1 /*
2 * Copyright (c) 1986 Eric P. Allman
3 * Copyright (c) 1988, 1993
4 * The Regents of the University of California. All rights reserved.
5 *
6 * %sccs.include.redist.c%
7 */
8
9 #include "sendmail.h"
10
11 #ifndef lint
12 #if NAMED_BIND
13 static char sccsid[] = "@(#)domain.c 8.28 (Berkeley) 11/13/94 (with name server)";
14 #else
15 static char sccsid[] = "@(#)domain.c 8.28 (Berkeley) 11/13/94 (without name server)";
16 #endif
17 #endif /* not lint */
18
19 #if NAMED_BIND
20
21 #include <errno.h>
22 #include <resolv.h>
23 #include <netdb.h>
24
25 typedef union
26 {
27 HEADER qb1;
28 u_char qb2[PACKETSZ];
29 } querybuf;
30
31 static char MXHostBuf[MAXMXHOSTS*PACKETSZ];
32
33 #ifndef MAXDNSRCH
34 #define MAXDNSRCH 6 /* number of possible domains to search */
35 #endif
36
37 #ifndef MAX
38 #define MAX(a, b) ((a) > (b) ? (a) : (b))
39 #endif
40
41 #ifndef NO_DATA
42 # define NO_DATA NO_ADDRESS
43 #endif
44
45 #ifndef HFIXEDSZ
46 # define HFIXEDSZ 12 /* sizeof(HEADER) */
47 #endif
48
49 #define MAXCNAMEDEPTH 10 /* maximum depth of CNAME recursion */
50
51 #if defined(__RES) && (__RES >= 19940415)
52 # define RES_UNC_T char *
53 #else
54 # define RES_UNC_T u_char *
55 #endif
56 �/*
57 ** GETMXRR -- get MX resource records for a domain
58 **
59 ** Parameters:
60 ** host -- the name of the host to MX.
61 ** mxhosts -- a pointer to a return buffer of MX records.
62 ** droplocalhost -- If TRUE, all MX records less preferred
63 ** than the local host (as determined by $=w) will
64 ** be discarded.
65 ** rcode -- a pointer to an EX_ status code.
66 **
67 ** Returns:
68 ** The number of MX records found.
69 ** -1 if there is an internal failure.
70 ** If no MX records are found, mxhosts[0] is set to host
71 ** and 1 is returned.
72 */
73
74 getmxrr(host, mxhosts, droplocalhost, rcode)
75 char *host;
76 char **mxhosts;
77 bool droplocalhost;
78 int *rcode;
79 {
80 extern int h_errno;
81 register u_char *eom, *cp;
82 register int i, j, n;
83 int nmx = 0;
84 register char *bp;
85 HEADER *hp;
86 querybuf answer;
87 int ancount, qdcount, buflen;
88 bool seenlocal = FALSE;
89 u_short pref, localpref, type;
90 char *fallbackMX = FallBackMX;
91 static bool firsttime = TRUE;
92 STAB *st;
93 bool trycanon = FALSE;
94 u_short prefer[MAXMXHOSTS];
95 int weight[MAXMXHOSTS];
96 extern bool getcanonname();
97
98 if (tTd(8, 2))
99 printf("getmxrr(%s, droplocalhost=%d)\n", host, droplocalhost);
100
101 if (fallbackMX != NULL)
102 {
103 if (firsttime &&
104 res_query(FallBackMX, C_IN, T_A,
105 (u_char *) &answer, sizeof answer) < 0)
106 {
107 /* this entry is bogus */
108 fallbackMX = FallBackMX = NULL;
109 }
110 else if (droplocalhost &&
111 (st = stab(fallbackMX, ST_CLASS, ST_FIND)) != NULL &&
112 bitnset('w', st->s_class))
113 {
114 /* don't use fallback for this pass */
115 fallbackMX = NULL;
116 }
117 firsttime = FALSE;
118 }
119
120 /* efficiency hack -- numeric or non-MX lookups */
121 if (host[0] == '[')
122 goto punt;
123
124 /*
125 ** If we don't have MX records in our host switch, don't
126 ** try for MX records. Note that this really isn't "right",
127 ** since we might be set up to try NIS first and then DNS;
128 ** if the host is found in NIS we really shouldn't be doing
129 ** MX lookups. However, that should be a degenerate case.
130 */
131
132 if (!UseNameServer)
133 goto punt;
134
135 errno = 0;
136 n = res_search(host, C_IN, T_MX, (u_char *) &answer, sizeof(answer));
137 if (n < 0)
138 {
139 if (tTd(8, 1))
140 printf("getmxrr: res_search(%s) failed (errno=%d, h_errno=%d)\n",
141 (host == NULL) ? "<NULL>" : host, errno, h_errno);
142 switch (h_errno)
143 {
144 case NO_DATA:
145 trycanon = TRUE;
146 /* fall through */
147
148 case NO_RECOVERY:
149 /* no MX data on this host */
150 goto punt;
151
152 case HOST_NOT_FOUND:
153 #ifdef BROKEN_RES_SEARCH
154 /* Ultrix resolver returns failure w/ h_errno=0 */
155 case 0:
156 #endif
157 /* the host just doesn't exist */
158 *rcode = EX_NOHOST;
159
160 if (!UseNameServer)
161 {
162 /* might exist in /etc/hosts */
163 goto punt;
164 }
165 break;
166
167 case TRY_AGAIN:
168 /* couldn't connect to the name server */
169 if (!UseNameServer && errno == ECONNREFUSED)
170 goto punt;
171
172 /* it might come up later; better queue it up */
173 *rcode = EX_TEMPFAIL;
174 break;
175
176 default:
177 syserr("getmxrr: res_search (%s) failed with impossible h_errno (%d)\n",
178 host, h_errno);
179 *rcode = EX_OSERR;
180 break;
181 }
182
183 /* irreconcilable differences */
184 return (-1);
185 }
186
187 /* find first satisfactory answer */
188 hp = (HEADER *)&answer;
189 cp = (u_char *)&answer + HFIXEDSZ;
190 eom = (u_char *)&answer + n;
191 for (qdcount = ntohs(hp->qdcount); qdcount--; cp += n + QFIXEDSZ)
192 if ((n = dn_skipname(cp, eom)) < 0)
193 goto punt;
194 buflen = sizeof(MXHostBuf) - 1;
195 bp = MXHostBuf;
196 ancount = ntohs(hp->ancount);
197 while (--ancount >= 0 && cp < eom && nmx < MAXMXHOSTS - 1)
198 {
199 if ((n = dn_expand((u_char *)&answer,
200 eom, cp, (RES_UNC_T) bp, buflen)) < 0)
201 break;
202 cp += n;
203 GETSHORT(type, cp);
204 cp += INT16SZ + INT32SZ;
205 GETSHORT(n, cp);
206 if (type != T_MX)
207 {
208 if (tTd(8, 8) || _res.options & RES_DEBUG)
209 printf("unexpected answer type %d, size %d\n",
210 type, n);
211 cp += n;
212 continue;
213 }
214 GETSHORT(pref, cp);
215 if ((n = dn_expand((u_char *)&answer, eom, cp,
216 (RES_UNC_T) bp, buflen)) < 0)
217 break;
218 cp += n;
219 if (droplocalhost &&
220 (st = stab(bp, ST_CLASS, ST_FIND)) != NULL &&
221 bitnset('w', st->s_class))
222 {
223 if (tTd(8, 3))
224 printf("found localhost (%s) in MX list, pref=%d\n",
225 bp, pref);
226 if (!seenlocal || pref < localpref)
227 localpref = pref;
228 seenlocal = TRUE;
229 continue;
230 }
231 weight[nmx] = mxrand(bp);
232 prefer[nmx] = pref;
233 mxhosts[nmx++] = bp;
234 n = strlen(bp);
235 bp += n;
236 if (bp[-1] != '.')
237 {
238 *bp++ = '.';
239 n++;
240 }
241 *bp++ = '\0';
242 buflen -= n + 1;
243 }
244
245 /* sort the records */
246 for (i = 0; i < nmx; i++)
247 {
248 for (j = i + 1; j < nmx; j++)
249 {
250 if (prefer[i] > prefer[j] ||
251 (prefer[i] == prefer[j] && weight[i] > weight[j]))
252 {
253 register int temp;
254 register char *temp1;
255
256 temp = prefer[i];
257 prefer[i] = prefer[j];
258 prefer[j] = temp;
259 temp1 = mxhosts[i];
260 mxhosts[i] = mxhosts[j];
261 mxhosts[j] = temp1;
262 temp = weight[i];
263 weight[i] = weight[j];
264 weight[j] = temp;
265 }
266 }
267 if (seenlocal && prefer[i] >= localpref)
268 {
269 /* truncate higher preference part of list */
270 nmx = i;
271 }
272 }
273
274 if (nmx == 0)
275 {
276 punt:
277 if (seenlocal &&
278 (!TryNullMXList || gethostbyname(host) == NULL))
279 {
280 /*
281 ** If we have deleted all MX entries, this is
282 ** an error -- we should NEVER send to a host that
283 ** has an MX, and this should have been caught
284 ** earlier in the config file.
285 **
286 ** Some sites prefer to go ahead and try the
287 ** A record anyway; that case is handled by
288 ** setting TryNullMXList. I believe this is a
289 ** bad idea, but it's up to you....
290 */
291
292 *rcode = EX_CONFIG;
293 syserr("MX list for %s points back to %s",
294 host, MyHostName);
295 return -1;
296 }
297 strcpy(MXHostBuf, host);
298 mxhosts[0] = MXHostBuf;
299 if (host[0] == '[')
300 {
301 register char *p;
302
303 /* this may be an MX suppression-style address */
304 p = strchr(MXHostBuf, ']');
305 if (p != NULL)
306 {
307 *p = '\0';
308 if (inet_addr(&MXHostBuf[1]) != -1)
309 *p = ']';
310 else
311 {
312 trycanon = TRUE;
313 mxhosts[0]++;
314 }
315 }
316 }
317 if (trycanon &&
318 getcanonname(mxhosts[0], sizeof MXHostBuf - 2, FALSE))
319 {
320 bp = &MXHostBuf[strlen(MXHostBuf)];
321 if (bp[-1] != '.')
322 {
323 *bp++ = '.';
324 *bp = '\0';
325 }
326 }
327 nmx = 1;
328 }
329
330 /* if we have a default lowest preference, include that */
331 if (fallbackMX != NULL && !seenlocal)
332 mxhosts[nmx++] = fallbackMX;
333
334 return (nmx);
335 }
336 �/*
337 ** MXRAND -- create a randomizer for equal MX preferences
338 **
339 ** If two MX hosts have equal preferences we want to randomize
340 ** the selection. But in order for signatures to be the same,
341 ** we need to randomize the same way each time. This function
342 ** computes a pseudo-random hash function from the host name.
343 **
344 ** Parameters:
345 ** host -- the name of the host.
346 **
347 ** Returns:
348 ** A random but repeatable value based on the host name.
349 **
350 ** Side Effects:
351 ** none.
352 */
353
354 mxrand(host)
355 register char *host;
356 {
357 int hfunc;
358 static unsigned int seed;
359
360 if (seed == 0)
361 {
362 seed = (int) curtime() & 0xffff;
363 if (seed == 0)
364 seed++;
365 }
366
367 if (tTd(17, 9))
368 printf("mxrand(%s)", host);
369
370 hfunc = seed;
371 while (*host != '\0')
372 {
373 int c = *host++;
374
375 if (isascii(c) && isupper(c))
376 c = tolower(c);
377 hfunc = ((hfunc << 1) ^ c) % 2003;
378 }
379
380 hfunc &= 0xff;
381
382 if (tTd(17, 9))
383 printf(" = %d\n", hfunc);
384 return hfunc;
385 }
386 �/*
387 ** GETCANONNAME -- get the canonical name for named host
388 **
389 ** This algorithm tries to be smart about wildcard MX records.
390 ** This is hard to do because DNS doesn't tell is if we matched
391 ** against a wildcard or a specific MX.
392 **
393 ** We always prefer A & CNAME records, since these are presumed
394 ** to be specific.
395 **
396 ** If we match an MX in one pass and lose it in the next, we use
397 ** the old one. For example, consider an MX matching *.FOO.BAR.COM.
398 ** A hostname bletch.foo.bar.com will match against this MX, but
399 ** will stop matching when we try bletch.bar.com -- so we know
400 ** that bletch.foo.bar.com must have been right. This fails if
401 ** there was also an MX record matching *.BAR.COM, but there are
402 ** some things that just can't be fixed.
403 **
404 ** Parameters:
405 ** host -- a buffer containing the name of the host.
406 ** This is a value-result parameter.
407 ** hbsize -- the size of the host buffer.
408 ** trymx -- if set, try MX records as well as A and CNAME.
409 **
410 ** Returns:
411 ** TRUE -- if the host matched.
412 ** FALSE -- otherwise.
413 */
414
415 bool
416 getcanonname(host, hbsize, trymx)
417 char *host;
418 int hbsize;
419 bool trymx;
420 {
421 extern int h_errno;
422 register u_char *eom, *ap;
423 register char *cp;
424 register int n;
425 HEADER *hp;
426 querybuf answer;
427 int ancount, qdcount;
428 int ret;
429 char **domain;
430 int type;
431 char **dp;
432 char *mxmatch;
433 bool amatch;
434 bool gotmx;
435 int qtype;
436 int loopcnt;
437 char *xp;
438 char nbuf[MAX(PACKETSZ, MAXDNAME*2+2)];
439 char *searchlist[MAXDNSRCH+2];
440 extern char *gethostalias();
441
442 if (tTd(8, 2))
443 printf("getcanonname(%s)\n", host);
444
445 if ((_res.options & RES_INIT) == 0 && res_init() == -1)
446 return (FALSE);
447
448 /*
449 ** Initialize domain search list. If there is at least one
450 ** dot in the name, search the unmodified name first so we
451 ** find "vse.CS" in Czechoslovakia instead of in the local
452 ** domain (e.g., vse.CS.Berkeley.EDU).
453 **
454 ** Older versions of the resolver could create this
455 ** list by tearing apart the host name.
456 */
457
458 loopcnt = 0;
459 cnameloop:
460 for (cp = host, n = 0; *cp; cp++)
461 if (*cp == '.')
462 n++;
463
464 if (n == 0 && (xp = gethostalias(host)) != NULL)
465 {
466 if (loopcnt++ > MAXCNAMEDEPTH)
467 {
468 syserr("loop in ${HOSTALIASES} file");
469 }
470 else
471 {
472 strncpy(host, xp, hbsize);
473 host[hbsize - 1] = '\0';
474 goto cnameloop;
475 }
476 }
477
478 dp = searchlist;
479 if (n > 0)
480 *dp++ = "";
481 if (n >= 0 && *--cp != '.' && bitset(RES_DNSRCH, _res.options))
482 {
483 for (domain = _res.dnsrch; *domain != NULL; )
484 *dp++ = *domain++;
485 }
486 else if (n == 0 && bitset(RES_DEFNAMES, _res.options))
487 {
488 *dp++ = _res.defdname;
489 }
490 else if (*cp == '.')
491 {
492 *cp = '\0';
493 }
494 *dp = NULL;
495
496 /*
497 ** Now run through the search list for the name in question.
498 */
499
500 mxmatch = NULL;
501 qtype = T_ANY;
502
503 for (dp = searchlist; *dp != NULL; )
504 {
505 if (qtype == T_ANY)
506 gotmx = FALSE;
507 if (tTd(8, 5))
508 printf("getcanonname: trying %s.%s (%s)\n", host, *dp,
509 qtype == T_ANY ? "ANY" : qtype == T_A ? "A" :
510 qtype == T_MX ? "MX" : "???");
511 ret = res_querydomain(host, *dp, C_IN, qtype,
512 answer.qb2, sizeof(answer.qb2));
513 if (ret <= 0)
514 {
515 if (tTd(8, 7))
516 printf("\tNO: errno=%d, h_errno=%d\n",
517 errno, h_errno);
518
519 if (errno == ECONNREFUSED || h_errno == TRY_AGAIN)
520 {
521 /* the name server seems to be down */
522 h_errno = TRY_AGAIN;
523 return FALSE;
524 }
525
526 if (h_errno != HOST_NOT_FOUND)
527 {
528 /* might have another type of interest */
529 if (qtype == T_ANY)
530 {
531 qtype = T_A;
532 continue;
533 }
534 else if (qtype == T_A && !gotmx && trymx)
535 {
536 qtype = T_MX;
537 continue;
538 }
539 }
540
541 if (mxmatch != NULL)
542 {
543 /* we matched before -- use that one */
544 break;
545 }
546
547 /* otherwise, try the next name */
548 dp++;
549 qtype = T_ANY;
550 continue;
551 }
552 else if (tTd(8, 7))
553 printf("\tYES\n");
554
555 /*
556 ** This might be a bogus match. Search for A or
557 ** CNAME records. If we don't have a matching
558 ** wild card MX record, we will accept MX as well.
559 */
560
561 hp = (HEADER *) &answer;
562 ap = (u_char *) &answer + HFIXEDSZ;
563 eom = (u_char *) &answer + ret;
564
565 /* skip question part of response -- we know what we asked */
566 for (qdcount = ntohs(hp->qdcount); qdcount--; ap += ret + QFIXEDSZ)
567 {
568 if ((ret = dn_skipname(ap, eom)) < 0)
569 {
570 if (tTd(8, 20))
571 printf("qdcount failure (%d)\n",
572 ntohs(hp->qdcount));
573 return FALSE; /* ???XXX??? */
574 }
575 }
576
577 amatch = FALSE;
578 for (ancount = ntohs(hp->ancount); --ancount >= 0 && ap < eom; ap += n)
579 {
580 n = dn_expand((u_char *) &answer, eom, ap,
581 (RES_UNC_T) nbuf, sizeof nbuf);
582 if (n < 0)
583 break;
584 ap += n;
585 GETSHORT(type, ap);
586 ap += INT16SZ + INT32SZ;
587 GETSHORT(n, ap);
588 switch (type)
589 {
590 case T_MX:
591 gotmx = TRUE;
592 if (**dp != '\0')
593 {
594 /* got a match -- save that info */
595 if (trymx && mxmatch == NULL)
596 mxmatch = *dp;
597 continue;
598 }
599
600 /* exact MX matches are as good as an A match */
601 /* fall through */
602
603 case T_A:
604 /* good show */
605 amatch = TRUE;
606
607 /* continue in case a CNAME also exists */
608 continue;
609
610 case T_CNAME:
611 if (loopcnt++ > MAXCNAMEDEPTH)
612 {
613 /*XXX should notify postmaster XXX*/
614 message("DNS failure: CNAME loop for %s",
615 host);
616 if (CurEnv->e_message == NULL)
617 {
618 char ebuf[MAXLINE];
619
620 sprintf(ebuf, "Deferred: DNS failure: CNAME loop for %s",
621 host);
622 CurEnv->e_message = newstr(ebuf);
623 }
624 h_errno = NO_RECOVERY;
625 return FALSE;
626 }
627
628 /* value points at name */
629 if ((ret = dn_expand((u_char *)&answer,
630 eom, ap, (RES_UNC_T) nbuf, sizeof(nbuf))) < 0)
631 break;
632 (void)strncpy(host, nbuf, hbsize); /* XXX */
633 host[hbsize - 1] = '\0';
634
635 /*
636 ** RFC 1034 section 3.6 specifies that CNAME
637 ** should point at the canonical name -- but
638 ** urges software to try again anyway.
639 */
640
641 goto cnameloop;
642
643 default:
644 /* not a record of interest */
645 continue;
646 }
647 }
648
649 if (amatch)
650 {
651 /* got an A record and no CNAME */
652 mxmatch = *dp;
653 break;
654 }
655
656 /*
657 ** If this was a T_ANY query, we may have the info but
658 ** need an explicit query. Try T_A, then T_MX.
659 */
660
661 if (qtype == T_ANY)
662 qtype = T_A;
663 else if (qtype == T_A && !gotmx && trymx)
664 qtype = T_MX;
665 else
666 {
667 /* really nothing in this domain; try the next */
668 qtype = T_ANY;
669 dp++;
670 }
671 }
672
673 if (mxmatch == NULL)
674 return FALSE;
675
676 /* create matching name and return */
677 (void) sprintf(nbuf, "%.*s%s%.*s", MAXDNAME, host,
678 *mxmatch == '\0' ? "" : ".",
679 MAXDNAME, mxmatch);
680 strncpy(host, nbuf, hbsize);
681 host[hbsize - 1] = '\0';
682 return TRUE;
683 }
684
685
686 char *
687 gethostalias(host)
688 char *host;
689 {
690 char *fname;
691 FILE *fp;
692 register char *p;
693 char buf[MAXLINE];
694 static char hbuf[MAXDNAME];
695
696 fname = getenv("HOSTALIASES");
697 if (fname == NULL || (fp = fopen(fname, "r")) == NULL)
698 return NULL;
699 while (fgets(buf, sizeof buf, fp) != NULL)
700 {
701 for (p = buf; p != '\0' && !(isascii(*p) && isspace(*p)); p++)
702 continue;
703 if (*p == 0)
704 {
705 /* syntax error */
706 continue;
707 }
708 *p++ = '\0';
709 if (strcasecmp(buf, host) == 0)
710 break;
711 }
712
713 if (feof(fp))
714 {
715 /* no match */
716 fclose(fp);
717 return NULL;
718 }
719
720 /* got a match; extract the equivalent name */
721 while (*p != '\0' && isascii(*p) && isspace(*p))
722 p++;
723 host = p;
724 while (*p != '\0' && !(isascii(*p) && isspace(*p)))
725 p++;
726 *p = '\0';
727 strncpy(hbuf, host, sizeof hbuf - 1);
728 hbuf[sizeof hbuf - 1] = '\0';
729 return hbuf;
730 }
731
732
733 #else /* not NAMED_BIND */
734
735 #include <netdb.h>
736
737 bool
738 getcanonname(host, hbsize, trymx)
739 char *host;
740 int hbsize;
741 bool trymx;
742 {
743 struct hostent *hp;
744 char *p;
745
746 hp = gethostbyname(host);
747 if (hp == NULL)
748 return (FALSE);
749 p = hp->h_name;
750 if (strchr(p, '.') == NULL)
751 {
752 /* first word is a short name -- try to find a long one */
753 char **ap;
754
755 for (ap = hp->h_aliases; *ap != NULL; ap++)
756 if (strchr(*ap, '.') != NULL)
757 break;
758 if (*ap != NULL)
759 p = *ap;
760 }
761
762 if (strlen(p) >= hbsize)
763 return (FALSE);
764
765 (void) strcpy(host, p);
766 return (TRUE);
767 }
768
769 #endif /* not NAMED_BIND */
770