# HG changeset patch
# User Carl Byington <carl@five-ten-sg.com>
# Date 1489078469 28800
# Node ID b48ee4bc431b5cc31532a4a0fff5123ea2a4014f
# Parent  7e670e59d59d02d15bd8be297ab621740b149def
handle a and a: elements in spf txt records

diff -r 7e670e59d59d -r b48ee4bc431b ChangeLog
--- a/ChangeLog	Tue Mar 07 16:54:20 2017 -0800
+++ b/ChangeLog	Thu Mar 09 08:54:29 2017 -0800
@@ -1,5 +1,5 @@
-6.52 2017-03-07
-    document dkim/spf processing
+6.52 2017-03-09
+    document dkim/spf processing, handle a and a: elements
 
 6.51 2017-03-06
     parse spf txt records for required dkim signers
diff -r 7e670e59d59d -r b48ee4bc431b NEWS
--- a/NEWS	Tue Mar 07 16:54:20 2017 -0800
+++ b/NEWS	Thu Mar 09 08:54:29 2017 -0800
@@ -1,4 +1,4 @@
-6.52 2017-03-07 document dkim/spf processing
+6.52 2017-03-09 document dkim/spf processing, handle a and a: elements
 6.51 2017-03-06 parse spf txt records for required dkim signers
 6.50 2017-02-22 reject if dkim signer is listed on surbl
 6.49 2017-02-08 RHEL7 systemd and /var/run on tmpfs
diff -r 7e670e59d59d -r b48ee4bc431b dnsbl.spec.in
--- a/dnsbl.spec.in	Tue Mar 07 16:54:20 2017 -0800
+++ b/dnsbl.spec.in	Thu Mar 09 08:54:29 2017 -0800
@@ -3,7 +3,7 @@
 Summary:            Sendmail milter for spam control
 Name:               @PACKAGE@
 Version:            @VERSION@
-Release:            2%{?dist}
+Release:            3%{?dist}
 License:            GPLv3+
 Group:              System Environment/Daemons
 Source:             http://www.five-ten-sg.com/%{name}/packages/%{name}-%{version}.tar.gz
@@ -155,6 +155,9 @@
 
 
 %changelog
+* Thu Mar 09 2017 Carl Byington <carl@five-ten-sg.com> - 6.52-3
+- handle a and a: elements in spf txt records.
+
 * Tue Mar 07 2017 Carl Byington <carl@five-ten-sg.com> - 6.52-2
 - only ntohl() once during recursive spf txt processing.
 
diff -r 7e670e59d59d -r b48ee4bc431b src/context.cpp
--- a/src/context.cpp	Tue Mar 07 16:54:20 2017 -0800
+++ b/src/context.cpp	Thu Mar 09 08:54:29 2017 -0800
@@ -1158,6 +1158,30 @@
             p = (b) ? b : e;
         }
         p = buf;
+        while ((p = strstr(p, " a:"))) {
+            p += 3;
+            char *b = strchr(p, ' ');
+            if (b) *b = '\0';
+            uint32_t ipy = ntohl(dns_interface(*priv, p, ns_t_a));
+            if (ipy == ip) {
+                log(priv->queueid, "match %s", p);
+                return true;
+            }
+            if (b) *b = ' ';
+            p = (b) ? b : e;
+        }
+        p = buf;
+        while ((p = strstr(p, " a"))) {
+            p += 2;
+            if ((*p == ' ') || (*p == '\0')) {
+                uint32_t ipy = ntohl(dns_interface(*priv, from, ns_t_a));
+                if (ipy == ip) {
+                    log(priv->queueid, "match %s", from);
+                    return true;
+                }
+            }
+        }
+        p = buf;
         while ((level < 5) && (p = strstr(p, " include:"))) {
             p += 9;
             char *b = strchr(p, ' ');