Fix DANE for multiple-MX when all TLSA lookup defer. Bug 1634

3 files changed, 36 insertions, 5 deletions

diff --git a/test/dnszones-src/db.test.ex b/test/dnszones-src/db.test.ex
index 4acadce4d..09e84fee0 100644
--- a/test/dnszones-src/db.test.ex
+++ b/test/dnszones-src/db.test.ex
@@ -414,19 +414,31 @@ AA a-aa A V4NET.0.0.100
 ; ------- Testing DANE ------------
 
 ; full suite dns chain, sha512
-DNSSEC mxdane512ee MX  1  dane512ee.
-DNSSEC dane512ee   A       HOSTIPV4
+DNSSEC mxdane512ee MX  1  dane512ee
+DNSSEC dane512ee   A      HOSTIPV4
 DNSSEC _1225._tcp.dane512ee TLSA  3 1 2 3d5eb81b1dfc3f93c1fa8819e3fb3fdb41bb590441d5f3811db17772f4bc6de29bdd7c4f4b723750dda871b99379192b3f979f03db1252c4f08b03ef7176528d
 
 ; A-only, sha256
-DNSSEC dane256ee   A       HOSTIPV4
+DNSSEC dane256ee   A      HOSTIPV4
 DNSSEC _1225._tcp.dane256ee TLSA  3 1 1 2bb55f418bb03411a5007cecbfcd3ec1c94404312c0d53a44bb2166b32654db3
 
 ; full MX, sha256, TA-mode
-DNSSEC mxdane256ta MX  1  dane256ta.
-DNSSEC dane256ta   A       HOSTIPV4
+DNSSEC mxdane256ta MX  1  dane256ta
+DNSSEC dane256ta   A      HOSTIPV4
 DNSSEC _1225._tcp.dane256ta TLSA  2 0 1 b2c6f27f2d16390b4f71cacc69742bf610d750534fab240516c0f2deb4042ad4
 
+; ------- Testing DANE ------------
+
+; full suite dns chain, sha512
+DNSSEC mxdanelazy MX  1   danelazy
+DNSSEC mxdanelazy MX  2   danelazy2
+
+DNSSEC danelazy   A       HOSTIPV4
+DNSSEC danelazy2  A       127.0.0.1
+
+DNSSEC _1225._tcp.danelazy  CNAME test.again.dns.
+DNSSEC _1225._tcp.danelazy2 CNAME test.again.dns.
+
 ; ------- Testing delays ------------
 
 DELAY=500  delay500  A HOSTIPV4
diff --git a/test/log/5840 b/test/log/5840
index 24d6e89e2..30bed39fc 100644
--- a/test/log/5840
+++ b/test/log/5840
@@ -23,6 +23,12 @@
 1999-03-02 09:44:33 10HmbF-0005vi-00 => CALLER@thishost.test.ex R=client T=send_to_server H=thishost.test.ex [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbG-0005vi-00"
 1999-03-02 09:44:33 10HmbF-0005vi-00 Completed
 1999-03-02 09:44:33 End queue run: pid=pppp -qf
+1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@mxdanelazy.test.ex
+1999-03-02 09:44:33 Start queue run: pid=pppp -qf
+1999-03-02 09:44:33 10HmbH-0005vi-00 H=danelazy.test.ex [ip4.ip4.ip4.ip4]: DANE error: tlsa lookup DEFER
+1999-03-02 09:44:33 10HmbH-0005vi-00 H=danelazy2.test.ex [127.0.0.1]: DANE error: tlsa lookup DEFER
+1999-03-02 09:44:33 10HmbH-0005vi-00 == CALLER@mxdanelazy.test.ex R=client T=send_to_server defer (-36): DANE error: tlsa lookup DEFER
+1999-03-02 09:44:33 End queue run: pid=pppp -qf
 
 ******** SERVER ********
 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
@@ -44,3 +50,4 @@
 1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex for CALLER@thishost.test.ex
 1999-03-02 09:44:33 10HmbG-0005vi-00 => :blackhole: <CALLER@thishost.test.ex> R=server
 1999-03-02 09:44:33 10HmbG-0005vi-00 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
diff --git a/test/scripts/5840-DANE-OpenSSL/5840 b/test/scripts/5840-DANE-OpenSSL/5840
index deff4a6a4..e031b5d8f 100644
--- a/test/scripts/5840-DANE-OpenSSL/5840
+++ b/test/scripts/5840-DANE-OpenSSL/5840
@@ -54,3 +54,15 @@ exim -DOPT=no_certname -qf
 ****
 killdaemon
 #
+#
+# A server with two MXs for which both TLSA lookups return defer
+exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D
+****
+# TLSA (3 1 2)
+exim -odq CALLER@mxdanelazy.test.ex
+Testing
+****
+exim -qf
+****
+killdaemon
+no_msglog_check