add required headers for smtpd.h and remove unnecessary ones in other files.

ok jung@

All buffers are in rw-memory, but lookup_record has it defined as
const char *. Remove the const so things compile a little cleaner.

Pointer out by Mark Patruck <mark <at> wrapped <dot> cx>. Thanks

Make "spf walk" report if an spf-record has macro's and can't be resolved.

Originally reported by and OK on earlier version giovanni@
Looks good to deraadt@
feedback and OK jmc@
feedback semarie@
OK sthen@

Add missing casts to unsigned char when using ctype(3).
From Hiltjo Posthuma

add support for CIDR in a: spf atoms

diff from Quentin Rameau <quinq@fifth.space>

fix 'mx:' mechanism in smtpd spf walk

diff from Quentin Rameau <quinq@fifth.space>

no need to increment argv and decrement argc, we're not using them later

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

All buffers are in rw-memory, but lookup_record has it defined as
const char *. Remove the const so things compile a little cleaner.

Pointer out by Mark Patruck <mark <at> wrapped <dot> cx>. Thanks

Make "spf walk" report if an spf-record has macro's and can't be resolved.

Originally reported by and OK on earlier version giovanni@
Looks good to deraadt@
feedback and OK jmc@
feedback semarie@
OK sthen@

Add missing casts to unsigned char when using ctype(3).
From Hiltjo Posthuma

add support for CIDR in a: spf atoms

diff from Quentin Rameau <quinq@fifth.space>

fix 'mx:' mechanism in smtpd spf walk

diff from Quentin Rameau <quinq@fifth.space>

no need to increment argv and decrement argc, we're not using them later

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

All buffers are in rw-memory, but lookup_record has it defined as
const char *. Remove the const so things compile a little cleaner.

Pointer out by Mark Patruck <mark <at> wrapped <dot> cx>. Thanks

Make "spf walk" report if an spf-record has macro's and can't be resolved.

Originally reported by and OK on earlier version giovanni@
Looks good to deraadt@
feedback and OK jmc@
feedback semarie@
OK sthen@

Add missing casts to unsigned char when using ctype(3).
From Hiltjo Posthuma

add support for CIDR in a: spf atoms

diff from Quentin Rameau <quinq@fifth.space>

fix 'mx:' mechanism in smtpd spf walk

diff from Quentin Rameau <quinq@fifth.space>

no need to increment argv and decrement argc, we're not using them later

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

Add missing casts to unsigned char when using ctype(3).
From Hiltjo Posthuma

add support for CIDR in a: spf atoms

diff from Quentin Rameau <quinq@fifth.space>

fix 'mx:' mechanism in smtpd spf walk

diff from Quentin Rameau <quinq@fifth.space>

no need to increment argv and decrement argc, we're not using them later

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

add support for CIDR in a: spf atoms

diff from Quentin Rameau <quinq@fifth.space>

fix 'mx:' mechanism in smtpd spf walk

diff from Quentin Rameau <quinq@fifth.space>

no need to increment argv and decrement argc, we're not using them later

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

fix 'mx:' mechanism in smtpd spf walk

diff from Quentin Rameau <quinq@fifth.space>

no need to increment argv and decrement argc, we're not using them later

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

no need to increment argv and decrement argc, we're not using them later

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

- remove specific cases for +a and +mx as the + prefix is handled earlier
- support mx: notation

diff from Quentin Rameau <quinq@fifth.space>

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

only process records of the expected type.
fix an issue where CNAME records generate bogus results.

ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

in spfwalk, search both A and AAAA records when "a" is used in an spf txt
record.

spotted, reported and diff by Tim Kuijsten <info@netsend.nl>

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

correctly handle "+a:..." entries

from gilles@

ok otto@ gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

Fix previous. Use inet_net_pton(3) instead of inet_pton(3) as
addresses could be listed with prefix.

Initial diff from Ryan Kavanagh, tweaked by me.
Ok millert@ gilles@

Check for legitimate IPv4, IPv6 addrs before printing.

Ryan Kavanagh reported on github that certain domains have misconfigured
SPF records. https://github.com/OpenSMTPD/OpenSMTPD/issues/844

Ok millert@ gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

skip spf mechanisms that have been processed already.
prevent possible loops on badly configured spf records.

ok gilles@

check for expected record type
ok deraadt@ mestre@ gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

allow unpriviledged user to run "encrypt" and "spf walk"

ok todd@, gilles@, sunil@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

Add support for 'a:' and 'exists:' mechanisms.

ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@

fix parsing of RDATA for TXT records

ok gilles@

fix parsing of long TXT records, this prevents 'smtpctl spf walk' from
producing bogus entries with some SPF records.

ok ajacoutot@

Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@