aboutsummaryrefslogtreecommitdiffstats
path: root/main/libspf2/libspf2-localpolicy-fix.patch
blob: 089c391eb9f2eb6447f5cd5c53dec87455253415 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
diff --git a/src/libspf2/spf_interpret.c b/src/libspf2/spf_interpret.c
index 78fa81a..6dbdd8d 100644
--- a/src/libspf2/spf_interpret.c
+++ b/src/libspf2/spf_interpret.c
@@ -594,10 +594,6 @@ SPF_record_interpret(SPF_record_t *spf_record,
 	SPF_data_t		*data;
 	SPF_data_t		*data_end;	/* XXX Replace with size_t data_len */
 
-	/* Where to insert the local policy (whitelist) */
-	SPF_mech_t		*local_policy;	/* Not the local policy */
-	int				 found_all;		/* A crappy temporary. */
-
 	char			*buf = NULL;
 	size_t			 buf_len = 0;
 	ns_type			 fetch_ns_type;
@@ -662,58 +658,6 @@ SPF_record_interpret(SPF_record_t *spf_record,
 #endif
 
 	/*
-	 * Do some start up stuff if we haven't recursed yet
-	 */
-
-	local_policy = NULL;
-
-	if ( spf_request->use_local_policy ) {
-		/*
-		 * find the location for the whitelist execution
-		 *
-		 * Philip Gladstone says:
-		 *
-		 * I think that the localpolicy should only be inserted if the
-		 * final mechanism is '-all', and it should be inserted after
-		 * the last mechanism which is not '-'.
-		 *
-		 * Thus for the case of 'v=spf1 +a +mx -all', this would be
-		 * interpreted as 'v=spf1 +a +mx +localpolicy -all'. Whereas
-		 * 'v=spf1 -all' would remain the same (no non-'-'
-		 * mechanism). 'v=spf1 +a +mx -exists:%stuff -all' would
-		 * become 'v=spf1 +a +mx +localpolicy -exists:%stuff -all'.
-		 */
-
-		if ( spf_server->local_policy ) {
-			mech = spf_record->mech_first;
-
-			found_all = FALSE;
-			for(m = 0; m < spf_record->num_mech; m++)
-			{
-				if ( mech->mech_type == MECH_ALL
-					 && (mech->prefix_type == PREFIX_FAIL
-						 || mech->prefix_type == PREFIX_UNKNOWN
-						 || mech->prefix_type == PREFIX_SOFTFAIL
-						 )
-					)
-					found_all = TRUE;
-
-				if ( mech->prefix_type != PREFIX_FAIL
-					 && mech->prefix_type != PREFIX_SOFTFAIL
-					)
-					local_policy = mech;
-
-				mech = SPF_mech_next( mech );
-			}
-
-			if ( !found_all )
-				local_policy = NULL;
-		}
-
-	}
-
-
-	/*
 	 * evaluate the mechanisms
 	 */
 
@@ -751,6 +695,35 @@ SPF_record_interpret(SPF_record_t *spf_record,
 
 	resolver = spf_server->resolver;
 
+	/*
+	 * execute the local policy
+	 */
+	if ( spf_request->use_local_policy && spf_server->local_policy ) {
+		spf_request->use_local_policy = 0;
+		err = SPF_record_interpret(spf_server->local_policy,
+						spf_request, spf_response, depth + 1);
+		spf_request->use_local_policy = 1;
+
+		if ( spf_server->debug > 0 )
+			SPF_debugf( "local_policy:  executed SPF record:  %s  result: %s  reason: %s",
+						SPF_strerror( err ),
+						SPF_strresult( spf_response->result ),
+						SPF_strreason( spf_response->reason ) );
+
+		if (spf_response->result != SPF_RESULT_INVALID &&
+		    spf_response->result != SPF_RESULT_NONE &&
+		    spf_response->result != SPF_RESULT_NEUTRAL) {
+			SPF_FREE_LOOKUP_DATA();
+			return err;
+		}
+
+		if ( spf_server->debug > 0 )
+			SPF_debugf( "local_policy:  not definite",
+						SPF_strerror( err ),
+						SPF_strresult( spf_response->result ),
+						SPF_strreason( spf_response->reason ) );
+	}
+
 	mech = spf_record->mech_first;
 	for (m = 0; m < spf_record->num_mech; m++) {
 
@@ -1256,26 +1229,6 @@ SPF_record_interpret(SPF_record_t *spf_record,
 			break;
 		}
 
-		/*
-		 * execute the local policy
-		 */
-
-		if ( mech == local_policy ) {
-			err = SPF_record_interpret(spf_server->local_policy,
-							spf_request, spf_response, depth + 1);
-
-			if ( spf_server->debug > 0 )
-				SPF_debugf( "local_policy:  executed SPF record:  %s  result: %s  reason: %s",
-							SPF_strerror( err ),
-							SPF_strresult( spf_response->result ),
-							SPF_strreason( spf_response->reason ) );
-
-			if (spf_response->result != SPF_RESULT_INVALID) {
-				SPF_FREE_LOOKUP_DATA();
-				return err;
-			}
-		}
-
 		mech = SPF_mech_next( mech );
 	}
 
diff --git a/src/libspf2/spf_request.c b/src/libspf2/spf_request.c
index 7614141..9eb1774 100644
--- a/src/libspf2/spf_request.c
+++ b/src/libspf2/spf_request.c
@@ -47,6 +47,7 @@ SPF_request_new(SPF_server_t *spf_server)
 		return sr;
 	memset(sr, 0, sizeof(SPF_request_t));
 
+	sr->use_local_policy = 1;
 	sr->spf_server = spf_server;
 	sr->client_ver = AF_UNSPEC;
 	sr->ipv4.s_addr = htonl(INADDR_ANY);