Package: libspf2-2
Version: 1.2.5.dfsg-2
Severity: normal
Tags: patch

Attached patch fixes a pair of conformance issues:

  - When domain obtained from reverse-path is null (i.e. in a DSN), HELO
    domain must be checked instead (see RFC 4408 / section 2.2).

  - Permanent error when processing an include: directive should in turn
    produce permanent error (see the table in RFC 4408 / section 5.2).

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-amd64
Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8)

Versions of packages libspf2-2 depends on:
ii  libc6                       2.3.6.ds1-13 GNU C Library: Shared libraries

libspf2-2 recommends no packages.

-- no debconf information
diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c 
libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c
--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c  2005-02-22 
04:41:27.000000000 +0100
+++ libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c      2007-07-01 
01:03:17.000000000 +0200
@@ -13,6 +13,16 @@
  * These licenses can be found with the distribution in the file LICENSES
  */
 
+/*
+ *  Improvements Copyright (C) 2007  Robert Millan <[EMAIL PROTECTED]>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU Lesser General Public License as published
+ *  by the Free Software Foundation; either version 2.1 of the License, or
+ *  (at your option) any later version.
+ *
+ */
+
 #include "spf_sys_config.h"
 
 #ifdef STDC_HEADERS
@@ -135,7 +145,9 @@
 
        /* Is this cur_dom? */
        sender_dom = spf_request->env_from_dp;
-       if (sender_dom == NULL)
+
+       /* For MAILER-DAEMON messages, fallback to helo domain */
+       if ((sender_dom == NULL) || (sender_dom[0] == '\0'))
                sender_dom = spf_request->helo_dom;
 
        if ( spf_response->reason == SPF_REASON_LOCAL_POLICY ) {
@@ -214,11 +226,15 @@
                break;
 
        case SPF_RESULT_NEUTRAL:
-       case SPF_RESULT_NONE:
                snprintf( p, p_end - p, "%s is neither permitted nor denied by 
%s",
                                  ip, spf_source );
                break;
 
+       case SPF_RESULT_NONE:
+               snprintf( p, p_end - p, "%s doesn't provide an SPF record",
+                                 spf_source );
+               break;
+
        case SPF_RESULT_TEMPERROR:
                snprintf( p, p_end - p, "encountered temporary error during SPF 
processing of %s",
                                  spf_source );
@@ -686,8 +702,12 @@
 
 #define SPF_GET_LOOKUP_DATA() \
        do {                                                                    
                        \
-               if ( data == data_end )                                         
        \
+               if ( data == data_end ) {                                       
                        \
                        lookup = spf_request->cur_dom;                          
\
+                       /* For MAILER-DAEMON messages, fallback to helo domain 
*/                       \
+                       if ((lookup == NULL) || (lookup[0] == '\0'))            
                        \
+                               lookup = spf_request->helo_dom;                 
                        \
+               }                                                               
                        \
                else {                                                          
                        \
                        err = SPF_record_expand_data( spf_server,       \
                                                        spf_request, 
spf_response,      \
@@ -1022,7 +1042,10 @@
                                if (spf_record_subr)
                                        SPF_record_free(spf_record_subr);
                                SPF_FREE_LOOKUP_DATA();
-                               return DONE_TEMPERR( err );
+                               if (err == SPF_E_DNS_ERROR)
+                                       return DONE_TEMPERR( err );
+                               else
+                                       return DONE_PERMERR( err );
                        }
 
                        /*
diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_result.c 
libspf2-1.2.5.dfsg/src/libspf2/spf_result.c
--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_result.c     2004-08-10 
15:04:02.000000000 +0200
+++ libspf2-1.2.5.dfsg/src/libspf2/spf_result.c 2007-07-01 01:03:29.000000000 
+0200
@@ -13,6 +13,16 @@
  * These licenses can be found with the distribution in the file LICENSES
  */
 
+/*
+ *  Improvements Copyright (C) 2007  Robert Millan <[EMAIL PROTECTED]>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU Lesser General Public License as published
+ *  by the Free Software Foundation; either version 2.1 of the License, or
+ *  (at your option) any later version.
+ *
+ */
+
 #include "spf_sys_config.h"
 
 #ifdef STDC_HEADERS
@@ -187,11 +197,15 @@
        break;
        
     case SPF_RESULT_NEUTRAL:
-    case SPF_RESULT_NONE:
        snprintf( p, p_end - p, "%s is neither permitted nor denied by %s",
                  ip, spf_source );
        break;
 
+    case SPF_RESULT_NONE:
+       snprintf( p, p_end - p, "%s doesn't provide an SPF record",
+                 spf_source );
+       break;
+
     case SPF_RESULT_ERROR:
        snprintf( p, p_end - p, "encountered temporary error during SPF 
processing of %s",
                  spf_source );
diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_server.c 
libspf2-1.2.5.dfsg/src/libspf2/spf_server.c
--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_server.c     2005-02-19 
04:52:58.000000000 +0100
+++ libspf2-1.2.5.dfsg/src/libspf2/spf_server.c 2007-07-01 01:04:34.000000000 
+0200
@@ -13,6 +13,16 @@
  * These licenses can be found with the distribution in the file LICENSES
  */
 
+/*
+ *  Improvements Copyright (C) 2007  Robert Millan <[EMAIL PROTECTED]>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU Lesser General Public License as published
+ *  by the Free Software Foundation; either version 2.1 of the License, or
+ *  (at your option) any later version.
+ *
+ */
+
 #include "spf_sys_config.h"
 
 
@@ -262,6 +272,9 @@
        SPF_ASSERT_NOTNULL(spf_recordp);
 
        domain = spf_request->cur_dom;
+       /* For MAILER-DAEMON messages, fallback to helo domain */
+       if ((domain == NULL) || (domain[0] == '\0'))
+               domain = spf_request->helo_dom;
        SPF_ASSERT_NOTNULL(domain);
 
        *spf_recordp = NULL;
@@ -279,8 +292,7 @@
                        SPF_dns_rr_free(rr_txt);
                        spf_response->result = SPF_RESULT_NONE;
                        spf_response->reason = SPF_REASON_FAILURE;
-                       return SPF_response_add_error(spf_response, 
-SPF_E_NOT_SPF,
+                       return SPF_response_add_error(spf_response, 
SPF_E_NOT_SPF,
                                        "Host '%s' not found.", domain);
                        break;
 

Reply via email to