1 /* 2 * Copyright (c) 1986 Eric P. Allman 3 * Copyright (c) 1988, 1993 4 * The Regents of the University of California. All rights reserved. 5 * 6 * %sccs.include.redist.c% 7 */ 8 9 #include "sendmail.h" 10 11 #ifndef lint 12 #if NAMED_BIND 13 static char sccsid[] = "@(#)domain.c 8.29 (Berkeley) 11/13/94 (with name server)"; 14 #else 15 static char sccsid[] = "@(#)domain.c 8.29 (Berkeley) 11/13/94 (without name server)"; 16 #endif 17 #endif /* not lint */ 18 19 #if NAMED_BIND 20 21 #include <errno.h> 22 #include <resolv.h> 23 #include <netdb.h> 24 25 typedef union 26 { 27 HEADER qb1; 28 u_char qb2[PACKETSZ]; 29 } querybuf; 30 31 static char MXHostBuf[MAXMXHOSTS*PACKETSZ]; 32 33 #ifndef MAXDNSRCH 34 #define MAXDNSRCH 6 /* number of possible domains to search */ 35 #endif 36 37 #ifndef MAX 38 #define MAX(a, b) ((a) > (b) ? (a) : (b)) 39 #endif 40 41 #ifndef NO_DATA 42 # define NO_DATA NO_ADDRESS 43 #endif 44 45 #ifndef HFIXEDSZ 46 # define HFIXEDSZ 12 /* sizeof(HEADER) */ 47 #endif 48 49 #define MAXCNAMEDEPTH 10 /* maximum depth of CNAME recursion */ 50 51 #if defined(__RES) && (__RES >= 19940415) 52 # define RES_UNC_T char * 53 #else 54 # define RES_UNC_T u_char * 55 #endif 56 /* 57 ** GETMXRR -- get MX resource records for a domain 58 ** 59 ** Parameters: 60 ** host -- the name of the host to MX. 61 ** mxhosts -- a pointer to a return buffer of MX records. 62 ** droplocalhost -- If TRUE, all MX records less preferred 63 ** than the local host (as determined by $=w) will 64 ** be discarded. 65 ** rcode -- a pointer to an EX_ status code. 66 ** 67 ** Returns: 68 ** The number of MX records found. 69 ** -1 if there is an internal failure. 70 ** If no MX records are found, mxhosts[0] is set to host 71 ** and 1 is returned. 72 */ 73 74 getmxrr(host, mxhosts, droplocalhost, rcode) 75 char *host; 76 char **mxhosts; 77 bool droplocalhost; 78 int *rcode; 79 { 80 extern int h_errno; 81 register u_char *eom, *cp; 82 register int i, j, n; 83 int nmx = 0; 84 register char *bp; 85 HEADER *hp; 86 querybuf answer; 87 int ancount, qdcount, buflen; 88 bool seenlocal = FALSE; 89 u_short pref, localpref, type; 90 char *fallbackMX = FallBackMX; 91 static bool firsttime = TRUE; 92 STAB *st; 93 bool trycanon = FALSE; 94 u_short prefer[MAXMXHOSTS]; 95 int weight[MAXMXHOSTS]; 96 extern bool getcanonname(); 97 98 if (tTd(8, 2)) 99 printf("getmxrr(%s, droplocalhost=%d)\n", host, droplocalhost); 100 101 if (fallbackMX != NULL) 102 { 103 if (firsttime && 104 res_query(FallBackMX, C_IN, T_A, 105 (u_char *) &answer, sizeof answer) < 0) 106 { 107 /* this entry is bogus */ 108 fallbackMX = FallBackMX = NULL; 109 } 110 else if (droplocalhost && 111 (st = stab(fallbackMX, ST_CLASS, ST_FIND)) != NULL && 112 bitnset('w', st->s_class)) 113 { 114 /* don't use fallback for this pass */ 115 fallbackMX = NULL; 116 } 117 firsttime = FALSE; 118 } 119 120 /* efficiency hack -- numeric or non-MX lookups */ 121 if (host[0] == '[') 122 goto punt; 123 124 /* 125 ** If we don't have MX records in our host switch, don't 126 ** try for MX records. Note that this really isn't "right", 127 ** since we might be set up to try NIS first and then DNS; 128 ** if the host is found in NIS we really shouldn't be doing 129 ** MX lookups. However, that should be a degenerate case. 130 */ 131 132 if (!UseNameServer) 133 goto punt; 134 135 errno = 0; 136 n = res_search(host, C_IN, T_MX, (u_char *) &answer, sizeof(answer)); 137 if (n < 0) 138 { 139 if (tTd(8, 1)) 140 printf("getmxrr: res_search(%s) failed (errno=%d, h_errno=%d)\n", 141 (host == NULL) ? "<NULL>" : host, errno, h_errno); 142 switch (h_errno) 143 { 144 case NO_DATA: 145 trycanon = TRUE; 146 /* fall through */ 147 148 case NO_RECOVERY: 149 /* no MX data on this host */ 150 goto punt; 151 152 case HOST_NOT_FOUND: 153 #ifdef BROKEN_RES_SEARCH 154 case 0: /* Ultrix resolver retns failure w/ h_errno=0 */ 155 #endif 156 /* host doesn't exist in DNS; might be in /etc/hosts */ 157 *rcode = EX_NOHOST; 158 goto punt; 159 160 case TRY_AGAIN: 161 /* couldn't connect to the name server */ 162 /* it might come up later; better queue it up */ 163 *rcode = EX_TEMPFAIL; 164 break; 165 166 default: 167 syserr("getmxrr: res_search (%s) failed with impossible h_errno (%d)\n", 168 host, h_errno); 169 *rcode = EX_OSERR; 170 break; 171 } 172 173 /* irreconcilable differences */ 174 return (-1); 175 } 176 177 /* find first satisfactory answer */ 178 hp = (HEADER *)&answer; 179 cp = (u_char *)&answer + HFIXEDSZ; 180 eom = (u_char *)&answer + n; 181 for (qdcount = ntohs(hp->qdcount); qdcount--; cp += n + QFIXEDSZ) 182 if ((n = dn_skipname(cp, eom)) < 0) 183 goto punt; 184 buflen = sizeof(MXHostBuf) - 1; 185 bp = MXHostBuf; 186 ancount = ntohs(hp->ancount); 187 while (--ancount >= 0 && cp < eom && nmx < MAXMXHOSTS - 1) 188 { 189 if ((n = dn_expand((u_char *)&answer, 190 eom, cp, (RES_UNC_T) bp, buflen)) < 0) 191 break; 192 cp += n; 193 GETSHORT(type, cp); 194 cp += INT16SZ + INT32SZ; 195 GETSHORT(n, cp); 196 if (type != T_MX) 197 { 198 if (tTd(8, 8) || _res.options & RES_DEBUG) 199 printf("unexpected answer type %d, size %d\n", 200 type, n); 201 cp += n; 202 continue; 203 } 204 GETSHORT(pref, cp); 205 if ((n = dn_expand((u_char *)&answer, eom, cp, 206 (RES_UNC_T) bp, buflen)) < 0) 207 break; 208 cp += n; 209 if (droplocalhost && 210 (st = stab(bp, ST_CLASS, ST_FIND)) != NULL && 211 bitnset('w', st->s_class)) 212 { 213 if (tTd(8, 3)) 214 printf("found localhost (%s) in MX list, pref=%d\n", 215 bp, pref); 216 if (!seenlocal || pref < localpref) 217 localpref = pref; 218 seenlocal = TRUE; 219 continue; 220 } 221 weight[nmx] = mxrand(bp); 222 prefer[nmx] = pref; 223 mxhosts[nmx++] = bp; 224 n = strlen(bp); 225 bp += n; 226 if (bp[-1] != '.') 227 { 228 *bp++ = '.'; 229 n++; 230 } 231 *bp++ = '\0'; 232 buflen -= n + 1; 233 } 234 235 /* sort the records */ 236 for (i = 0; i < nmx; i++) 237 { 238 for (j = i + 1; j < nmx; j++) 239 { 240 if (prefer[i] > prefer[j] || 241 (prefer[i] == prefer[j] && weight[i] > weight[j])) 242 { 243 register int temp; 244 register char *temp1; 245 246 temp = prefer[i]; 247 prefer[i] = prefer[j]; 248 prefer[j] = temp; 249 temp1 = mxhosts[i]; 250 mxhosts[i] = mxhosts[j]; 251 mxhosts[j] = temp1; 252 temp = weight[i]; 253 weight[i] = weight[j]; 254 weight[j] = temp; 255 } 256 } 257 if (seenlocal && prefer[i] >= localpref) 258 { 259 /* truncate higher preference part of list */ 260 nmx = i; 261 } 262 } 263 264 if (nmx == 0) 265 { 266 punt: 267 if (seenlocal && 268 (!TryNullMXList || gethostbyname(host) == NULL)) 269 { 270 /* 271 ** If we have deleted all MX entries, this is 272 ** an error -- we should NEVER send to a host that 273 ** has an MX, and this should have been caught 274 ** earlier in the config file. 275 ** 276 ** Some sites prefer to go ahead and try the 277 ** A record anyway; that case is handled by 278 ** setting TryNullMXList. I believe this is a 279 ** bad idea, but it's up to you.... 280 */ 281 282 *rcode = EX_CONFIG; 283 syserr("MX list for %s points back to %s", 284 host, MyHostName); 285 return -1; 286 } 287 strcpy(MXHostBuf, host); 288 mxhosts[0] = MXHostBuf; 289 if (host[0] == '[') 290 { 291 register char *p; 292 293 /* this may be an MX suppression-style address */ 294 p = strchr(MXHostBuf, ']'); 295 if (p != NULL) 296 { 297 *p = '\0'; 298 if (inet_addr(&MXHostBuf[1]) != -1) 299 *p = ']'; 300 else 301 { 302 trycanon = TRUE; 303 mxhosts[0]++; 304 } 305 } 306 } 307 if (trycanon && 308 getcanonname(mxhosts[0], sizeof MXHostBuf - 2, FALSE)) 309 { 310 bp = &MXHostBuf[strlen(MXHostBuf)]; 311 if (bp[-1] != '.') 312 { 313 *bp++ = '.'; 314 *bp = '\0'; 315 } 316 } 317 nmx = 1; 318 } 319 320 /* if we have a default lowest preference, include that */ 321 if (fallbackMX != NULL && !seenlocal) 322 mxhosts[nmx++] = fallbackMX; 323 324 return (nmx); 325 } 326 /* 327 ** MXRAND -- create a randomizer for equal MX preferences 328 ** 329 ** If two MX hosts have equal preferences we want to randomize 330 ** the selection. But in order for signatures to be the same, 331 ** we need to randomize the same way each time. This function 332 ** computes a pseudo-random hash function from the host name. 333 ** 334 ** Parameters: 335 ** host -- the name of the host. 336 ** 337 ** Returns: 338 ** A random but repeatable value based on the host name. 339 ** 340 ** Side Effects: 341 ** none. 342 */ 343 344 mxrand(host) 345 register char *host; 346 { 347 int hfunc; 348 static unsigned int seed; 349 350 if (seed == 0) 351 { 352 seed = (int) curtime() & 0xffff; 353 if (seed == 0) 354 seed++; 355 } 356 357 if (tTd(17, 9)) 358 printf("mxrand(%s)", host); 359 360 hfunc = seed; 361 while (*host != '\0') 362 { 363 int c = *host++; 364 365 if (isascii(c) && isupper(c)) 366 c = tolower(c); 367 hfunc = ((hfunc << 1) ^ c) % 2003; 368 } 369 370 hfunc &= 0xff; 371 372 if (tTd(17, 9)) 373 printf(" = %d\n", hfunc); 374 return hfunc; 375 } 376 /* 377 ** GETCANONNAME -- get the canonical name for named host 378 ** 379 ** This algorithm tries to be smart about wildcard MX records. 380 ** This is hard to do because DNS doesn't tell is if we matched 381 ** against a wildcard or a specific MX. 382 ** 383 ** We always prefer A & CNAME records, since these are presumed 384 ** to be specific. 385 ** 386 ** If we match an MX in one pass and lose it in the next, we use 387 ** the old one. For example, consider an MX matching *.FOO.BAR.COM. 388 ** A hostname bletch.foo.bar.com will match against this MX, but 389 ** will stop matching when we try bletch.bar.com -- so we know 390 ** that bletch.foo.bar.com must have been right. This fails if 391 ** there was also an MX record matching *.BAR.COM, but there are 392 ** some things that just can't be fixed. 393 ** 394 ** Parameters: 395 ** host -- a buffer containing the name of the host. 396 ** This is a value-result parameter. 397 ** hbsize -- the size of the host buffer. 398 ** trymx -- if set, try MX records as well as A and CNAME. 399 ** 400 ** Returns: 401 ** TRUE -- if the host matched. 402 ** FALSE -- otherwise. 403 */ 404 405 bool 406 getcanonname(host, hbsize, trymx) 407 char *host; 408 int hbsize; 409 bool trymx; 410 { 411 extern int h_errno; 412 register u_char *eom, *ap; 413 register char *cp; 414 register int n; 415 HEADER *hp; 416 querybuf answer; 417 int ancount, qdcount; 418 int ret; 419 char **domain; 420 int type; 421 char **dp; 422 char *mxmatch; 423 bool amatch; 424 bool gotmx; 425 int qtype; 426 int loopcnt; 427 char *xp; 428 char nbuf[MAX(PACKETSZ, MAXDNAME*2+2)]; 429 char *searchlist[MAXDNSRCH+2]; 430 extern char *gethostalias(); 431 432 if (tTd(8, 2)) 433 printf("getcanonname(%s)\n", host); 434 435 if ((_res.options & RES_INIT) == 0 && res_init() == -1) 436 return (FALSE); 437 438 /* 439 ** Initialize domain search list. If there is at least one 440 ** dot in the name, search the unmodified name first so we 441 ** find "vse.CS" in Czechoslovakia instead of in the local 442 ** domain (e.g., vse.CS.Berkeley.EDU). 443 ** 444 ** Older versions of the resolver could create this 445 ** list by tearing apart the host name. 446 */ 447 448 loopcnt = 0; 449 cnameloop: 450 for (cp = host, n = 0; *cp; cp++) 451 if (*cp == '.') 452 n++; 453 454 if (n == 0 && (xp = gethostalias(host)) != NULL) 455 { 456 if (loopcnt++ > MAXCNAMEDEPTH) 457 { 458 syserr("loop in ${HOSTALIASES} file"); 459 } 460 else 461 { 462 strncpy(host, xp, hbsize); 463 host[hbsize - 1] = '\0'; 464 goto cnameloop; 465 } 466 } 467 468 dp = searchlist; 469 if (n > 0) 470 *dp++ = ""; 471 if (n >= 0 && *--cp != '.' && bitset(RES_DNSRCH, _res.options)) 472 { 473 for (domain = _res.dnsrch; *domain != NULL; ) 474 *dp++ = *domain++; 475 } 476 else if (n == 0 && bitset(RES_DEFNAMES, _res.options)) 477 { 478 *dp++ = _res.defdname; 479 } 480 else if (*cp == '.') 481 { 482 *cp = '\0'; 483 } 484 *dp = NULL; 485 486 /* 487 ** Now run through the search list for the name in question. 488 */ 489 490 mxmatch = NULL; 491 qtype = T_ANY; 492 493 for (dp = searchlist; *dp != NULL; ) 494 { 495 if (qtype == T_ANY) 496 gotmx = FALSE; 497 if (tTd(8, 5)) 498 printf("getcanonname: trying %s.%s (%s)\n", host, *dp, 499 qtype == T_ANY ? "ANY" : qtype == T_A ? "A" : 500 qtype == T_MX ? "MX" : "???"); 501 ret = res_querydomain(host, *dp, C_IN, qtype, 502 answer.qb2, sizeof(answer.qb2)); 503 if (ret <= 0) 504 { 505 if (tTd(8, 7)) 506 printf("\tNO: errno=%d, h_errno=%d\n", 507 errno, h_errno); 508 509 if (errno == ECONNREFUSED || h_errno == TRY_AGAIN) 510 { 511 /* the name server seems to be down */ 512 h_errno = TRY_AGAIN; 513 return FALSE; 514 } 515 516 if (h_errno != HOST_NOT_FOUND) 517 { 518 /* might have another type of interest */ 519 if (qtype == T_ANY) 520 { 521 qtype = T_A; 522 continue; 523 } 524 else if (qtype == T_A && !gotmx && trymx) 525 { 526 qtype = T_MX; 527 continue; 528 } 529 } 530 531 if (mxmatch != NULL) 532 { 533 /* we matched before -- use that one */ 534 break; 535 } 536 537 /* otherwise, try the next name */ 538 dp++; 539 qtype = T_ANY; 540 continue; 541 } 542 else if (tTd(8, 7)) 543 printf("\tYES\n"); 544 545 /* 546 ** This might be a bogus match. Search for A or 547 ** CNAME records. If we don't have a matching 548 ** wild card MX record, we will accept MX as well. 549 */ 550 551 hp = (HEADER *) &answer; 552 ap = (u_char *) &answer + HFIXEDSZ; 553 eom = (u_char *) &answer + ret; 554 555 /* skip question part of response -- we know what we asked */ 556 for (qdcount = ntohs(hp->qdcount); qdcount--; ap += ret + QFIXEDSZ) 557 { 558 if ((ret = dn_skipname(ap, eom)) < 0) 559 { 560 if (tTd(8, 20)) 561 printf("qdcount failure (%d)\n", 562 ntohs(hp->qdcount)); 563 return FALSE; /* ???XXX??? */ 564 } 565 } 566 567 amatch = FALSE; 568 for (ancount = ntohs(hp->ancount); --ancount >= 0 && ap < eom; ap += n) 569 { 570 n = dn_expand((u_char *) &answer, eom, ap, 571 (RES_UNC_T) nbuf, sizeof nbuf); 572 if (n < 0) 573 break; 574 ap += n; 575 GETSHORT(type, ap); 576 ap += INT16SZ + INT32SZ; 577 GETSHORT(n, ap); 578 switch (type) 579 { 580 case T_MX: 581 gotmx = TRUE; 582 if (**dp != '\0') 583 { 584 /* got a match -- save that info */ 585 if (trymx && mxmatch == NULL) 586 mxmatch = *dp; 587 continue; 588 } 589 590 /* exact MX matches are as good as an A match */ 591 /* fall through */ 592 593 case T_A: 594 /* good show */ 595 amatch = TRUE; 596 597 /* continue in case a CNAME also exists */ 598 continue; 599 600 case T_CNAME: 601 if (loopcnt++ > MAXCNAMEDEPTH) 602 { 603 /*XXX should notify postmaster XXX*/ 604 message("DNS failure: CNAME loop for %s", 605 host); 606 if (CurEnv->e_message == NULL) 607 { 608 char ebuf[MAXLINE]; 609 610 sprintf(ebuf, "Deferred: DNS failure: CNAME loop for %s", 611 host); 612 CurEnv->e_message = newstr(ebuf); 613 } 614 h_errno = NO_RECOVERY; 615 return FALSE; 616 } 617 618 /* value points at name */ 619 if ((ret = dn_expand((u_char *)&answer, 620 eom, ap, (RES_UNC_T) nbuf, sizeof(nbuf))) < 0) 621 break; 622 (void)strncpy(host, nbuf, hbsize); /* XXX */ 623 host[hbsize - 1] = '\0'; 624 625 /* 626 ** RFC 1034 section 3.6 specifies that CNAME 627 ** should point at the canonical name -- but 628 ** urges software to try again anyway. 629 */ 630 631 goto cnameloop; 632 633 default: 634 /* not a record of interest */ 635 continue; 636 } 637 } 638 639 if (amatch) 640 { 641 /* got an A record and no CNAME */ 642 mxmatch = *dp; 643 break; 644 } 645 646 /* 647 ** If this was a T_ANY query, we may have the info but 648 ** need an explicit query. Try T_A, then T_MX. 649 */ 650 651 if (qtype == T_ANY) 652 qtype = T_A; 653 else if (qtype == T_A && !gotmx && trymx) 654 qtype = T_MX; 655 else 656 { 657 /* really nothing in this domain; try the next */ 658 qtype = T_ANY; 659 dp++; 660 } 661 } 662 663 if (mxmatch == NULL) 664 return FALSE; 665 666 /* create matching name and return */ 667 (void) sprintf(nbuf, "%.*s%s%.*s", MAXDNAME, host, 668 *mxmatch == '\0' ? "" : ".", 669 MAXDNAME, mxmatch); 670 strncpy(host, nbuf, hbsize); 671 host[hbsize - 1] = '\0'; 672 return TRUE; 673 } 674 675 676 char * 677 gethostalias(host) 678 char *host; 679 { 680 char *fname; 681 FILE *fp; 682 register char *p; 683 char buf[MAXLINE]; 684 static char hbuf[MAXDNAME]; 685 686 fname = getenv("HOSTALIASES"); 687 if (fname == NULL || (fp = fopen(fname, "r")) == NULL) 688 return NULL; 689 while (fgets(buf, sizeof buf, fp) != NULL) 690 { 691 for (p = buf; p != '\0' && !(isascii(*p) && isspace(*p)); p++) 692 continue; 693 if (*p == 0) 694 { 695 /* syntax error */ 696 continue; 697 } 698 *p++ = '\0'; 699 if (strcasecmp(buf, host) == 0) 700 break; 701 } 702 703 if (feof(fp)) 704 { 705 /* no match */ 706 fclose(fp); 707 return NULL; 708 } 709 710 /* got a match; extract the equivalent name */ 711 while (*p != '\0' && isascii(*p) && isspace(*p)) 712 p++; 713 host = p; 714 while (*p != '\0' && !(isascii(*p) && isspace(*p))) 715 p++; 716 *p = '\0'; 717 strncpy(hbuf, host, sizeof hbuf - 1); 718 hbuf[sizeof hbuf - 1] = '\0'; 719 return hbuf; 720 } 721 722 723 #else /* not NAMED_BIND */ 724 725 #include <netdb.h> 726 727 bool 728 getcanonname(host, hbsize, trymx) 729 char *host; 730 int hbsize; 731 bool trymx; 732 { 733 struct hostent *hp; 734 char *p; 735 736 hp = gethostbyname(host); 737 if (hp == NULL) 738 return (FALSE); 739 p = hp->h_name; 740 if (strchr(p, '.') == NULL) 741 { 742 /* first word is a short name -- try to find a long one */ 743 char **ap; 744 745 for (ap = hp->h_aliases; *ap != NULL; ap++) 746 if (strchr(*ap, '.') != NULL) 747 break; 748 if (*ap != NULL) 749 p = *ap; 750 } 751 752 if (strlen(p) >= hbsize) 753 return (FALSE); 754 755 (void) strcpy(host, p); 756 return (TRUE); 757 } 758 759 #endif /* not NAMED_BIND */ 760