git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Harden string-list handling
[exim.git]
/
test
/
src
/
fakens.c
diff --git
a/test/src/fakens.c
b/test/src/fakens.c
index 0806136cc99a87ba437e6e8c173ade1c2a03d413..583b0128270fb23ca49da0e8390dcb175c4741cd 100644
(file)
--- a/
test/src/fakens.c
+++ b/
test/src/fakens.c
@@
-53,11
+53,15
@@
HOST_NOT_FOUND.
Any DNS record line in a zone file can be prefixed with "DELAY=" and
a number of milliseconds (followed by one space).
Any DNS record line in a zone file can be prefixed with "DELAY=" and
a number of milliseconds (followed by one space).
-Any DNS record line
in a zone file
can be prefixed with "DNSSEC ";
+Any DNS record line can be prefixed with "DNSSEC ";
if all the records found by a lookup are marked
as such then the response will have the "AD" bit set.
if all the records found by a lookup are marked
as such then the response will have the "AD" bit set.
-Any DNS record line in a zone file can be prefixed with "AA "
+Any DNS record line can be prefixed with "NXDOMAIN ";
+The record will be ignored (but the prefix set still applied);
+This lets us return a DNSSEC NXDOMAIN.
+
+Any DNS record line can be prefixed with "AA "
if all the records found by a lookup are marked
as such then the response will have the "AA" bit set.
if all the records found by a lookup are marked
as such then the response will have the "AA" bit set.
@@
-342,9
+346,6
@@
if (typeptr->name == NULL)
rrdomain[0] = 0; /* No previous domain */
(void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
rrdomain[0] = 0; /* No previous domain */
(void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
-if (dnssec) *dnssec = TRUE; /* cancelled by first nonsecure rec found */
-if (aa) *aa = TRUE; /* cancelled by first non-aa rec found */
-
/* Scan for RRs */
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
/* Scan for RRs */
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
@@
-357,6
+358,7
@@
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
int qtlen = qtypelen;
BOOL rr_sec = FALSE;
BOOL rr_aa = FALSE;
int qtlen = qtypelen;
BOOL rr_sec = FALSE;
BOOL rr_aa = FALSE;
+ BOOL rr_ignore = FALSE;
int delay = 0;
uint ttl = DEFAULT_TTL;
int delay = 0;
uint ttl = DEFAULT_TTL;
@@
-382,6
+384,11
@@
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
rr_sec = TRUE;
p += 7;
}
rr_sec = TRUE;
p += 7;
}
+ if (Ustrncmp(p, US"NXDOMAIN ", 9) == 0) /* ignore record content */
+ {
+ rr_ignore = TRUE;
+ p += 9;
+ }
else if (Ustrncmp(p, US"AA ", 3) == 0) /* tagged as authoritative */
{
rr_aa = TRUE;
else if (Ustrncmp(p, US"AA ", 3) == 0) /* tagged as authoritative */
{
rr_aa = TRUE;
@@
-438,7
+445,12
@@
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
/* The domain matches */
/* The domain matches */
- if (yield == HOST_NOT_FOUND) yield = NO_DATA;
+ if (yield == HOST_NOT_FOUND)
+ {
+ yield = NO_DATA;
+ if (dnssec) *dnssec = TRUE; /* cancelled by first nonsecure rec found */
+ if (aa) *aa = TRUE; /* cancelled by first non-aa rec found */
+ }
/* Compare RR types; a CNAME record is always returned */
/* Compare RR types; a CNAME record is always returned */
@@
-462,6
+474,8
@@
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
if (aa && !rr_aa)
*aa = FALSE; /* cancel AA return */
if (aa && !rr_aa)
*aa = FALSE; /* cancel AA return */
+ if (rr_ignore) continue;
+
yield = 0;
*countptr = *countptr + 1;
yield = 0;
*countptr = *countptr + 1;