changeset 428:6f2db3d19a34 stable-6-0-61

allow 4000 byte spf txt records
author Carl Byington <carl@five-ten-sg.com>
date Mon, 02 Oct 2017 15:09:55 -0700
parents 9911e362b5dc
children 502f66414ab8
files ChangeLog NEWS configure.in dnsbl.spec.in src/context.cpp src/context.h src/dnsbl.cpp
diffstat 7 files changed, 25 insertions(+), 12 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Fri Aug 18 09:59:22 2017 -0700
+++ b/ChangeLog	Mon Oct 02 15:09:55 2017 -0700
@@ -1,3 +1,6 @@
+6.61 2017-10-02
+    allow 4000 byte spf txt records.
+
 6.60 2017-08-18
     hosts-ignore.conf can be used to ignore nameserver names
 
--- a/NEWS	Fri Aug 18 09:59:22 2017 -0700
+++ b/NEWS	Mon Oct 02 15:09:55 2017 -0700
@@ -1,3 +1,4 @@
+6.61 2017-10-02 allow 4000 byte spf txt records
 6.60 2017-08-18 hosts-ignore.conf can be used to ignore nameserver names
 6.59 2017-07-26 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain.
 6.58 2017-05-19 spf code now handles %{d} and %{h} macros, use envelope from value for spf if it is a subdomain of the header from domain.
--- a/configure.in	Fri Aug 18 09:59:22 2017 -0700
+++ b/configure.in	Mon Oct 02 15:09:55 2017 -0700
@@ -1,6 +1,6 @@
 
 AC_PREREQ(2.59)
-AC_INIT(dnsbl,6.60,carl@five-ten-sg.com)
+AC_INIT(dnsbl,6.61,carl@five-ten-sg.com)
 AC_CONFIG_SRCDIR([config.h.in])
 AC_CONFIG_HEADER([config.h])
 AC_CONFIG_MACRO_DIR([m4])
--- a/dnsbl.spec.in	Fri Aug 18 09:59:22 2017 -0700
+++ b/dnsbl.spec.in	Mon Oct 02 15:09:55 2017 -0700
@@ -155,6 +155,9 @@
 
 
 %changelog
+* Mon Oct 02 2017 Carl Byington <carl@five-ten-sg.com> - 6.61-1
+- allow 4000 byte spf txt records
+
 * Fri Aug 18 2017 Carl Byington <carl@five-ten-sg.com> - 6.60-1
 - hosts-ignore.conf can be used to ignore nameserver names
   ns1.google.com ended up on the sbl
--- a/src/context.cpp	Fri Aug 18 09:59:22 2017 -0700
+++ b/src/context.cpp	Mon Oct 02 15:09:55 2017 -0700
@@ -1171,9 +1171,9 @@
 
 bool CONTEXT::resolve_one_spf(const char *from, uint32_t ip, mlfiPriv *priv, int level)
 {
-    char buf[maxlen];
+    char buf[maxdnslength];
     log(priv->queueid, "looking for %s txt record", from);
-    dns_interface(*priv, from, ns_t_txt, false, NULL, buf, maxlen);
+    dns_interface(*priv, from, ns_t_txt, false, NULL, buf, maxdnslength);
     if (*buf) {
         log(priv->queueid, "found txt record %s", buf);
         // expand some macros here - a very restricted subset of all possible spf macros
@@ -1231,8 +1231,8 @@
                 }
                 else if (strncmp(p, "exists:", 7) == 0) {
                     p += 7;
-                    char buf[maxlen];
-                    dns_interface(*priv, p, ns_t_a, false, NULL, buf, maxlen);
+                    char buf[maxdnslength];
+                    dns_interface(*priv, p, ns_t_a, false, NULL, buf, maxdnslength);
                     uint32_t *a = (uint32_t *)buf;
                     if (a[0]) {
                         log(priv->queueid, "match exists:%s", p);
@@ -1241,13 +1241,13 @@
                 }
                 else if (strncmp(p, "mx", 2) == 0) {
                     const char *name = (p[2] == ':') ? p+2 : from;
-                    char buf[maxlen];
-                    dns_interface(*priv, name, ns_t_mx, false, NULL, buf, maxlen);
+                    char buf[maxdnslength];
+                    dns_interface(*priv, name, ns_t_mx, false, NULL, buf, maxdnslength);
                     char *b = buf;
                     while (*b) {
                         log(priv->queueid, "found mx %s", b);
-                        char buf[maxlen];
-                        dns_interface(*priv, b, ns_t_a, false, NULL, buf, maxlen);
+                        char buf[maxdnslength];
+                        dns_interface(*priv, b, ns_t_a, false, NULL, buf, maxdnslength);
                         uint32_t *a = (uint32_t *)buf;
                         size_t c = a[0];
                         for (size_t i=1; i<=c; i++) {
@@ -1266,8 +1266,8 @@
                 }
                 else if (p[0] == 'a') {
                     const char *name = (p[1] == ':') ? p+2 : from;
-                    char buf[maxlen];
-                    dns_interface(*priv, name, ns_t_a, false, NULL, buf, maxlen);
+                    char buf[maxdnslength];
+                    dns_interface(*priv, name, ns_t_a, false, NULL, buf, maxdnslength);
                     uint32_t *a = (uint32_t *)buf;
                     size_t c = a[0];
                     for (size_t i=1; i<=c; i++) {
--- a/src/context.h	Fri Aug 18 09:59:22 2017 -0700
+++ b/src/context.h	Mon Oct 02 15:09:55 2017 -0700
@@ -9,6 +9,12 @@
 #ifndef context_include
 #define context_include
 
+#ifdef NS_PACKETSZ
+    #define maxdnslength (NS_PACKETSZ*8)
+#else
+    #define maxdnslength 1000
+#endif
+
 enum status {oksofar,       // not rejected yet
              white,         // whitelisted
              black,         // blacklisted
--- a/src/dnsbl.cpp	Fri Aug 18 09:59:22 2017 -0700
+++ b/src/dnsbl.cpp	Mon Oct 02 15:09:55 2017 -0700
@@ -151,7 +151,7 @@
 struct glommer {
     size_t  length;
     #ifdef NS_PACKETSZ
-        u_char answer[NS_PACKETSZ*8];   // with a resolver, we return resolver answers
+        u_char answer[maxdnslength];    // with a resolver, we return resolver answers
     #else
         uint32_t answer;                // without a resolver, we return a single ipv4 address in network byte order, 0 == no answer
     #endif