Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 2 | Blame | Compare with Previous | Last modification | View Log | RSS feed 

#! /bin/sh /usr/share/dpatch/dpatch-run
## 25_maxvals.dpatch by Thomas Jacob <jacob@internet24.de>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Bring certain processing limits (meant to mitigate DoS attacks) in line 
## DP: with RFC 4408.

@DPATCH@

diff -ruN libspf2-1.2.5/src/include/spf.h libspf2-1.2.5.patched/src/include/spf.h
--- libspf2-1.2.5/src/include/spf.h     2005-02-17 01:56:55.000000000 +0100
+++ libspf2-1.2.5.patched/src/include/spf.h     2007-03-14 16:58:21.000000000 +0100
@@ -52,8 +52,8 @@
 
 /* FYI only -- defaults can't be changed without recompiling the library */
 #define SPF_DEFAULT_MAX_DNS_MECH 10    /* DoS limit on SPF mechanisms  */
-#define SPF_DEFAULT_MAX_DNS_PTR          5     /* DoS limit on PTR records     */
-#define SPF_DEFAULT_MAX_DNS_MX   5     /* DoS limit on MX records      */
+#define SPF_DEFAULT_MAX_DNS_PTR         10     /* DoS limit on PTR records     */
+#define SPF_DEFAULT_MAX_DNS_MX  10     /* DoS limit on MX records      */
 #define SPF_DEFAULT_SANITIZE     1
 #define SPF_DEFAULT_WHITELIST    "include:spf.trusted-forwarder.org"
 #define SPF_EXP_MOD_NAME       "exp-text"
diff -ruN libspf2-1.2.5/src/include/spf_internal.h libspf2-1.2.5.patched/src/include/spf_internal.h
--- libspf2-1.2.5/src/include/spf_internal.h    2005-02-24 05:10:49.000000000 +0100
+++ libspf2-1.2.5.patched/src/include/spf_internal.h    2007-03-14 16:58:04.000000000 +0100
@@ -57,13 +57,13 @@
 /* It is a bad idea to change this for the same reasons as mentioned
  * above for SPF_MAX_DNS_MECH
  */
-#define SPF_MAX_DNS_PTR   5
+#define SPF_MAX_DNS_PTR   10
 #endif
 #ifndef SPF_MAX_DNS_MX
 /* It is a bad idea to change this for the same reasons as mentioned
  * above for SPF_MAX_DNS_MECH
  */
-#define SPF_MAX_DNS_MX    5
+#define SPF_MAX_DNS_MX    10
 #endif
 
 #if 1
diff -ruN libspf2-1.2.5/src/include/spf_server.h libspf2-1.2.5.patched/src/include/spf_server.h
--- libspf2-1.2.5/src/include/spf_server.h      2004-09-29 12:33:09.000000000 +0200
+++ libspf2-1.2.5.patched/src/include/spf_server.h      2007-03-14 16:58:54.000000000 +0100
@@ -44,13 +44,13 @@
 /* It is a bad idea to change this for the same reasons as mentioned
  * above for SPF_MAX_DNS_MECH
  */
-#define SPF_MAX_DNS_PTR   5
+#define SPF_MAX_DNS_PTR   10
 #endif
 #ifndef SPF_MAX_DNS_MX
 /* It is a bad idea to change this for the same reasons as mentioned
  * above for SPF_MAX_DNS_MECH
  */
-#define SPF_MAX_DNS_MX    5
+#define SPF_MAX_DNS_MX    10
 #endif
 
 struct SPF_server_struct {