Mercurial > dnsbl
diff src/dnsbl.cpp @ 252:836b7f2357f9
need ntohl() before using masks that are defined in host byte order
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Sun, 08 Apr 2012 16:10:31 -0700 |
| parents | 15bf4f68a0b2 |
| children | d6d5c50b9278 |
line wrap: on
line diff
--- a/src/dnsbl.cpp Sun Apr 08 11:56:00 2012 -0700 +++ b/src/dnsbl.cpp Sun Apr 08 16:10:31 2012 -0700 @@ -155,7 +155,7 @@ #ifdef NS_PACKETSZ u_char answer[NS_PACKETSZ*4]; // with a resolver, we return resolver answers #else - int32_t answer; // without a resolver, we return a single ipv4 address, 0 == no answer + uint32_t answer; // without a resolver, we return a single ipv4 address in network byte order, 0 == no answer #endif } __attribute__ ((packed)); @@ -255,13 +255,13 @@ //////////////////////////////////////////////// -// ask a dns question and get an A record answer - we don't try -// very hard, just using the default resolver retry settings. +// ask a dns question and get an A record answer in network byte order +// we don't try very hard, just using the default resolver retry settings. // If we cannot get an answer, we just accept the mail. // // -int32_t dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers); -int32_t dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers) { +uint32_t dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers); +uint32_t dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers) { // tell sendmail we are still working #if _FFR_SMFI_PROGRESS if (priv.eom) smfi_progress(priv.ctx); @@ -275,7 +275,7 @@ // might be a bare ip address, try this first to avoid dns lookups that may not be needed in_addr ip; if (inet_aton(question, &ip)) { - return (int32_t)ip.s_addr; + return ip.s_addr; } } int n = strlen(question); @@ -305,7 +305,7 @@ #ifdef NS_PACKETSZ // now we need to lock the resolver mutex to keep the milter threads from // stepping on each other while parsing the dns answer. - int ret_address = 0; + uint32_t ret_address = 0; pthread_mutex_lock(&resolve_mutex); // parse the answer ns_msg handle; @@ -350,7 +350,7 @@ ns_mapper::iterator i = ns.ns_ip.find(nam); if (i != ns.ns_ip.end()) { // we want this ip address - int32_t address; + uint32_t address; memcpy(&address, ns_rr_rdata(rr), sizeof(address)); ns.ns_ip[nam] = address; } @@ -360,7 +360,7 @@ int rrnum = 0; while (ns_parserr(&handle, ns_s_an, rrnum++, &rr) == 0) { if (ns_rr_type(rr) == ns_t_a) { - int32_t address; + uint32_t address; memcpy(&address, ns_rr_rdata(rr), sizeof(address)); ret_address = address; } @@ -817,10 +817,10 @@ //////////////////////////////////////////////// -// check a single dnsbl +// check a single dns list, return ip address in network byte order // -int32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix); -int32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix) { +uint32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix); +uint32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix) { // make a dns question const u_char *src = (const u_char *)&ip; if (src[0] == 127) return 0; // don't do dns lookups on localhost @@ -852,13 +852,13 @@ // bool check_single(mlfiPriv &priv, int32_t ip, DNSWL &wl); bool check_single(mlfiPriv &priv, int32_t ip, DNSWL &wl) { - int32_t r = check_single(priv, ip, wl.suffix); - int32_t v = (int32_t)0x7f000000; - int32_t m = (int32_t)0xffff0000; - int32_t m2 = (int32_t)0x000000ff; + uint32_t r = ntohl(check_single(priv, ip, wl.suffix)); + uint32_t v = (uint32_t)0x7f000000; + uint32_t m = (uint32_t)0xffff0000; + uint32_t m2 = (uint32_t)0x000000ff; if ((r & m) == v) { - int32_t l = r & m2; - if (l >= wl.level) return true; + uint32_t l = r & m2; + if ((int)l >= wl.level) return true; } return false; }