From 51be804a4fb80d5a47b95932b324457ce2ea4e08 Mon Sep 17 00:00:00 2001 From: Jamie Cameron Date: Fri, 5 Nov 2010 23:04:26 -0700 Subject: [PATCH] IPv6 SPF record support --- bind8/bind8-lib.pl | 6 ++++++ bind8/lang/en | 2 ++ bind8/records-lib.pl | 4 ++-- bind8/save_record.cgi | 11 ++++++++++- 4 files changed, 20 insertions(+), 3 deletions(-) diff --git a/bind8/bind8-lib.pl b/bind8/bind8-lib.pl index c045536d5..adf7a7fcb 100755 --- a/bind8/bind8-lib.pl +++ b/bind8/bind8-lib.pl @@ -1057,6 +1057,12 @@ elsif ($type eq "SPF") { &ui_textarea("spfip4s", join("\n", @{$spf->{'ip4:'}}), 3, 40), 3); + if (&supports_ipv6()) { + print &ui_table_row($text{'value_spfip6s'}, + &ui_textarea("spfip6s", join("\n", @{$spf->{'ip6:'}}), + 3, 40), 3); + } + print &ui_table_row($text{'value_spfincludes'}, &ui_textarea("spfincludes", join("\n", @{$spf->{'include:'}}), 3, 40), 3); diff --git a/bind8/lang/en b/bind8/lang/en index 5dcb0991f..bc494d0f1 100644 --- a/bind8/lang/en +++ b/bind8/lang/en @@ -276,6 +276,7 @@ edit_eptr='$1' is not a valid reverse address record hostname edit_espfa='$1' is not a valid host to allow sending from edit_espfmx='$1' is not a valid domain name to allow MX sending from edit_espfip='$1' is not a valid IP address or IP/prefix to allow sending from +edit_espfip6='$1' is not a valid IPv6 address or IPv6/prefix to allow sending from edit_espfinclude='$1' is not a valid additional domain from which mail is sent edit_espfredirect='$1' is not a valid alternate domain name edit_espfexp='$1' is a valid record name for a rejection message @@ -429,6 +430,7 @@ value_spfptr=Allow sending from any host in domain? value_spfas=Additional allowed sender hosts value_spfmxs=Additional allowed sender MX domains value_spfip4s=Additional allowed sender IP addresses/networks +value_spfip6s=Additional allowed sender IPv6 addresses/networks value_spfincludes=Other domains from which mail is sent value_spfall=Action for other senders value_spfall3=Disallow (-all) diff --git a/bind8/records-lib.pl b/bind8/records-lib.pl index b32b7ecdc..732d8f630 100755 --- a/bind8/records-lib.pl +++ b/bind8/records-lib.pl @@ -656,7 +656,7 @@ if ($txt =~ /^v=spf1/) { if ($w eq "a" || $w eq "mx" || $w eq "ptr") { $spf->{$w} = 1; } - elsif ($w =~ /^(a|mx|ip4|ptr|include):(\S+)$/) { + elsif ($w =~ /^(a|mx|ip4|ip6|ptr|include):(\S+)$/) { push(@{$spf->{"$1:"}}, $2); } elsif ($w eq "-all") { @@ -698,7 +698,7 @@ local @rv = ( "v=spf1" ); foreach my $s ("a", "mx", "ptr") { push(@rv, $s) if ($spf->{$s}); } -foreach my $s ("a", "mx", "ip4", "ptr", "include") { +foreach my $s ("a", "mx", "ip4", "ip6", "ptr", "include") { foreach my $v (@{$spf->{"$s:"}}) { push(@rv, "$s:$v"); } diff --git a/bind8/save_record.cgi b/bind8/save_record.cgi index d58198c59..d1c17e7ff 100755 --- a/bind8/save_record.cgi +++ b/bind8/save_record.cgi @@ -288,7 +288,7 @@ else { $spf->{'ptr'} = $in{'spfptr'}; $spf->{'a:'} = [ split(/\s+/, $in{'spfas'}) ]; foreach my $a (@{$spf->{'a:'}}) { - gethostbyname($a) || &error(&text('edit_espfa', $a)); + &to_ipaddress($a) || &error(&text('edit_espfa', $a)); } $spf->{'mx:'} = [ split(/\s+/, $in{'spfmxs'}) ]; foreach my $mx (@{$spf->{'mx:'}}) { @@ -300,6 +300,15 @@ else { ($ip =~ /^(\S+)\/\d+$/ && &check_ipaddress($1)) || &error(&text('edit_espfip', $ip)); } + if (&supports_ipv6()) { + $spf->{'ip6:'} = [ split(/\s+/, $in{'spfip6s'}) ]; + foreach my $ip (@{$spf->{'ip6:'}}) { + &check_ip6address($ip) || + ($ip =~ /^(\S+)\/\d+$/ && + &check_ip6address($1)) || + &error(&text('edit_espfip6', $ip)); + } + } $spf->{'include:'} = [ split(/\s+/, $in{'spfincludes'}) ]; foreach my $i (@{$spf->{'include:'}}) { &valname($i) || &error(&text('edit_espfinclude', $i));