Rev 2 | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 2 | Rev 29 | ||
---|---|---|---|
1 | #! /bin/sh /usr/share/dpatch/dpatch-run |
1 | #! /bin/sh /usr/share/dpatch/dpatch-run |
2 | ## 25_maxvals.dpatch by Thomas Jacob <jacob@internet24.de> |
2 | ## 25_maxvals.dpatch by Thomas Jacob <jacob@internet24.de> |
3 | ## |
3 | ## |
4 | ## All lines beginning with `## DP:' are a description of the patch. |
4 | ## All lines beginning with `## DP:' are a description of the patch. |
5 | ## DP: Bring certain processing limits (meant to mitigate DoS attacks) in line |
5 | ## DP: Bring certain processing limits (meant to mitigate DoS attacks) in line |
6 | ## DP: with RFC 4408. |
6 | ## DP: with RFC 4408. |
7 | 7 | ||
8 | @DPATCH@ |
8 | @DPATCH@ |
9 | 9 | ||
10 | diff -ruN libspf2-1.2.5/src/include/spf.h libspf2-1.2.5.patched/src/include/spf.h |
10 | diff -ruN libspf2-1.2.5/src/include/spf.h libspf2-1.2.5.patched/src/include/spf.h |
11 | --- libspf2-1.2.5/src/include/spf.h 2005-02-17 01:56:55.000000000 +0100 |
11 | --- libspf2-1.2.5/src/include/spf.h 2005-02-17 01:56:55.000000000 +0100 |
12 | +++ libspf2-1.2.5.patched/src/include/spf.h 2007-03-14 16:58:21.000000000 +0100 |
12 | +++ libspf2-1.2.5.patched/src/include/spf.h 2007-03-14 16:58:21.000000000 +0100 |
13 | @@ -52,8 +52,8 @@ |
13 | @@ -52,8 +52,8 @@ |
14 | 14 | ||
15 | /* FYI only -- defaults can't be changed without recompiling the library */ |
15 | /* FYI only -- defaults can't be changed without recompiling the library */ |
16 | #define SPF_DEFAULT_MAX_DNS_MECH 10 /* DoS limit on SPF mechanisms */ |
16 | #define SPF_DEFAULT_MAX_DNS_MECH 10 /* DoS limit on SPF mechanisms */ |
17 | -#define SPF_DEFAULT_MAX_DNS_PTR 5 /* DoS limit on PTR records */ |
17 | -#define SPF_DEFAULT_MAX_DNS_PTR 5 /* DoS limit on PTR records */ |
18 | -#define SPF_DEFAULT_MAX_DNS_MX 5 /* DoS limit on MX records */ |
18 | -#define SPF_DEFAULT_MAX_DNS_MX 5 /* DoS limit on MX records */ |
19 | +#define SPF_DEFAULT_MAX_DNS_PTR 10 /* DoS limit on PTR records */ |
19 | +#define SPF_DEFAULT_MAX_DNS_PTR 10 /* DoS limit on PTR records */ |
20 | +#define SPF_DEFAULT_MAX_DNS_MX 10 /* DoS limit on MX records */ |
20 | +#define SPF_DEFAULT_MAX_DNS_MX 10 /* DoS limit on MX records */ |
21 | #define SPF_DEFAULT_SANITIZE 1 |
21 | #define SPF_DEFAULT_SANITIZE 1 |
22 | #define SPF_DEFAULT_WHITELIST "include:spf.trusted-forwarder.org" |
22 | #define SPF_DEFAULT_WHITELIST "include:spf.trusted-forwarder.org" |
23 | #define SPF_EXP_MOD_NAME "exp-text" |
23 | #define SPF_EXP_MOD_NAME "exp-text" |
24 | diff -ruN libspf2-1.2.5/src/include/spf_internal.h libspf2-1.2.5.patched/src/include/spf_internal.h |
24 | diff -ruN libspf2-1.2.5/src/include/spf_internal.h libspf2-1.2.5.patched/src/include/spf_internal.h |
25 | --- libspf2-1.2.5/src/include/spf_internal.h 2005-02-24 05:10:49.000000000 +0100 |
25 | --- libspf2-1.2.5/src/include/spf_internal.h 2005-02-24 05:10:49.000000000 +0100 |
26 | +++ libspf2-1.2.5.patched/src/include/spf_internal.h 2007-03-14 16:58:04.000000000 +0100 |
26 | +++ libspf2-1.2.5.patched/src/include/spf_internal.h 2007-03-14 16:58:04.000000000 +0100 |
27 | @@ -57,13 +57,13 @@ |
27 | @@ -57,13 +57,13 @@ |
28 | /* It is a bad idea to change this for the same reasons as mentioned |
28 | /* It is a bad idea to change this for the same reasons as mentioned |
29 | * above for SPF_MAX_DNS_MECH |
29 | * above for SPF_MAX_DNS_MECH |
30 | */ |
30 | */ |
31 | -#define SPF_MAX_DNS_PTR 5 |
31 | -#define SPF_MAX_DNS_PTR 5 |
32 | +#define SPF_MAX_DNS_PTR 10 |
32 | +#define SPF_MAX_DNS_PTR 10 |
33 | #endif |
33 | #endif |
34 | #ifndef SPF_MAX_DNS_MX |
34 | #ifndef SPF_MAX_DNS_MX |
35 | /* It is a bad idea to change this for the same reasons as mentioned |
35 | /* It is a bad idea to change this for the same reasons as mentioned |
36 | * above for SPF_MAX_DNS_MECH |
36 | * above for SPF_MAX_DNS_MECH |
37 | */ |
37 | */ |
38 | -#define SPF_MAX_DNS_MX 5 |
38 | -#define SPF_MAX_DNS_MX 5 |
39 | +#define SPF_MAX_DNS_MX 10 |
39 | +#define SPF_MAX_DNS_MX 10 |
40 | #endif |
40 | #endif |
41 | 41 | ||
42 | #if 1 |
42 | #if 1 |
43 | diff -ruN libspf2-1.2.5/src/include/spf_server.h libspf2-1.2.5.patched/src/include/spf_server.h |
43 | diff -ruN libspf2-1.2.5/src/include/spf_server.h libspf2-1.2.5.patched/src/include/spf_server.h |
44 | --- libspf2-1.2.5/src/include/spf_server.h 2004-09-29 12:33:09.000000000 +0200 |
44 | --- libspf2-1.2.5/src/include/spf_server.h 2004-09-29 12:33:09.000000000 +0200 |
45 | +++ libspf2-1.2.5.patched/src/include/spf_server.h 2007-03-14 16:58:54.000000000 +0100 |
45 | +++ libspf2-1.2.5.patched/src/include/spf_server.h 2007-03-14 16:58:54.000000000 +0100 |
46 | @@ -44,13 +44,13 @@ |
46 | @@ -44,13 +44,13 @@ |
47 | /* It is a bad idea to change this for the same reasons as mentioned |
47 | /* It is a bad idea to change this for the same reasons as mentioned |
48 | * above for SPF_MAX_DNS_MECH |
48 | * above for SPF_MAX_DNS_MECH |
49 | */ |
49 | */ |
50 | -#define SPF_MAX_DNS_PTR 5 |
50 | -#define SPF_MAX_DNS_PTR 5 |
51 | +#define SPF_MAX_DNS_PTR 10 |
51 | +#define SPF_MAX_DNS_PTR 10 |
52 | #endif |
52 | #endif |
53 | #ifndef SPF_MAX_DNS_MX |
53 | #ifndef SPF_MAX_DNS_MX |
54 | /* It is a bad idea to change this for the same reasons as mentioned |
54 | /* It is a bad idea to change this for the same reasons as mentioned |
55 | * above for SPF_MAX_DNS_MECH |
55 | * above for SPF_MAX_DNS_MECH |
56 | */ |
56 | */ |
57 | -#define SPF_MAX_DNS_MX 5 |
57 | -#define SPF_MAX_DNS_MX 5 |
58 | +#define SPF_MAX_DNS_MX 10 |
58 | +#define SPF_MAX_DNS_MX 10 |
59 | #endif |
59 | #endif |
60 | 60 | ||
61 | struct SPF_server_struct { |
61 | struct SPF_server_struct { |