/[smeserver]/rpms/qpsmtpd/sme8/0021-ignore-search-path-in-DNS-lookups.patch
ViewVC logotype

Contents of /rpms/qpsmtpd/sme8/0021-ignore-search-path-in-DNS-lookups.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Sun Nov 14 20:50:20 2010 UTC (14 years ago) by slords
Branch: MAIN
CVS Tags: qpsmtpd-0_84-3_el5_sme, qpsmtpd-0_84-6_el5_sme, qpsmtpd-0_84-2_el5_sme, qpsmtpd-0_84-5_el5_sme, qpsmtpd-0_84-8_el5_sme, qpsmtpd-0_84-9_el5_sme, qpsmtpd-0_84-4_el5_sme, qpsmtpd-0_84-7_el5_sme, HEAD
* Sun Nov 14 2010 <slords@mail.com> 0.84-2.sme
- Sync with upstream git repo.
- Fix require_resolvable_fromhost doesn't work [SME: 6369]
- Fix TLS security defaults [SME: 6366]
- Fix fatal errors when mail has no headers [SME: 6345]

1 From 803a320127f372fa1b6333155da7134a8efef619 Mon Sep 17 00:00:00 2001
2 From: Robert <rspier@pobox.com>
3 Date: Sun, 25 Jul 2010 21:44:02 -0700
4 Subject: ignore search path in DNS lookups
5
6 2. If the name doesn't end in a dot then append each item in the search list to the name.
7 This is only done if dnsrch is true.
8
9 triggered by..
10
11 From: Charlie Brady <charlieb-qpsmtpd@budge.apana.org.au>
12 Subject: [BUG] Default search path used in require_resolvable_fromhost
13 Date: Sat, 17 Jul 2010 16:24:42 -0400 (EDT)
14 Message-ID:
15 <Pine.LNX.4.64.1007171623040.17109@e-smith.charlieb.ott.istop.com>
16
17 http://bugs.contribs.org/show_bug.cgi?id=5808
18
19 Jesper Knudsen 2010-03-01 01:29:10 MST
20
21 When using the require_resolvable_fromhost plugin for qpsmtpd I noticed
22 that mails from user@localhost.localdomain was actually getting through
23 this filter. I finally found out that the plugin has a bug that causes it
24 to insert default search path if it cannot find the domain. This means in
25 my case that localhost.localdomain was then tried resolved as
26 localhost.localdomain.swerts-knudsen.dk and since I have a wilcard CNAME
27 was resolved as my public IP.
28
29 Since this plugin is only enabled for public interface the fix is to set
30 the "dnsrch" flag when creating the Net::DNS object.
31
32 In require_resolvable_fromhost:
33 my $res = Net::DNS::Resolver->new (
34 dnsrch => 0
35 );
36 ---
37 Changes | 2 ++
38 plugins/require_resolvable_fromhost | 4 ++--
39 2 files changed, 4 insertions(+), 2 deletions(-)
40
41 diff --git a/Changes b/Changes
42 index 49452cd..a864b4f 100644
43 --- a/Changes
44 +++ b/Changes
45 @@ -1,6 +1,8 @@
46
47 Next Version
48
49 + require_resolvable_fromhost ignores DNS search path (i.e. it expects fully resolved domains) (Robert Spier, Charlie Brady)
50 +
51 new plugin auth_vpopmaild (Robin Bowes)
52
53 new plugin auth_checkpassword (Matt Simerson)
54 diff --git a/plugins/require_resolvable_fromhost b/plugins/require_resolvable_fromhost
55 index a949460..e9e2a91 100644
56 --- a/plugins/require_resolvable_fromhost
57 +++ b/plugins/require_resolvable_fromhost
58 @@ -58,7 +58,7 @@ sub check_dns {
59
60 return 1 if $host =~ m/^\[(\d{1,3}\.){3}\d{1,3}\]$/;
61
62 - my $res = new Net::DNS::Resolver;
63 + my $res = new Net::DNS::Resolver(dnsrch => 0);
64 $res->tcp_timeout(30);
65 $res->udp_timeout(30);
66 my @mx = mx($res, $host);
67 @@ -116,7 +116,7 @@ sub is_valid {
68
69 sub mx_valid {
70 my ($self, $name, $host) = @_;
71 - my $res = new Net::DNS::Resolver;
72 + my $res = new Net::DNS::Resolver(dnsrch => 0);
73 # IP in MX
74 return is_valid($name) if ip_is_ipv4($name) or ip_is_ipv6($name);
75
76 --
77 1.7.2.2
78

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed