diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2014-08-10 12:31:21 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2014-08-10 12:31:21 +0100 |
commit | b4161d10ee4c4eb7fd61224d827cc89726e2d8f8 (patch) | |
tree | 7f4176233a67f97f12129f6d7e17bec7b5438524 /test | |
parent | 4d4c2a9bc67a4cb368703cc26fbc520e7428a428 (diff) |
Add support in the fakens utility for TLSA records
Diffstat (limited to 'test')
-rw-r--r-- | test/dnszones-src/db.test.ex | 3 | ||||
-rw-r--r-- | test/log/5850 | 2 | ||||
-rw-r--r-- | test/src/fakens.c | 74 |
3 files changed, 57 insertions, 22 deletions
diff --git a/test/dnszones-src/db.test.ex b/test/dnszones-src/db.test.ex index c65baa470..bd334918b 100644 --- a/test/dnszones-src/db.test.ex +++ b/test/dnszones-src/db.test.ex @@ -77,10 +77,13 @@ badloop A V4NET.0.0.1 v6 AAAA V6NET:ffff:836f:0a00:000a:0800:200a:c032 ; Alias A and CNAME records for the local host, under the name "eximtesthost" +; Make the A covered by DNSSEC and add a TLSA for it. DNSSEC eximtesthost A HOSTIPV4 alias-eximtesthost CNAME eximtesthost.test.ex. +DNSSEC _1225._tcp.eximtesthost TLSA 3 1 2 f000baaa + ; A bad CNAME badcname CNAME rhubarb.test.ex. diff --git a/test/log/5850 b/test/log/5850 index f0432dd7e..e8b37bb61 100644 --- a/test/log/5850 +++ b/test/log/5850 @@ -1,6 +1,6 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss 1999-03-02 09:44:33 Start queue run: pid=pppp -qf -1999-03-02 09:44:33 10HmaX-0005vi-00 DANE error: TLSA lookup failed +1999-03-02 09:44:33 10HmaX-0005vi-00 TLS error on connection to eximtesthost.test.ex [ip4.ip4.ip4.ip4] (tlsa load): error:8006C067:DANE library:func(108):Bad TLSA record digest 1999-03-02 09:44:33 10HmaX-0005vi-00 == CALLER@mxplain.test.ex R=client T=send_to_server defer (-37): failure while setting up TLS session 1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/src/fakens.c b/test/src/fakens.c index ec7588cc8..912f41984 100644 --- a/test/src/fakens.c +++ b/test/src/fakens.c @@ -99,21 +99,25 @@ not defined, assume we are in this state. A really old system might not even know about AAAA and SRV at all. */ #ifndef ns_t_a -#define ns_t_a T_A -#define ns_t_ns T_NS -#define ns_t_cname T_CNAME -#define ns_t_soa T_SOA -#define ns_t_ptr T_PTR -#define ns_t_mx T_MX -#define ns_t_txt T_TXT -#define ns_t_aaaa T_AAAA -#define ns_t_srv T_SRV -#ifndef T_AAAA -#define T_AAAA 28 -#endif -#ifndef T_SRV -#define T_SRV 33 -#endif +# define ns_t_a T_A +# define ns_t_ns T_NS +# define ns_t_cname T_CNAME +# define ns_t_soa T_SOA +# define ns_t_ptr T_PTR +# define ns_t_mx T_MX +# define ns_t_txt T_TXT +# define ns_t_aaaa T_AAAA +# define ns_t_srv T_SRV +# define ns_t_tlsa T_TLSA +# ifndef T_AAAA +# define T_AAAA 28 +# endif +# ifndef T_SRV +# define T_SRV 33 +# endif +# ifndef T_TLSA +# define T_TLSA 52 +# endif #endif static tlist type_list[] = { @@ -126,6 +130,7 @@ static tlist type_list[] = { { US"TXT", ns_t_txt }, { US"AAAA", ns_t_aaaa }, { US"SRV", ns_t_srv }, + { US"TLSA", ns_t_tlsa }, { NULL, 0 } }; @@ -189,6 +194,20 @@ while (*name != 0) return pk; } +uschar * +shortfield(uschar ** pp, uschar * pk) +{ +unsigned value = 0; +uschar * p = *pp; + +while (isdigit(*p)) value = value*10 + *p++ - '0'; +while (isspace(*p)) p++; +*pp = p; +*pk++ = (value >> 8) & 255; +*pk++ = value & 255; +return pk; +} + /************************************************* @@ -237,7 +256,7 @@ if (typeptr->name == NULL) rrdomain[0] = 0; /* No previous domain */ (void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */ -*dnssec = TRUE; /* cancelled by first nonsecure rec found */ +*dnssec = TRUE; /* cancelled by first nonsecure rec found */ /* Scan for RRs */ @@ -387,11 +406,7 @@ while (fgets(CS buffer, sizeof(buffer), f) != NULL) break; case ns_t_mx: - value = 0; - while (isdigit(*p)) value = value*10 + *p++ - '0'; - while (isspace(*p)) p++; - *pk++ = (value >> 8) & 255; - *pk++ = value & 255; + pk = shortfield(&p, pk); if (ep[-1] != '.') sprintf(ep, "%s.", zone); pk = packname(p, pk); plen = Ustrlen(p); @@ -404,6 +419,23 @@ while (fgets(CS buffer, sizeof(buffer), f) != NULL) *pp = pk - pp - 1; break; + case ns_t_tlsa: + pk = shortfield(&p, pk); /* usage */ + pk = shortfield(&p, pk); /* selector */ + pk = shortfield(&p, pk); /* match type */ + while (isxdigit(*p)) + { + value = toupper(*p) - (isdigit(*p) ? '0' : '7') << 4; + if (isxdigit(*++p)) + { + value |= toupper(*p) - (isdigit(*p) ? '0' : '7'); + p++; + } + *pk++ = value & 255; + } + + break; + case ns_t_srv: for (i = 0; i < 3; i++) { |