summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2014-08-10 12:31:21 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2014-08-10 12:31:21 +0100
commitb4161d10ee4c4eb7fd61224d827cc89726e2d8f8 (patch)
tree7f4176233a67f97f12129f6d7e17bec7b5438524 /test
parent4d4c2a9bc67a4cb368703cc26fbc520e7428a428 (diff)
Add support in the fakens utility for TLSA records
Diffstat (limited to 'test')
-rw-r--r--test/dnszones-src/db.test.ex3
-rw-r--r--test/log/58502
-rw-r--r--test/src/fakens.c74
3 files changed, 57 insertions, 22 deletions
diff --git a/test/dnszones-src/db.test.ex b/test/dnszones-src/db.test.ex
index c65baa470..bd334918b 100644
--- a/test/dnszones-src/db.test.ex
+++ b/test/dnszones-src/db.test.ex
@@ -77,10 +77,13 @@ badloop A V4NET.0.0.1
v6 AAAA V6NET:ffff:836f:0a00:000a:0800:200a:c032
; Alias A and CNAME records for the local host, under the name "eximtesthost"
+; Make the A covered by DNSSEC and add a TLSA for it.
DNSSEC eximtesthost A HOSTIPV4
alias-eximtesthost CNAME eximtesthost.test.ex.
+DNSSEC _1225._tcp.eximtesthost TLSA 3 1 2 f000baaa
+
; A bad CNAME
badcname CNAME rhubarb.test.ex.
diff --git a/test/log/5850 b/test/log/5850
index f0432dd7e..e8b37bb61 100644
--- a/test/log/5850
+++ b/test/log/5850
@@ -1,6 +1,6 @@
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
1999-03-02 09:44:33 Start queue run: pid=pppp -qf
-1999-03-02 09:44:33 10HmaX-0005vi-00 DANE error: TLSA lookup failed
+1999-03-02 09:44:33 10HmaX-0005vi-00 TLS error on connection to eximtesthost.test.ex [ip4.ip4.ip4.ip4] (tlsa load): error:8006C067:DANE library:func(108):Bad TLSA record digest
1999-03-02 09:44:33 10HmaX-0005vi-00 == CALLER@mxplain.test.ex R=client T=send_to_server defer (-37): failure while setting up TLS session
1999-03-02 09:44:33 End queue run: pid=pppp -qf
diff --git a/test/src/fakens.c b/test/src/fakens.c
index ec7588cc8..912f41984 100644
--- a/test/src/fakens.c
+++ b/test/src/fakens.c
@@ -99,21 +99,25 @@ not defined, assume we are in this state. A really old system might not even
know about AAAA and SRV at all. */
#ifndef ns_t_a
-#define ns_t_a T_A
-#define ns_t_ns T_NS
-#define ns_t_cname T_CNAME
-#define ns_t_soa T_SOA
-#define ns_t_ptr T_PTR
-#define ns_t_mx T_MX
-#define ns_t_txt T_TXT
-#define ns_t_aaaa T_AAAA
-#define ns_t_srv T_SRV
-#ifndef T_AAAA
-#define T_AAAA 28
-#endif
-#ifndef T_SRV
-#define T_SRV 33
-#endif
+# define ns_t_a T_A
+# define ns_t_ns T_NS
+# define ns_t_cname T_CNAME
+# define ns_t_soa T_SOA
+# define ns_t_ptr T_PTR
+# define ns_t_mx T_MX
+# define ns_t_txt T_TXT
+# define ns_t_aaaa T_AAAA
+# define ns_t_srv T_SRV
+# define ns_t_tlsa T_TLSA
+# ifndef T_AAAA
+# define T_AAAA 28
+# endif
+# ifndef T_SRV
+# define T_SRV 33
+# endif
+# ifndef T_TLSA
+# define T_TLSA 52
+# endif
#endif
static tlist type_list[] = {
@@ -126,6 +130,7 @@ static tlist type_list[] = {
{ US"TXT", ns_t_txt },
{ US"AAAA", ns_t_aaaa },
{ US"SRV", ns_t_srv },
+ { US"TLSA", ns_t_tlsa },
{ NULL, 0 }
};
@@ -189,6 +194,20 @@ while (*name != 0)
return pk;
}
+uschar *
+shortfield(uschar ** pp, uschar * pk)
+{
+unsigned value = 0;
+uschar * p = *pp;
+
+while (isdigit(*p)) value = value*10 + *p++ - '0';
+while (isspace(*p)) p++;
+*pp = p;
+*pk++ = (value >> 8) & 255;
+*pk++ = value & 255;
+return pk;
+}
+
/*************************************************
@@ -237,7 +256,7 @@ if (typeptr->name == NULL)
rrdomain[0] = 0; /* No previous domain */
(void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
-*dnssec = TRUE; /* cancelled by first nonsecure rec found */
+*dnssec = TRUE; /* cancelled by first nonsecure rec found */
/* Scan for RRs */
@@ -387,11 +406,7 @@ while (fgets(CS buffer, sizeof(buffer), f) != NULL)
break;
case ns_t_mx:
- value = 0;
- while (isdigit(*p)) value = value*10 + *p++ - '0';
- while (isspace(*p)) p++;
- *pk++ = (value >> 8) & 255;
- *pk++ = value & 255;
+ pk = shortfield(&p, pk);
if (ep[-1] != '.') sprintf(ep, "%s.", zone);
pk = packname(p, pk);
plen = Ustrlen(p);
@@ -404,6 +419,23 @@ while (fgets(CS buffer, sizeof(buffer), f) != NULL)
*pp = pk - pp - 1;
break;
+ case ns_t_tlsa:
+ pk = shortfield(&p, pk); /* usage */
+ pk = shortfield(&p, pk); /* selector */
+ pk = shortfield(&p, pk); /* match type */
+ while (isxdigit(*p))
+ {
+ value = toupper(*p) - (isdigit(*p) ? '0' : '7') << 4;
+ if (isxdigit(*++p))
+ {
+ value |= toupper(*p) - (isdigit(*p) ? '0' : '7');
+ p++;
+ }
+ *pk++ = value & 255;
+ }
+
+ break;
+
case ns_t_srv:
for (i = 0; i < 3; i++)
{