, int &ip, char *&found) { +bool check_hosts(mlfiPriv &priv, bool random, int limit, const char *&msg, const char *&host, int &ip, const char *&found); +bool check_hosts(mlfiPriv &priv, bool random, int limit, const char *&msg, const char *&host, int &ip, const char *&found) { found = NULL; // normally ip address style if (!priv.content_suffix && !priv.uribl_suffix) return false; // nothing to check - CONFIG &dc = *priv.pc; string_set &hosts = priv.memory->get_hosts(); string_set &ignore = *priv.content_host_ignore; @@ -937,7 +930,7 @@ msg = priv.content_message; string_map::iterator j = nameservers.ns_host.find(host); if (j != nameservers.ns_host.end()) { - char *refer = (*j).second; + const char *refer = (*j).second; char buf[maxlen]; snprintf(buf, sizeof(buf), "%s with nameserver %s", refer, host); host = register_string(hosts, buf); // put a copy into hosts, and return that reference @@ -964,8 +957,8 @@ // to lower case. Some clients enclose the entire address in single quotes, // so we strip those as well. // -char *to_lower_string(char *email); -char *to_lower_string(char *email) { +const char *to_lower_string(const char *email); +const char *to_lower_string(const char *email) { int n = strlen(email); if (email[0] == '<') { // assume it also ends with > @@ -1012,9 +1005,9 @@ { mlfiPriv &priv = *MLFIPRIV; priv.mailaddr = to_lower_string(from[0]); - priv.queueid = strdup(smfi_getsymval(ctx, "i")); - priv.authenticated = smfi_getsymval(ctx, "{auth_authen}"); - priv.client_name = smfi_getsymval(ctx, "_"); + priv.queueid = strdup(smfi_getsymval(ctx, (char*)"i")); + priv.authenticated = smfi_getsymval(ctx, (char*)"{auth_authen}"); + priv.client_name = smfi_getsymval(ctx, (char*)"_"); if (!priv.helo) priv.helo = strdup("unknown"); if (priv.authenticated) priv.authenticated = strdup(priv.authenticated); if (priv.client_name) priv.client_name = strdup(priv.client_name); @@ -1032,47 +1025,46 @@ DNSBLP rejectlist = NULL; // list that caused the reject mlfiPriv &priv = *MLFIPRIV; CONFIG &dc = *priv.pc; - char *rcptaddr = rcpt[0]; - char *loto = to_lower_string(rcptaddr); + const char *rcptaddr = rcpt[0]; + const char *loto = to_lower_string(rcptaddr); // some version of sendmail allowed rcpt to:<> and passed it thru to the milters if (strcmp(loto, "<>") == 0) { - smfi_setreply(ctx, "550", "5.7.1", "bogus recipient"); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"bogus recipient"); return SMFIS_REJECT; } // priv.mailaddr sending original message to loto CONTEXT &con = *(dc.find_context(loto)->find_context(priv.mailaddr)); VERIFYP ver = con.find_verify(loto); - char *fromvalue = con.find_from(priv.mailaddr, true); + const char *fromvalue = con.find_from(priv.mailaddr, true); // tell spam assassin and dccifd about this recipient if (priv.assassin) priv.assassin->mlfi_envrcpt(ctx, loto); if (priv.dccifd) priv.dccifd->mlfi_envrcpt(ctx, loto, con.get_grey() && !priv.authenticated); // loto sending a reply back to priv.mailaddr CONTEXT &con2 = *(dc.find_context(priv.mailaddr)->find_context(loto)); - char *replyvalue = con2.find_from(loto); + const char *replyvalue = con2.find_from(loto); if (debug_syslog > 1) { char buf[maxlen]; char msg[maxlen]; snprintf(msg, sizeof(msg), "from <%s> to <%s> using context %s state %s reply state %s", priv.mailaddr, loto, con.get_full_name(buf,maxlen), fromvalue, replyvalue); my_syslog(&priv, msg); } - free(loto); + free((void*)loto); status st; if (replyvalue == token_black) { - smfi_setreply(ctx, "550", "5.7.1", "recipient can not reply due to blacklisting"); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"recipient can not reply due to blacklisting"); return SMFIS_REJECT; } if (priv.authenticated) { int c = incr_rcpt_count(priv.authenticated); int l = dc.default_context->find_rate(priv.authenticated); if (debug_syslog > 1) { - char buf[maxlen]; char msg[maxlen]; snprintf(msg, sizeof(msg), "authenticated id %s (%d recipients, %d limit)", priv.authenticated, c, l); my_syslog(&priv, msg); } if (c > l) { - smfi_setreply(ctx, "550", "5.7.1", "recipient rate limit exceeded"); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"recipient rate limit exceeded"); return SMFIS_REJECT; } st = white; @@ -1094,31 +1086,31 @@ inet_ntop(AF_INET, (const u_char *)&priv.ip, adr, sizeof(adr)); char buf[maxlen]; snprintf(buf, sizeof(buf), rejectlist->message, adr, adr); - smfi_setreply(ctx, "550", "5.7.1", buf); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); return SMFIS_REJECT; } if (st == oksofar) { - char *msg = con.generic_match(priv.client_name); + const char *msg = con.generic_match(priv.client_name); if (msg) { // reject the recipient based on generic reverse dns char buf[maxlen]; snprintf(buf, sizeof(buf), msg, priv.client_name); - smfi_setreply(ctx, "550", "5.7.1", buf); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); return SMFIS_REJECT; } } if (st == black) { // reject the recipient based on blacklisting either from or to - smfi_setreply(ctx, "550", "5.7.1", "no such user"); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"no such user"); return SMFIS_REJECT; } if (ver) { // try to verify this from/to pair of addresses even if it might be explicitly whitelisted - char *loto = to_lower_string(rcptaddr); + const char *loto = to_lower_string(rcptaddr); bool rc = ver->ok(priv.mailaddr, loto); - free(loto); + free((void*)loto); if (!rc) { - smfi_setreply(ctx, "550", "5.7.1", "no such user"); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"no such user"); return SMFIS_REJECT; } } @@ -1128,7 +1120,7 @@ WHITELISTERP w = con2.find_autowhite(loto, priv.mailaddr); // check if local part is too big const int max_local_size = 30; - char *p = strchr(loto, '@'); + const char *p = strchr(loto, '@'); int len = (p) ? p-loto : max_local_size; if (len >= max_local_size) w = NULL; // too big, pretend we don't have a whitelister // record it if we have a whitelister @@ -1137,7 +1129,7 @@ priv.delayer.push_back(dwp); } else { - free(loto); + free((void*)loto); } // accept the recipient @@ -1148,7 +1140,7 @@ if (con.get_content_filtering()) { if (!priv.content_context) priv.content_context = &con; else if (con.get_require() && (priv.content_context != &con)) { - smfi_setreply(ctx, "452", "4.2.1", "incompatible filtering contexts"); + smfi_setreply(ctx, (char*)"452", (char*)"4.2.1", (char*)"incompatible filtering contexts"); return SMFIS_TEMPFAIL; } } @@ -1189,7 +1181,7 @@ while (!priv.delayer.empty()) { DELAYWHITEP dwp = priv.delayer.front(); if (!priv.is_bulk_precedence) { - char *loto = dwp->get_loto(); + const char *loto = dwp->get_loto(); WHITELISTERP w = dwp->get_w(); CONTEXTP con2 = dwp->get_con(); if (debug_syslog > 1) { @@ -1226,10 +1218,8 @@ { sfsistat rc; mlfiPriv &priv = *MLFIPRIV; - CONFIG &dc = *priv.pc; - char *host = NULL; + const char *host = NULL; int ip; - status st; // process end of message priv.eom = true; if (priv.authenticated || priv.only_whites) rc = SMFIS_CONTINUE; @@ -1247,12 +1237,12 @@ bool random = false; int limit = 0; for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) { - char *rcpt = (*i).first; + const char *rcpt = (*i).first; CONTEXT &con = *((*i).second); if (!con.acceptable_content(*priv.memory, score, bulk, msg)) { // bad html tags or excessive hosts or // high spam assassin score or dcc bulk threshold exceedeed - smfi_delrcpt(ctx, rcpt); + smfi_delrcpt(ctx, (char*)rcpt); } else { alive.insert(rcpt); @@ -1262,7 +1252,8 @@ } bool rejecting = alive.empty(); // if alive is empty, we must have set msg above in acceptable_content() if (!rejecting) { - char *fmt, *found; + const char *fmt; + const char *found; if (check_hosts(priv, random, limit, fmt, host, ip, found)) { if (found) { // uribl style @@ -1281,7 +1272,7 @@ } if (!rejecting) { if (priv.want_dccgrey && grey) { - smfi_setreply(ctx, "452", "4.2.1", "temporary greylist embargoed"); + smfi_setreply(ctx, (char*)"452", (char*)"4.2.1", (char*)"temporary greylist embargoed"); rc = SMFIS_TEMPFAIL; } else rc = SMFIS_CONTINUE; @@ -1289,14 +1280,14 @@ else if (!priv.have_whites) { // can reject the entire message snprintf(buf, sizeof(buf), "%s", msg.c_str()); - smfi_setreply(ctx, "550", "5.7.1", buf); + smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); rc = SMFIS_REJECT; } else { // need to accept it but remove the recipients that don't want it for (string_set::iterator i=alive.begin(); i!=alive.end(); i++) { - char *rcpt = *i; - smfi_delrcpt(ctx, rcpt); + const char *rcpt = *i; + smfi_delrcpt(ctx, (char*)rcpt); } rc = SMFIS_CONTINUE; } @@ -1324,7 +1315,7 @@ struct smfiDesc smfilter = { - "DNSBL", // filter name + (char*)"DNSBL", // filter name SMFI_VERSION, // version code -- do not change SMFIF_DELRCPT, // flags mlfi_connect, // connection info filter @@ -1390,7 +1381,7 @@ struct stat st; bool reload = false; for (string_set::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) { - char *fn = *i; + const char *fn = *i; if (stat(fn, &st)) reload = true; // file disappeared else if (st.st_mtime > then) reload = true; // file modified if (reload) break; @@ -1419,8 +1410,8 @@ } -void usage(char *prog); -void usage(char *prog) +void usage(const char *prog); +void usage(const char *prog) { fprintf(stderr, "Usage: %s [-d [level]] [-c] [-s] [-e from|to] [-b dccifd-addr] -r port -p sm-sock-addr [-t timeout]\n", prog); fprintf(stderr, "where dccifd_addr is for the connection to dccifd\n"); @@ -1442,8 +1433,8 @@ -void setup_socket(char *sock); -void setup_socket(char *sock) { +void setup_socket(const char *sock); +void setup_socket(const char *sock) { unlink(sock); } @@ -1469,7 +1460,7 @@ bool stress = false; bool setconn = false; bool setreso = false; - char *email = NULL; + const char *email = NULL; int c; const char *args = "b:r:p:t:e:d:chs"; extern char *optarg; @@ -1521,7 +1512,7 @@ break; case 'e': - if (email) free(email); + if (email) free((void*)email); email = strdup(optarg); break; @@ -1587,7 +1578,7 @@ fprintf(stdout, "envelope to <%s> finds context %s\n", to, con->get_full_name(buf,maxlen)); CONTEXTP fc = con->find_context(from); fprintf(stdout, "envelope from <%s> finds context %s\n", from, fc->get_full_name(buf,maxlen)); - char *st = fc->find_from(from); + const char *st = fc->find_from(from); fprintf(stdout, "envelope from <%s> finds status %s\n", from, st); delete conf; }