diff options
Diffstat (limited to 'main/libspf2/libspf2-localpolicy-fix.patch')
-rw-r--r-- | main/libspf2/libspf2-localpolicy-fix.patch | 165 |
1 files changed, 147 insertions, 18 deletions
diff --git a/main/libspf2/libspf2-localpolicy-fix.patch b/main/libspf2/libspf2-localpolicy-fix.patch index 346bfbfd7..089c391eb 100644 --- a/main/libspf2/libspf2-localpolicy-fix.patch +++ b/main/libspf2/libspf2-localpolicy-fix.patch @@ -1,20 +1,149 @@ ---- libspf2-1.2.9/src/libspf2/spf_interpret.c Wed Oct 22 15:47:43 2008 -+++ libspf2-1.2.9.patched/src/libspf2/spf_interpret.c Mon Sep 21 12:22:51 2009 -@@ -1261,6 +1261,7 @@ - */ - - if ( mech == local_policy ) { -+ spf_request->use_local_policy = 0; - err = SPF_record_interpret(spf_server->local_policy, - spf_request, spf_response, depth + 1); - ---- libspf2-1.2.9/src/spfquery/spfquery.c Mon Sep 15 00:17:49 2008 -+++ libspf2-1.2.9.patched/src/spfquery/spfquery.c Mon Sep 21 12:14:38 2009 -@@ -602,6 +602,7 @@ - FREE_RESPONSE(spf_response); - - spf_request = SPF_request_new(spf_server); +diff --git a/src/libspf2/spf_interpret.c b/src/libspf2/spf_interpret.c +index 78fa81a..6dbdd8d 100644 +--- a/src/libspf2/spf_interpret.c ++++ b/src/libspf2/spf_interpret.c +@@ -594,10 +594,6 @@ SPF_record_interpret(SPF_record_t *spf_record, + SPF_data_t *data; + SPF_data_t *data_end; /* XXX Replace with size_t data_len */ + +- /* Where to insert the local policy (whitelist) */ +- SPF_mech_t *local_policy; /* Not the local policy */ +- int found_all; /* A crappy temporary. */ +- + char *buf = NULL; + size_t buf_len = 0; + ns_type fetch_ns_type; +@@ -662,58 +658,6 @@ SPF_record_interpret(SPF_record_t *spf_record, + #endif + + /* +- * Do some start up stuff if we haven't recursed yet +- */ +- +- local_policy = NULL; +- +- if ( spf_request->use_local_policy ) { +- /* +- * find the location for the whitelist execution +- * +- * Philip Gladstone says: +- * +- * I think that the localpolicy should only be inserted if the +- * final mechanism is '-all', and it should be inserted after +- * the last mechanism which is not '-'. +- * +- * Thus for the case of 'v=spf1 +a +mx -all', this would be +- * interpreted as 'v=spf1 +a +mx +localpolicy -all'. Whereas +- * 'v=spf1 -all' would remain the same (no non-'-' +- * mechanism). 'v=spf1 +a +mx -exists:%stuff -all' would +- * become 'v=spf1 +a +mx +localpolicy -exists:%stuff -all'. +- */ +- +- if ( spf_server->local_policy ) { +- mech = spf_record->mech_first; +- +- found_all = FALSE; +- for(m = 0; m < spf_record->num_mech; m++) +- { +- if ( mech->mech_type == MECH_ALL +- && (mech->prefix_type == PREFIX_FAIL +- || mech->prefix_type == PREFIX_UNKNOWN +- || mech->prefix_type == PREFIX_SOFTFAIL +- ) +- ) +- found_all = TRUE; +- +- if ( mech->prefix_type != PREFIX_FAIL +- && mech->prefix_type != PREFIX_SOFTFAIL +- ) +- local_policy = mech; +- +- mech = SPF_mech_next( mech ); +- } +- +- if ( !found_all ) +- local_policy = NULL; +- } +- +- } +- +- +- /* + * evaluate the mechanisms + */ + +@@ -751,6 +695,35 @@ SPF_record_interpret(SPF_record_t *spf_record, + + resolver = spf_server->resolver; + ++ /* ++ * execute the local policy ++ */ ++ if ( spf_request->use_local_policy && spf_server->local_policy ) { ++ spf_request->use_local_policy = 0; ++ err = SPF_record_interpret(spf_server->local_policy, ++ spf_request, spf_response, depth + 1); + spf_request->use_local_policy = 1; ++ ++ if ( spf_server->debug > 0 ) ++ SPF_debugf( "local_policy: executed SPF record: %s result: %s reason: %s", ++ SPF_strerror( err ), ++ SPF_strresult( spf_response->result ), ++ SPF_strreason( spf_response->reason ) ); ++ ++ if (spf_response->result != SPF_RESULT_INVALID && ++ spf_response->result != SPF_RESULT_NONE && ++ spf_response->result != SPF_RESULT_NEUTRAL) { ++ SPF_FREE_LOOKUP_DATA(); ++ return err; ++ } ++ ++ if ( spf_server->debug > 0 ) ++ SPF_debugf( "local_policy: not definite", ++ SPF_strerror( err ), ++ SPF_strresult( spf_response->result ), ++ SPF_strreason( spf_response->reason ) ); ++ } ++ + mech = spf_record->mech_first; + for (m = 0; m < spf_record->num_mech; m++) { + +@@ -1256,26 +1229,6 @@ SPF_record_interpret(SPF_record_t *spf_record, + break; + } + +- /* +- * execute the local policy +- */ +- +- if ( mech == local_policy ) { +- err = SPF_record_interpret(spf_server->local_policy, +- spf_request, spf_response, depth + 1); +- +- if ( spf_server->debug > 0 ) +- SPF_debugf( "local_policy: executed SPF record: %s result: %s reason: %s", +- SPF_strerror( err ), +- SPF_strresult( spf_response->result ), +- SPF_strreason( spf_response->reason ) ); +- +- if (spf_response->result != SPF_RESULT_INVALID) { +- SPF_FREE_LOOKUP_DATA(); +- return err; +- } +- } +- + mech = SPF_mech_next( mech ); + } + +diff --git a/src/libspf2/spf_request.c b/src/libspf2/spf_request.c +index 7614141..9eb1774 100644 +--- a/src/libspf2/spf_request.c ++++ b/src/libspf2/spf_request.c +@@ -47,6 +47,7 @@ SPF_request_new(SPF_server_t *spf_server) + return sr; + memset(sr, 0, sizeof(SPF_request_t)); - if (SPF_request_set_ipv4_str(spf_request, req->ip) - && SPF_request_set_ipv6_str(spf_request, req->ip)) { ++ sr->use_local_policy = 1; + sr->spf_server = spf_server; + sr->client_ver = AF_UNSPEC; + sr->ipv4.s_addr = htonl(INADDR_ANY); |