Hi,
I think I might have found a bug in the libspf2 library, please correct me
if I'm wrong. I wrote some code that uses SPF_dns_lookup to resolve an A
record. I get an answer, and the response includes the answer, but the
SPF_dns_lookup function returns NO_DATA (integer value of 4). As far as I
can see, this occurs when the response doesn't have an ADDITIONAL section.
I'll try to describe what the problem is below. In the function
SPF_dns_resolv_lookup the variable cnt is incremented per answer, but it is
reset per section (ns_sect) in the first for loop. Since I have no
ADDITIONAL section, which comes after the AUTHORITY section, cnt is reset
to 0 (zero). Outside the second for loop the following statement is placed:
spfrr->num_rr = cnt;
Then outside the first for loop the following if statement is placed.
if (spfrr->num_rr == 0)
spfrr->herrno = NO_DATA;
I included some extra debug statements in the code, and the output looks as
follows:
spf_dns.c:54 Debug: DNS[cache] lookup: www.isc.org A (1)
spf_dns.c:54 Debug: DNS[resolv] lookup: www.isc.org A (1)
spf_dns_resolv.c:373 Debug: msg id: 20905
spf_dns_resolv.c:374 Debug: ns_f_qr quest/resp: 1
spf_dns_resolv.c:375 Debug: ns_f_opcode: 0
spf_dns_resolv.c:376 Debug: ns_f_aa auth ans: 0
spf_dns_resolv.c:377 Debug: ns_f_tc truncated: 0
spf_dns_resolv.c:378 Debug: ns_f_rd rec desire: 1
spf_dns_resolv.c:379 Debug: ns_f_ra rec avail: 1
spf_dns_resolv.c:380 Debug: ns_f_rcode: 0
spf_dns_resolv.c:397 Debug: QUESTION: 1
spf_dns_resolv.c:401 Debug: QUESTION: count 0
spf_dns_resolv.c:420 Debug: name: www.isc.org type: 1 class: 1 ttl: 0
rdlen: 0
spf_dns_resolv.c:397 Debug: ANSWER: 1
spf_dns_resolv.c:401 Debug: ANSWER: count 0
spf_dns_resolv.c:420 Debug: name: www.isc.org type: 1 class: 1 ttl: 5
rdlen: 4
spf_dns_resolv.c:129 Debug: A: 149.20.64.42
spf_dns_resolv.c:397 Debug: AUTHORITY: 0
spf_dns_resolv.c:401 Debug: AUTHORITY: count 1 << my addition
spf_dns_resolv.c:397 Debug: ADDITIONAL: 0
spf_dns_resolv.c:401 Debug: ADDITIONAL: count 0 << my addition
spf_dns.c:66 Debug: DNS[resolv] found record
spf_dns.c:69 Debug: DOMAIN: www.isc.org TYPE: A (1)
spf_dns.c:76 Debug: TTL: 0 RR found: 0 herrno: 4 source:
resolv
spf_dns.c:66 Debug: DNS[cache] found record
spf_dns.c:69 Debug: DOMAIN: www.isc.org TYPE: A (1)
spf_dns.c:76 Debug: TTL: 0 RR found: 0 herrno: 4 source:
resolv
Correct me if I'm wrong but reading the code and seeing this output, I
think it means two things:
1. AUTHORITY section responses would get overwritten by responses in
ADDITIONAL section
2. responses in AUTHORITY section are successfully stored but the function
would respond with "NO_DATA", which is incorrect.
Best regards,
Jeroen Koekkoek
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/1311533-9e42a648
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311533&id_secret=1311533-d322f1f1
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311533&id_secret=1311533-d59c80a0&post_id=20110317053832:51682060-507A-11E0-A51F-D36E3B77EE1E
Powered by Listbox: http://www.listbox.com
I think I might have found a bug in the libspf2 library, please correct me
if I'm wrong. I wrote some code that uses SPF_dns_lookup to resolve an A
record. I get an answer, and the response includes the answer, but the
SPF_dns_lookup function returns NO_DATA (integer value of 4). As far as I
can see, this occurs when the response doesn't have an ADDITIONAL section.
I'll try to describe what the problem is below. In the function
SPF_dns_resolv_lookup the variable cnt is incremented per answer, but it is
reset per section (ns_sect) in the first for loop. Since I have no
ADDITIONAL section, which comes after the AUTHORITY section, cnt is reset
to 0 (zero). Outside the second for loop the following statement is placed:
spfrr->num_rr = cnt;
Then outside the first for loop the following if statement is placed.
if (spfrr->num_rr == 0)
spfrr->herrno = NO_DATA;
I included some extra debug statements in the code, and the output looks as
follows:
spf_dns.c:54 Debug: DNS[cache] lookup: www.isc.org A (1)
spf_dns.c:54 Debug: DNS[resolv] lookup: www.isc.org A (1)
spf_dns_resolv.c:373 Debug: msg id: 20905
spf_dns_resolv.c:374 Debug: ns_f_qr quest/resp: 1
spf_dns_resolv.c:375 Debug: ns_f_opcode: 0
spf_dns_resolv.c:376 Debug: ns_f_aa auth ans: 0
spf_dns_resolv.c:377 Debug: ns_f_tc truncated: 0
spf_dns_resolv.c:378 Debug: ns_f_rd rec desire: 1
spf_dns_resolv.c:379 Debug: ns_f_ra rec avail: 1
spf_dns_resolv.c:380 Debug: ns_f_rcode: 0
spf_dns_resolv.c:397 Debug: QUESTION: 1
spf_dns_resolv.c:401 Debug: QUESTION: count 0
spf_dns_resolv.c:420 Debug: name: www.isc.org type: 1 class: 1 ttl: 0
rdlen: 0
spf_dns_resolv.c:397 Debug: ANSWER: 1
spf_dns_resolv.c:401 Debug: ANSWER: count 0
spf_dns_resolv.c:420 Debug: name: www.isc.org type: 1 class: 1 ttl: 5
rdlen: 4
spf_dns_resolv.c:129 Debug: A: 149.20.64.42
spf_dns_resolv.c:397 Debug: AUTHORITY: 0
spf_dns_resolv.c:401 Debug: AUTHORITY: count 1 << my addition
spf_dns_resolv.c:397 Debug: ADDITIONAL: 0
spf_dns_resolv.c:401 Debug: ADDITIONAL: count 0 << my addition
spf_dns.c:66 Debug: DNS[resolv] found record
spf_dns.c:69 Debug: DOMAIN: www.isc.org TYPE: A (1)
spf_dns.c:76 Debug: TTL: 0 RR found: 0 herrno: 4 source:
resolv
spf_dns.c:66 Debug: DNS[cache] found record
spf_dns.c:69 Debug: DOMAIN: www.isc.org TYPE: A (1)
spf_dns.c:76 Debug: TTL: 0 RR found: 0 herrno: 4 source:
resolv
Correct me if I'm wrong but reading the code and seeing this output, I
think it means two things:
1. AUTHORITY section responses would get overwritten by responses in
ADDITIONAL section
2. responses in AUTHORITY section are successfully stored but the function
would respond with "NO_DATA", which is incorrect.
Best regards,
Jeroen Koekkoek
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/1311533-9e42a648
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311533&id_secret=1311533-d322f1f1
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311533&id_secret=1311533-d59c80a0&post_id=20110317053832:51682060-507A-11E0-A51F-D36E3B77EE1E
Powered by Listbox: http://www.listbox.com