From 8ee4b30ec5b2767efb8d24b3dd9c2dda33679f0b Mon Sep 17 00:00:00 2001 From: Phil Pennock Date: Fri, 18 May 2012 15:35:32 -0400 Subject: SPF multiple strings join on "". Patch from Janne Snabb. --- doc/doc-docbook/spec.xfpt | 8 +++++--- doc/doc-txt/ChangeLog | 2 ++ src/src/lookups/dnsdb.c | 11 ++++++++++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index b650fc39f..c4c181ef1 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -6790,14 +6790,16 @@ white space is ignored. .cindex "TXT record" "in &(dnsdb)& lookup" .cindex "SPF record" "in &(dnsdb)& lookup" .new -For TXT and SPF records with multiple items of data, only the first item is returned, +For TXT records with multiple items of data, only the first item is returned, unless a separator for them is specified using a comma after the separator -character followed immediately by the TXT/SPF record item separator. To concatenate -items without a separator, use a semicolon instead. +character followed immediately by the TXT record item separator. To concatenate +items without a separator, use a semicolon instead. For SPF records the +default behaviour is to concatenate multiple items without using a separator. .wen .code ${lookup dnsdb{>\n,: txt=a.b.example}} ${lookup dnsdb{>\n; txt=a.b.example}} +${lookup dnsdb{spf=example.org}} .endd It is permitted to specify a space as the separator character. Further white space is ignored. diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index bf4ddf1af..b3815cd45 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -113,6 +113,8 @@ PP/25 Revamped GnuTLS support, passing tls_require_ciphers to PP/26 Added EXPERIMENTAL_OCSP for OpenSSL. PP/27 Applied dnsdb SPF support patch from Janne Snabb. + Applied second patch from Janne, implementing suggestion to default + multiple-strings-in-record handling to match SPF spec. JH/04 Added expansion variable $tod_epoch_l for a higher-precision time. diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c index 3fd9f981b..be090cf78 100644 --- a/src/src/lookups/dnsdb.c +++ b/src/src/lookups/dnsdb.c @@ -96,7 +96,8 @@ separator is newline. character used for multiple items of text in "TXT" records. Alternatively, if the next character is ';' then these multiple items are concatenated with no separator. With neither of these options specified, only the first item -is output. +is output. Similarly for "SPF" records, but the default for joining multiple +items in one SPF record is the empty string, for direct concatenation. (c) If the next sequence of characters is 'defer_FOO' followed by a comma, the defer behaviour is set to FOO. The possible behaviours are: 'strict', where @@ -163,6 +164,14 @@ if (*keystring == '>') while (isspace(*keystring)) keystring++; } +/* SPF strings should be concatenated without a separator, thus make +it the default if not defined (see RFC 4408 section 3.1.3). +Multiple SPF records are forbidden (section 3.1.2) but are currently +not handled specially, thus they are concatenated with \n by default. */ + +if (type == T_SPF && outsep2 == NULL) + outsep2 = US""; + /* Check for a defer behaviour keyword. */ if (strncmpic(keystring, US"defer_", 6) == 0) -- cgit v1.2.3