From: Jeremy Harris Date: Thu, 9 May 2024 14:37:49 +0000 (+0100) Subject: Debug: indent DNS ops X-Git-Tag: exim-4.98-RC0~29 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/9d7795dba14939e2b743d8c3c4df81a5582b3092 Debug: indent DNS ops --- diff --git a/src/src/dns.c b/src/src/dns.c index b22f4d327..5a8c23d62 100644 --- a/src/src/dns.c +++ b/src/src/dns.c @@ -62,7 +62,7 @@ if (stat(CS utilname, &statbuf) >= 0) int infd, outfd, rc; uschar *argv[5]; - DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) using fakens\n", + DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) using fakens\n", name, dns_text_type(type)); argv[0] = utilname; @@ -105,17 +105,17 @@ if (stat(CS utilname, &statbuf) >= 0) case 3: h_errno = NO_RECOVERY; return -1; case 4: h_errno = NO_DATA; return -1; case 5: /* Pass on to res_search() */ - DEBUG(D_dns) debug_printf("fakens returned PASS_ON\n"); + DEBUG(D_dns) debug_printf_indent("fakens returned PASS_ON\n"); } } else { - DEBUG(D_dns) debug_printf("fakens (%s) not found\n", utilname); + DEBUG(D_dns) debug_printf_indent("fakens (%s) not found\n", utilname); } /* fakens utility not found, or it returned "pass on" */ -DEBUG(D_dns) debug_printf("passing %s on to res_search()\n", domain); +DEBUG(D_dns) debug_printf_indent("passing %s on to res_search()\n", domain); return res_search(CS domain, C_IN, type, answerptr, size); } @@ -165,13 +165,13 @@ if (dns_use_edns0 >= 0) else resp->options &= ~RES_USE_EDNS0; DEBUG(D_resolver) - debug_printf("Coerced resolver EDNS0 support %s.\n", + debug_printf_indent("Coerced resolver EDNS0 support %s.\n", dns_use_edns0 ? "on" : "off"); } #else if (dns_use_edns0 >= 0) DEBUG(D_resolver) - debug_printf("Unable to %sset EDNS0 without resolver support.\n", + debug_printf_indent("Unable to %sset EDNS0 without resolver support.\n", dns_use_edns0 ? "" : "un"); #endif @@ -187,7 +187,7 @@ if (dns_dnssec_ok >= 0) if (dns_use_edns0 == 0 && dns_dnssec_ok != 0) { DEBUG(D_resolver) - debug_printf("CONFLICT: dns_use_edns0 forced false, dns_dnssec_ok forced true, ignoring latter!\n"); + debug_printf_indent("CONFLICT: dns_use_edns0 forced false, dns_dnssec_ok forced true, ignoring latter!\n"); } else { @@ -195,18 +195,18 @@ if (dns_dnssec_ok >= 0) resp->options |= RES_USE_DNSSEC; else resp->options &= ~RES_USE_DNSSEC; - DEBUG(D_resolver) debug_printf("Coerced resolver DNSSEC support %s.\n", + DEBUG(D_resolver) debug_printf_indent("Coerced resolver DNSSEC support %s.\n", dns_dnssec_ok ? "on" : "off"); } } # else if (dns_dnssec_ok >= 0) DEBUG(D_resolver) - debug_printf("Unable to %sset DNSSEC without resolver support.\n", + debug_printf_indent("Unable to %sset DNSSEC without resolver support.\n", dns_dnssec_ok ? "" : "un"); if (use_dnssec) DEBUG(D_resolver) - debug_printf("Unable to set DNSSEC without resolver support.\n"); + debug_printf_indent("Unable to set DNSSEC without resolver support.\n"); # endif #endif /* DISABLE_DNSSEC */ @@ -353,7 +353,7 @@ char * trace = NULL; if (reset != RESET_NEXT) { dnss->rrcount = ntohs(h->qdcount); - TRACE debug_printf("%s: reset (Q rrcount %d)\n", __FUNCTION__, dnss->rrcount); + TRACE debug_printf_indent("%s: reset (Q rrcount %d)\n", __FUNCTION__, dnss->rrcount); dnss->aptr = dnsa->answer + sizeof(HEADER); /* Skip over questions; failure to expand the name just gives up */ @@ -372,7 +372,7 @@ if (reset != RESET_NEXT) /* Get the number of answer records. */ dnss->rrcount = ntohs(h->ancount); - TRACE debug_printf("%s: reset (A rrcount %d)\n", __FUNCTION__, dnss->rrcount); + TRACE debug_printf_indent("%s: reset (A rrcount %d)\n", __FUNCTION__, dnss->rrcount); /* Skip over answers if we want to look at the authority section. Also skip the NS records (i.e. authority section) if wanting to look at the additional @@ -380,15 +380,15 @@ if (reset != RESET_NEXT) if (reset == RESET_ADDITIONAL) { - TRACE debug_printf("%s: additional\n", __FUNCTION__); + TRACE debug_printf_indent("%s: additional\n", __FUNCTION__); dnss->rrcount += ntohs(h->nscount); - TRACE debug_printf("%s: reset (NS rrcount %d)\n", __FUNCTION__, dnss->rrcount); + TRACE debug_printf_indent("%s: reset (NS rrcount %d)\n", __FUNCTION__, dnss->rrcount); } if (reset == RESET_AUTHORITY || reset == RESET_ADDITIONAL) { TRACE if (reset == RESET_AUTHORITY) - debug_printf("%s: authority\n", __FUNCTION__); + debug_printf_indent("%s: authority\n", __FUNCTION__); while (dnss->rrcount-- > 0) { TRACE trace = "A-namelen"; @@ -409,13 +409,13 @@ if (reset != RESET_NEXT) } dnss->rrcount = reset == RESET_AUTHORITY ? ntohs(h->nscount) : ntohs(h->arcount); - TRACE debug_printf("%s: reset (%s rrcount %d)\n", __FUNCTION__, + TRACE debug_printf_indent("%s: reset (%s rrcount %d)\n", __FUNCTION__, reset == RESET_AUTHORITY ? "NS" : "AR", dnss->rrcount); } - TRACE debug_printf("%s: %d RRs to read\n", __FUNCTION__, dnss->rrcount); + TRACE debug_printf_indent("%s: %d RRs to read\n", __FUNCTION__, dnss->rrcount); } else - TRACE debug_printf("%s: next (%d left)\n", __FUNCTION__, dnss->rrcount); + TRACE debug_printf_indent("%s: next (%d left)\n", __FUNCTION__, dnss->rrcount); /* The variable dnss->aptr is now pointing at the next RR, and dnss->rrcount contains the number of RR records left. */ @@ -458,11 +458,11 @@ if (dnss_inc_aptr(dnsa, dnss, dnss->srr.size)) /* Return a pointer to the dns_record structure within the dns_answer. This is for convenience so that the scans can use nice-looking for loops. */ -TRACE debug_printf("%s: return %s\n", __FUNCTION__, dns_text_type(dnss->srr.type)); +TRACE debug_printf_indent("%s: return %s\n", __FUNCTION__, dns_text_type(dnss->srr.type)); return &dnss->srr; null_return: - TRACE debug_printf("%s: terminate (%d RRs left). Last op: %s; errno %d %s\n", + TRACE debug_printf_indent("%s: terminate (%d RRs left). Last op: %s; errno %d %s\n", __FUNCTION__, dnss->rrcount, trace, errno, strerror(errno)); dnss->rrcount = 0; return NULL; @@ -515,7 +515,7 @@ dns_is_secure(const dns_answer * dnsa) { #ifdef DISABLE_DNSSEC DEBUG(D_dns) - debug_printf("DNSSEC support disabled at build-time; dns_is_secure() false\n"); + debug_printf_indent("DNSSEC support disabled at build-time; dns_is_secure() false\n"); return FALSE; #else const HEADER * h = (const HEADER *) dnsa->answer; @@ -542,7 +542,7 @@ if ( !h->aa ) return FALSE; -DEBUG(D_dns) debug_printf("DNS faked the AD bit " +DEBUG(D_dns) debug_printf_indent("DNS faked the AD bit " "(got AA and matched with dns_trust_aa (%s in %s))\n", auth_name, dns_trust_aa); @@ -666,7 +666,7 @@ else (void)tree_insertnode(&tree_dns_fails, new); } -DEBUG(D_dns) debug_printf(" %s neg-cache entry for %s, ttl %d\n", +DEBUG(D_dns) debug_printf_indent(" %s neg-cache entry for %s, ttl %d\n", previous ? "update" : "writing", node_name, expiry ? (int)(expiry - time(NULL)) : -1); e->expiry = expiry; @@ -693,7 +693,7 @@ e = previous->data.ptr; val = e->data.val; rc = e->expiry && e->expiry <= time(NULL) ? -1 : val; -DEBUG(D_dns) debug_printf("DNS lookup of %.255s (%s): %scached value %s%s\n", +DEBUG(D_dns) debug_printf_indent("DNS lookup of %.255s (%s): %scached value %s%s\n", name, dns_text_type(type), rc == -1 ? "" : "using ", dns_rc_names[val], @@ -731,12 +731,12 @@ if ( h->qr == 1 /* a response */ && ntohs(h->ancount) == 0 /* no answer records */ && ntohs(h->nscount) >= 1) /* authority records */ { - DEBUG(D_dns) debug_printf("faking res_search(%s) response length as %d\n", + DEBUG(D_dns) debug_printf_indent("faking res_search(%s) response length as %d\n", dns_text_type(type), (int)sizeof(dnsa->answer)); dnsa->answerlen = sizeof(dnsa->answer); return TRUE; } -DEBUG(D_dns) debug_printf("DNS: couldn't fake dnsa len\n"); +DEBUG(D_dns) debug_printf_indent("DNS: couldn't fake dnsa len\n"); /* Maybe we should just do a second lookup for an SOA? */ return FALSE; } @@ -783,7 +783,7 @@ if (fake_dnsa_len_for_fail(dnsa, type)) return time(NULL) + ttl; } -DEBUG(D_dns) debug_printf("DNS: no SOA record found for neg-TTL\n"); +DEBUG(D_dns) debug_printf_indent("DNS: no SOA record found for neg-TTL\n"); return 0; } @@ -844,11 +844,11 @@ if ((rc = dns_fail_cache_hit(name, type)) > 0) uschar * alabel; uschar * errstr = NULL; DEBUG(D_dns) if (string_is_utf8(name)) - debug_printf("convert utf8 '%s' to alabel for for lookup\n", name); + debug_printf_indent("convert utf8 '%s' to alabel for for lookup\n", name); if ((alabel = string_domain_utf8_to_alabel(name, &errstr)), errstr) { DEBUG(D_dns) - debug_printf("DNS name '%s' utf8 conversion to alabel failed: %s\n", name, + debug_printf_indent("DNS name '%s' utf8 conversion to alabel failed: %s\n", name, errstr); f.host_find_failed_syntax = TRUE; return DNS_NOMATCH; @@ -877,7 +877,7 @@ if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT) if (!regex_match(regex_check_dns_names, name, -1, NULL)) { DEBUG(D_dns) - debug_printf("DNS name syntax check failed: %s (%s)\n", name, + debug_printf_indent("DNS name syntax check failed: %s (%s)\n", name, dns_text_type(type)); f.host_find_failed_syntax = TRUE; return DNS_NOMATCH; @@ -909,7 +909,7 @@ dnsa->answerlen = f.running_in_test_harness if (dnsa->answerlen > (int) sizeof(dnsa->answer)) { - DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) resulted in overlong packet" + DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) resulted in overlong packet" " (size %d), truncating to %u.\n", name, dns_text_type(type), dnsa->answerlen, (unsigned int) sizeof(dnsa->answer)); dnsa->answerlen = sizeof(dnsa->answer); @@ -918,12 +918,12 @@ if (dnsa->answerlen > (int) sizeof(dnsa->answer)) if (dnsa->answerlen < 0) switch (h_errno) { case HOST_NOT_FOUND: - DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave HOST_NOT_FOUND\n" + DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) gave HOST_NOT_FOUND\n" "returning DNS_NOMATCH\n", name, dns_text_type(type)); return dns_fail_return(name, type, dns_expire_from_soa(dnsa, type), DNS_NOMATCH); case TRY_AGAIN: - DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave TRY_AGAIN\n", + DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) gave TRY_AGAIN\n", name, dns_text_type(type)); /* Cut this out for various test programs */ @@ -955,10 +955,10 @@ if (dnsa->answerlen < 0) switch (h_errno) if (rc != OK) { - DEBUG(D_dns) debug_printf("returning DNS_AGAIN\n"); + DEBUG(D_dns) debug_printf_indent("returning DNS_AGAIN\n"); return dns_fail_return(name, type, 0, DNS_AGAIN); } - DEBUG(D_dns) debug_printf("%s is in dns_again_means_nonexist: returning " + DEBUG(D_dns) debug_printf_indent("%s is in dns_again_means_nonexist: returning " "DNS_NOMATCH\n", name); return dns_fail_return(name, type, dns_expire_from_soa(dnsa, type), DNS_NOMATCH); @@ -967,22 +967,22 @@ if (dnsa->answerlen < 0) switch (h_errno) #endif case NO_RECOVERY: - DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave NO_RECOVERY\n" + DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) gave NO_RECOVERY\n" "returning DNS_FAIL\n", name, dns_text_type(type)); return dns_fail_return(name, type, 0, DNS_FAIL); case NO_DATA: - DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave NO_DATA\n" + DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) gave NO_DATA\n" "returning DNS_NODATA\n", name, dns_text_type(type)); return dns_fail_return(name, type, dns_expire_from_soa(dnsa, type), DNS_NODATA); default: - DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave unknown DNS error %d\n" + DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) gave unknown DNS error %d\n" "returning DNS_FAIL\n", name, dns_text_type(type), h_errno); return dns_fail_return(name, type, 0, DNS_FAIL); } -DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) succeeded\n", +DEBUG(D_dns) debug_printf_indent("DNS lookup of %s (%s) succeeded\n", name, dns_text_type(type)); return DNS_SUCCEED; @@ -1124,7 +1124,7 @@ for (int i = 0; i <= dns_cname_loops; i++) if (!dns_is_secure(dnsa)) secure_so_far = FALSE; - DEBUG(D_dns) debug_printf("CNAME found: change to %s\n", name); + DEBUG(D_dns) debug_printf_indent("CNAME found: change to %s\n", name); } /* Loop back to do another lookup */ /* Control reaches here after 10 times round the CNAME loop. Something isn't @@ -1216,12 +1216,12 @@ switch (type) case T_SOA: { const uschar *d = name; - while (d != 0) + while (d) { int rc = dns_lookup(dnsa, d, type, fully_qualified_name); if (rc != DNS_NOMATCH && rc != DNS_NODATA) return rc; - while (*d != 0 && *d != '.') d++; - if (*d++ == 0) break; + while (*d && *d != '.') d++; + if (!*d++) break; } return DNS_NOMATCH; } @@ -1241,7 +1241,7 @@ switch (type) dns_record *rr; dns_scan dnss; - DEBUG(D_dns) debug_printf("CSA lookup of %s\n", name); + DEBUG(D_dns) debug_printf_indent("CSA lookup of %s\n", name); srvname = string_sprintf("_client._smtp.%s", name); rc = dns_lookup(dnsa, srvname, T_SRV, NULL); @@ -1279,7 +1279,7 @@ switch (type) limit = 3; } - DEBUG(D_dns) debug_printf("CSA TLD %s\n", tld); + DEBUG(D_dns) debug_printf_indent("CSA TLD %s\n", tld); /* Do not perform the search if the top level or 2nd level domains do not exist. This is quite common, and when it occurs all the search queries would @@ -1306,7 +1306,7 @@ switch (type) if (--namesuff <= name) return DNS_NOMATCH; while (*namesuff != '.'); - DEBUG(D_dns) debug_printf("CSA parent search at %s\n", namesuff + 1); + DEBUG(D_dns) debug_printf_indent("CSA parent search at %s\n", namesuff + 1); srvname = string_sprintf("_client._smtp.%s", namesuff + 1); rc = dns_lookup(dnsa, srvname, T_SRV, NULL); diff --git a/src/src/host.c b/src/src/host.c index 381f2a5fc..26b3c2c68 100644 --- a/src/src/host.c +++ b/src/src/host.c @@ -1298,30 +1298,30 @@ host_item *last = *lastptr; host_item *prev = NULL; host_item *h; -if (removed != NULL) *removed = FALSE; +if (removed) *removed = FALSE; -if (local_interface_data == NULL) local_interface_data = host_find_interfaces(); +if (!local_interface_data) local_interface_data = host_find_interfaces(); for (h = host; h != last->next; h = h->next) { - #ifndef STAND_ALONE - if (hosts_treat_as_local != NULL) +#ifndef STAND_ALONE + if (hosts_treat_as_local) { int rc; - const uschar *save = deliver_domain; + const uschar * save = deliver_domain; deliver_domain = h->name; /* set $domain */ rc = match_isinlist(string_copylc(h->name), CUSS &hosts_treat_as_local, 0, &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL); deliver_domain = save; if (rc == OK) goto FOUND_LOCAL; } - #endif +#endif /* It seems that on many operating systems, 0.0.0.0 is treated as a synonym for 127.0.0.1 and refers to the local host. We therefore force it always to be treated as local. */ - if (h->address != NULL) + if (h->address) { if (Ustrcmp(h->address, "0.0.0.0") == 0) goto FOUND_LOCAL; for (ip_address_item * ip = local_interface_data; ip; ip = ip->next) @@ -1332,7 +1332,8 @@ for (h = host; h != last->next; h = h->next) /* Update prev to point to the last host item before any that have the same MX value as the one we have just considered. */ - if (h->next == NULL || h->next->mx != h->mx) prev = h; + if (!h->next || h->next->mx != h->mx) + prev = h; } return yield; /* No local hosts found: return HOST_FOUND or HOST_FIND_FAILED */ @@ -1342,7 +1343,7 @@ something in hosts_treat_as_local has been found. */ FOUND_LOCAL: -if (prev == NULL) +if (!prev) { HDEBUG(D_host_lookup) debug_printf((h->mx >= 0)? "local host has lowest MX\n" : @@ -1357,7 +1358,7 @@ HDEBUG(D_host_lookup) debug_printf(" %s %s %d\n", h->name, h->address, h->mx); } -if (removed != NULL) *removed = TRUE; +if (removed) *removed = TRUE; prev->next = last->next; *lastptr = prev; return yield; @@ -1568,8 +1569,7 @@ connection. */ int host_name_lookup(void) { -int old_pool, rc; -int sep = 0; +int sep = 0, old_pool, rc, yield; uschar *save_hostname; uschar **aliases; uschar *ordername; @@ -1581,6 +1581,7 @@ sender_host_dnssec = host_lookup_deferred = host_lookup_failed = FALSE; HDEBUG(D_host_lookup) debug_printf("looking up host name for %s\n", sender_host_address); +expand_level++; /* For testing the case when a lookup does not complete, we have a special reserved IP address. */ @@ -1591,7 +1592,8 @@ if (f.running_in_test_harness && HDEBUG(D_host_lookup) debug_printf("Test harness: host name lookup returns DEFER\n"); host_lookup_deferred = TRUE; - return DEFER; + yield = DEFER; + goto out; } /* Do lookups directly in the DNS or via gethostbyaddr() (or equivalent), in @@ -1649,7 +1651,7 @@ while ((ordername = string_nextinlist(&list, &sep, NULL, 0))) truncated and dn_expand may fail. */ if (dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, - US (rr->data), (DN_EXPAND_ARG4_TYPE)(s), ssize) < 0) + US rr->data, (DN_EXPAND_ARG4_TYPE)(s), ssize) < 0) { log_write(0, LOG_MAIN, "host name alias list truncated for %s", sender_host_address); @@ -1689,7 +1691,8 @@ while ((ordername = string_nextinlist(&list, &sep, NULL, 0))) HDEBUG(D_host_lookup) debug_printf("IP address PTR lookup gave temporary error\n"); host_lookup_deferred = TRUE; - return DEFER; + yield = DEFER; + goto out; } } @@ -1703,7 +1706,8 @@ while ((ordername = string_nextinlist(&list, &sep, NULL, 0))) if (rc == DEFER) { host_lookup_deferred = TRUE; - return rc; /* Can't carry on */ + yield = rc; /* Can't carry on */ + goto out; } if (rc == OK) break; /* Found a name */ } @@ -1719,7 +1723,8 @@ if (!sender_host_name) "address %s", sender_host_address); host_lookup_msg = US" (failed to find host name from IP address)"; host_lookup_failed = TRUE; - return FAIL; + yield = FAIL; + goto out; } HDEBUG(D_host_lookup) @@ -1784,7 +1789,8 @@ for (uschar * hname = sender_host_name; hname; hname = *aliases++) HDEBUG(D_host_lookup) debug_printf("temporary error for host name lookup\n"); host_lookup_deferred = TRUE; sender_host_name = NULL; - return DEFER; + yield = DEFER; + goto out; } else HDEBUG(D_host_lookup) debug_printf("no IP addresses found for %s\n", hname); @@ -1806,12 +1812,12 @@ for (uschar * hname = sender_host_name; hname; hname = *aliases++) /* If sender_host_name == NULL, it means we didn't like the name. Replace it with the first alias, if there is one. */ -if (sender_host_name == NULL && *sender_host_aliases != NULL) +if (!sender_host_name && *sender_host_aliases) sender_host_name = *sender_host_aliases++; /* If we now have a main name, all is well. */ -if (sender_host_name != NULL) return OK; +if (sender_host_name) { yield = OK; goto out; } /* We have failed to find an address that matches. */ @@ -1827,7 +1833,11 @@ host_lookup_msg = string_sprintf(" (%s does not match any IP address for %s)", sender_host_address, save_hostname); store_pool = old_pool; host_lookup_failed = TRUE; -return FAIL; +yield = FAIL; + +out: + expand_level--; + return yield; } @@ -2489,31 +2499,46 @@ Returns: HOST_FIND_FAILED Failed to find the host or domain; */ int -host_find_bydns(host_item *host, const uschar *ignore_target_hosts, int whichrrs, - uschar *srv_service, uschar *srv_fail_domains, uschar *mx_fail_domains, - const dnssec_domains *dnssec_d, - const uschar **fully_qualified_name, BOOL *removed) +host_find_bydns(host_item * host, const uschar * ignore_target_hosts, + int whichrrs, + uschar * srv_service, uschar * srv_fail_domains, uschar * mx_fail_domains, + const dnssec_domains * dnssec_d, + const uschar ** fully_qualified_name, BOOL * removed) { -host_item *h, *last; -int rc = DNS_FAIL; -int ind_type = 0; -int yield; +host_item * h, * last; +int rc = DNS_FAIL, ind_type = 0, yield; dns_answer * dnsa = store_get_dns_answer(); dns_scan dnss; -BOOL dnssec_require = dnssec_d +BOOL dnssec_require, dnssec_request; +dnssec_status_t dnssec; + +HDEBUG(D_host_lookup) + { + debug_printf_indent("check dnssec require list\n"); + expand_level++; + } +dnssec_require = dnssec_d && match_isinlist(host->name, CUSS &dnssec_d->require, 0, &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK; -BOOL dnssec_request = dnssec_require + +HDEBUG(D_host_lookup) + { + expand_level--; + debug_printf_indent("check dnssec request list\n"); + expand_level++; + } +dnssec_request = dnssec_require || ( dnssec_d && match_isinlist(host->name, CUSS &dnssec_d->request, 0, &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK); -dnssec_status_t dnssec; +HDEBUG(D_host_lookup) + expand_level--; /* Set the default fully qualified name to the incoming name, initialize the resolver if necessary, set up the relevant options, and initialize the flag that gets set for DNS syntax check errors. */ -if (fully_qualified_name != NULL) *fully_qualified_name = host->name; +if (fully_qualified_name) *fully_qualified_name = host->name; dns_init((whichrrs & HOST_FIND_QUALIFY_SINGLE) != 0, (whichrrs & HOST_FIND_SEARCH_PARENTS) != 0, dnssec_request); @@ -2525,13 +2550,12 @@ characters, so the code below should be safe. */ if (whichrrs & HOST_FIND_BY_SRV) { - gstring * g; - uschar * temp_fully_qualified_name; + uschar * s, * temp_fully_qualified_name; int prefix_length; - g = string_fmt_append(NULL, "_%s._tcp.%n%.256s", + s = string_sprintf("_%s._tcp.%n%.256s", srv_service, &prefix_length, host->name); - temp_fully_qualified_name = string_from_gstring(g); + temp_fully_qualified_name = s; ind_type = T_SRV; /* Search for SRV records. If the fully qualified name is different to @@ -2547,7 +2571,7 @@ if (whichrrs & HOST_FIND_BY_SRV) if ((dnssec_request || dnssec_require) && !dns_is_secure(dnsa) && dns_is_aa(dnsa)) - debug_printf("DNS lookup of %.256s (SRV) requested AD, but got AA\n", host->name); + debug_printf_indent("DNS lookup of %.256s (SRV) requested AD, but got AA\n", host->name); if (dnssec_request) { @@ -2557,7 +2581,7 @@ if (whichrrs & HOST_FIND_BY_SRV) { dnssec = DS_NO; lookup_dnssec_authenticated = US"no"; } } - if (temp_fully_qualified_name != g->s && fully_qualified_name != NULL) + if (temp_fully_qualified_name != s && fully_qualified_name) *fully_qualified_name = temp_fully_qualified_name + prefix_length; /* On DNS failures, we give the "try again" error unless the domain is @@ -2576,7 +2600,7 @@ if (whichrrs & HOST_FIND_BY_SRV) &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) != OK) #endif { yield = HOST_FIND_AGAIN; goto out; } - DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA " + DEBUG(D_host_lookup) debug_printf_indent("DNS_%s treated as DNS_NODATA " "(domain in srv_fail_domains)\n", rc == DNS_FAIL ? "FAIL":"AGAIN"); } } @@ -2599,12 +2623,12 @@ if (rc != DNS_SUCCEED && whichrrs & HOST_FIND_BY_MX) if ( (dnssec_request || dnssec_require) && !dns_is_secure(dnsa) && dns_is_aa(dnsa)) - debug_printf("DNS lookup of %.256s (MX) requested AD, but got AA\n", host->name); + debug_printf_indent("DNS lookup of %.256s (MX) requested AD, but got AA\n", host->name); if (dnssec_request) if (dns_is_secure(dnsa)) { - DEBUG(D_host_lookup) debug_printf("%s (MX resp) DNSSEC\n", host->name); + DEBUG(D_host_lookup) debug_printf_indent("%s (MX resp) DNSSEC\n", host->name); dnssec = DS_YES; lookup_dnssec_authenticated = US"yes"; } else @@ -2615,13 +2639,14 @@ if (rc != DNS_SUCCEED && whichrrs & HOST_FIND_BY_MX) switch (rc) { case DNS_NOMATCH: - yield = HOST_FIND_FAILED; goto out; + yield = HOST_FIND_FAILED; + goto out; case DNS_SUCCEED: if (!dnssec_require || dns_is_secure(dnsa)) break; DEBUG(D_host_lookup) - debug_printf("dnssec fail on MX for %.256s", host->name); + debug_printf_indent("dnssec fail on MX for %.256s\n", host->name); #ifndef STAND_ALONE if (match_isinlist(host->name, CUSS &mx_fail_domains, 0, &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) != OK) @@ -2637,7 +2662,7 @@ if (rc != DNS_SUCCEED && whichrrs & HOST_FIND_BY_MX) &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) != OK) #endif { yield = HOST_FIND_AGAIN; goto out; } - DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA " + DEBUG(D_host_lookup) debug_printf_indent("DNS_%s treated as DNS_NODATA " "(domain in mx_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN"); break; } @@ -2651,7 +2676,7 @@ if (rc != DNS_SUCCEED) { if (!(whichrrs & (HOST_FIND_BY_A | HOST_FIND_BY_AAAA))) { - DEBUG(D_host_lookup) debug_printf("Address records are not being sought\n"); + DEBUG(D_host_lookup) debug_printf_indent("Address records are not being sought\n"); yield = HOST_FIND_FAILED; goto out; } @@ -2672,16 +2697,16 @@ if (rc != DNS_SUCCEED) if (rc == HOST_FOUND) rc = host_scan_for_local_hosts(host, &last, removed); - else - if (rc == HOST_IGNORED) rc = HOST_FIND_FAILED; /* No special action */ + else if (rc == HOST_IGNORED) + rc = HOST_FIND_FAILED; /* No special action */ DEBUG(D_host_lookup) if (host->address) { if (fully_qualified_name) - debug_printf("fully qualified name = %s\n", *fully_qualified_name); + debug_printf_indent("fully qualified name = %s\n", *fully_qualified_name); for (host_item * h = host; h != last->next; h = h->next) - debug_printf("%s %s mx=%d sort=%d %s\n", h->name, + debug_printf_indent("%s %s mx=%d sort=%d %s\n", h->name, h->address ? h->address : US"", h->mx, h->sort_key, h->status >= hstatus_unusable ? US"*" : US""); } @@ -2758,7 +2783,7 @@ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); if (strcmpic(h->name, data) == 0) { DEBUG(D_host_lookup) - debug_printf("discarded duplicate host %s (MX=%d)\n", data, + debug_printf_indent("discarded duplicate host %s (MX=%d)\n", data, precedence > h->mx ? precedence : h->mx); if (precedence >= h->mx) goto NEXT_MX_RR; /* Skip greater precedence */ if (h == host) /* Override first item */ @@ -2868,16 +2893,16 @@ if (ind_type == T_SRV) if (host == last && host->name[0] == 0) { - DEBUG(D_host_lookup) debug_printf("the single SRV record is \".\"\n"); + DEBUG(D_host_lookup) debug_printf_indent("the single SRV record is \".\"\n"); yield = HOST_FIND_FAILED; goto out; } DEBUG(D_host_lookup) { - debug_printf("original ordering of hosts from SRV records:\n"); + debug_printf_indent("original ordering of hosts from SRV records:\n"); for (h = host; h != last->next; h = h->next) - debug_printf(" %s P=%d W=%d\n", h->name, h->mx, h->sort_key % 1000); + debug_printf_indent(" %s P=%d W=%d\n", h->name, h->mx, h->sort_key % 1000); } for (pptr = &host, h = host; h != last; pptr = &h->next, h = h->next) @@ -3070,7 +3095,7 @@ if (h != last && !disable_ipv6) for (h = host; h != last; h = h->next) h->next = next; *next = temp; } -#endif +#endif /*HAVE_IPV6*/ /* Remove any duplicate IP addresses and then scan the list of hosts for any whose IP addresses are on the local host. If any are found, all hosts with the @@ -3088,8 +3113,8 @@ if (rc != HOST_FIND_FAILED) yield = rc; DEBUG(D_host_lookup) { if (fully_qualified_name) - debug_printf("fully qualified name = %s\n", *fully_qualified_name); - debug_printf("host_find_bydns yield = %s (%d); returned hosts:\n", + debug_printf_indent("fully qualified name = %s\n", *fully_qualified_name); + debug_printf_indent("host_find_bydns yield = %s (%d); returned hosts:\n", yield == HOST_FOUND ? "HOST_FOUND" : yield == HOST_FOUND_LOCAL ? "HOST_FOUND_LOCAL" : yield == HOST_FIND_SECURITY ? "HOST_FIND_SECURITY" : @@ -3098,7 +3123,7 @@ DEBUG(D_host_lookup) yield); for (h = host; h != last->next; h = h->next) { - debug_printf(" %s %s MX=%d %s", h->name, + debug_printf_indent(" %s %s MX=%d %s", h->name, !h->address ? US"" : h->address, h->mx, h->dnssec == DS_YES ? US"DNSSEC " : US""); if (h->port != PORT_NONE) debug_printf("port=%d ", h->port); diff --git a/src/src/match.c b/src/src/match.c index 4b128a609..6acbd9f61 100644 --- a/src/src/match.c +++ b/src/src/match.c @@ -194,27 +194,23 @@ if (cb->flags & MCS_AT_SPECIAL && pattern[0] == '@') { int rc; host_item h; - BOOL prim = FALSE; - BOOL secy = FALSE; - BOOL removed = FALSE; + BOOL prim = FALSE, secy = FALSE, removed = FALSE; const uschar *ss = pattern + 4; const uschar *ignore_target_hosts = NULL; - if (strncmpic(ss, US"any", 3) == 0) ss += 3; + if (strncmpic(ss, US"any", 3) == 0) + ss += 3; else if (strncmpic(ss, US"primary", 7) == 0) - { - ss += 7; - prim = TRUE; - } + { ss += 7; prim = TRUE; } else if (strncmpic(ss, US"secondary", 9) == 0) - { - ss += 9; - secy = TRUE; - } - else goto NOT_AT_SPECIAL; + { ss += 9; secy = TRUE; } + else + goto NOT_AT_SPECIAL; - if (strncmpic(ss, US"/ignore=", 8) == 0) ignore_target_hosts = ss + 8; - else if (*ss) goto NOT_AT_SPECIAL; + if (strncmpic(ss, US"/ignore=", 8) == 0) + ignore_target_hosts = ss + 8; + else if (*ss) + goto NOT_AT_SPECIAL; h.next = NULL; h.name = s; diff --git a/test/runtest b/test/runtest index cb77ab8d7..dac4ed878 100755 --- a/test/runtest +++ b/test/runtest @@ -464,7 +464,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/:[^:]+: while opening named pipe/: Error: while opening named pipe/; # Debugging output of lists of hosts may have different sort keys - s/sort=\S+/sort=xx/ if /^\S+ (?:\d+\.){3}\d+ mx=\S+ sort=\S+/; + s/^\s*\S+ (?:\d+\.){3}\d+ mx=\S+ sort=\K\S+/xx/; # Random local part in callout cache testing s/myhost.test.ex-\d+-testing/myhost.test.ex-dddddddd-testing/; diff --git a/test/stderr/0002 b/test/stderr/0002 index aaa21e281..ff30f0528 100644 --- a/test/stderr/0002 +++ b/test/stderr/0002 @@ -494,7 +494,9 @@ try option unknown_login ├considering: $sender_host_name looking up host name for V4NET.0.0.1 IP address lookup yielded "ten-1.test.ex" -ten-1.test.ex V4NET.0.0.1 mx=-1 sort=xx + check dnssec require list + check dnssec request list + ten-1.test.ex V4NET.0.0.1 mx=-1 sort=xx checking addresses for ten-1.test.ex V4NET.0.0.1 OK sender_fullhost = ten-1.test.ex [V4NET.0.0.1] @@ -544,14 +546,17 @@ host in "< list element: partial-lsearch;TESTSUITE/aux-fixed/0002.lsearch sender host name required, to match against partial-lsearch;TESTSUITE/aux-fixed/0002.lsearch looking up host name for V4NET.0.0.1 -DNS lookup of 1.0.0.V4NET.in-addr.arpa (PTR) using fakens -DNS lookup of 1.0.0.V4NET.in-addr.arpa (PTR) succeeded + DNS lookup of 1.0.0.V4NET.in-addr.arpa (PTR) using fakens + DNS lookup of 1.0.0.V4NET.in-addr.arpa (PTR) succeeded IP address lookup yielded "ten-1.test.ex" - ten-1.test.ex not in empty list (option unset? cannot trace name) - ten-1.test.ex not in empty list (option unset? cannot trace name) -DNS lookup of ten-1.test.ex (A) using fakens -DNS lookup of ten-1.test.ex (A) succeeded -ten-1.test.ex V4NET.0.0.1 mx=-1 sort=xx + check dnssec require list + ten-1.test.ex not in empty list (option unset? cannot trace name) + check dnssec request list + ten-1.test.ex not in empty list (option unset? cannot trace name) + faking res_search(AAAA) response length as 65535 + DNS lookup of ten-1.test.ex (A) using fakens + DNS lookup of ten-1.test.ex (A) succeeded + ten-1.test.ex V4NET.0.0.1 mx=-1 sort=xx checking addresses for ten-1.test.ex Forward DNS security status: unverified V4NET.0.0.1 OK diff --git a/test/stderr/0020 b/test/stderr/0020 index 4ce65efa0..e27c11500 100644 --- a/test/stderr/0020 +++ b/test/stderr/0020 @@ -4,8 +4,10 @@ >>> host in host_lookup? yes (matched "10.250.104.0/21") >>> looking up host name for 10.250.104.42 >>> IP address lookup yielded "manyhome.test.ex" ->>> manyhome.test.ex not in empty list (option unset? cannot trace name) ->>> manyhome.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> manyhome.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> manyhome.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for manyhome.test.ex >>> 10.250.107.163 >>> 10.250.109.49 diff --git a/test/stderr/0023 b/test/stderr/0023 index a93be3b62..78783ded6 100644 --- a/test/stderr/0023 +++ b/test/stderr/0023 @@ -1554,12 +1554,16 @@ LOG: H=(test) [28.28.28.28] F= rejected RCPT >>> looking up host name for V4NET.0.0.3 >>> IP address lookup yielded "ten-3.test.ex" >>> alias "ten-3-alias.test.ex" ->>> ten-3.test.ex not in empty list (option unset? cannot trace name) ->>> ten-3.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-3.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-3.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-3.test.ex >>> V4NET.0.0.3 OK ->>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) ->>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-3-alias.test.ex >>> V4NET.0.0.3 OK >>> require: condition test succeeded in ACL "acl_V4NET_0_0" @@ -1611,9 +1615,11 @@ LOG: H=(test) [V4NET.0.0.97] F=<> rejected RCPT : host lookup failed for re >>> looking up host name to force name/address consistency check >>> looking up host name for V4NET.99.99.96 >>> IP address lookup yielded "x.test.again.dns" ->>> x.test.again.dns not in empty list (option unset? cannot trace name) ->>> x.test.again.dns not in empty list (option unset? cannot trace name) ->>> x.test.again.dns in dns_again_means_nonexist? no (option unset) +>>> check dnssec require list +>>> x.test.again.dns not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> x.test.again.dns not in empty list (option unset? cannot trace name) +>>> x.test.again.dns in dns_again_means_nonexist? no (option unset) >>> temporary error for host name lookup >>> accept: condition test deferred in ACL "acl_V4NET_99_99" LOG: H=(test) [V4NET.99.99.96] F=<> temporarily rejected RCPT : host lookup deferred for reverse lookup check @@ -1639,9 +1645,11 @@ LOG: H=(test) [V4NET.99.99.96] F=<> temporarily rejected RCPT : host lookup >>> looking up host name to force name/address consistency check >>> looking up host name for V4NET.99.99.96 >>> IP address lookup yielded "x.test.again.dns" ->>> x.test.again.dns not in empty list (option unset? cannot trace name) ->>> x.test.again.dns not in empty list (option unset? cannot trace name) ->>> x.test.again.dns in dns_again_means_nonexist? no (option unset) +>>> check dnssec require list +>>> x.test.again.dns not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> x.test.again.dns not in empty list (option unset? cannot trace name) +>>> x.test.again.dns in dns_again_means_nonexist? no (option unset) >>> temporary error for host name lookup >>> accept: condition test succeeded in ACL "acl_V4NET_99_99" >>> end of ACL "acl_V4NET_99_99": ACCEPT diff --git a/test/stderr/0062 b/test/stderr/0062 index 386a2294b..521838203 100644 --- a/test/stderr/0062 +++ b/test/stderr/0062 @@ -58,8 +58,10 @@ >>> sender host name required, to match against *-2.test.ex >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> ╎list element: *-3-alias.test.ex @@ -137,8 +139,10 @@ LOG: 10HmaX-000000005vi-0000 <= userx@somehost.example.com H=ten-1.test.ex (test >>> sender host name required, to match against *-2.test.ex >>> looking up host name for V4NET.0.0.2 >>> IP address lookup yielded "ten-2.test.ex" ->>> ╎ten-2.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-2.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-2.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-2.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-2.test.ex >>> V4NET.0.0.2 OK >>> ╎host in "*-2.test.ex : *-3-alias.test.ex"? yes (matched "*-2.test.ex") @@ -213,12 +217,16 @@ LOG: 10HmaY-000000005vi-0000 <= userx@somehost.example.com H=ten-2.test.ex (test >>> looking up host name for V4NET.0.0.3 >>> IP address lookup yielded "ten-3.test.ex" >>> alias "ten-3-alias.test.ex" ->>> ╎ten-3.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-3.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-3.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-3.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-3.test.ex >>> V4NET.0.0.3 OK ->>> ╎ten-3-alias.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-3-alias.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-3-alias.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-3-alias.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-3-alias.test.ex >>> V4NET.0.0.3 OK >>> ╎list element: *-3-alias.test.ex diff --git a/test/stderr/0063 b/test/stderr/0063 index 8a95f4952..6af427735 100644 --- a/test/stderr/0063 +++ b/test/stderr/0063 @@ -58,8 +58,10 @@ >>> sender host name required, to match against ^[^\d]+2 >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> host in "^[^\d]+2"? no (end of list) @@ -132,8 +134,10 @@ LOG: 10HmaX-000000005vi-0000 <= userx@somehost.example.com H=ten-1.test.ex (test >>> sender host name required, to match against ^[^\d]+2 >>> looking up host name for V4NET.0.0.2 >>> IP address lookup yielded "ten-2.test.ex" ->>> ╎ten-2.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-2.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-2.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-2.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-2.test.ex >>> V4NET.0.0.2 OK >>> ╎host in "^[^\d]+2"? yes (matched "^[^\d]+2") diff --git a/test/stderr/0064 b/test/stderr/0064 index 8aa9102a0..1881d86e5 100644 --- a/test/stderr/0064 +++ b/test/stderr/0064 @@ -58,8 +58,10 @@ >>> sender host name required, to match against lsearch;TESTSUITE/aux-fixed/0064.hosts >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> host in "lsearch;TESTSUITE/aux-fixed/0064.hosts"? no (end of list) @@ -132,8 +134,10 @@ LOG: 10HmaX-000000005vi-0000 <= userx@somehost.example.com H=ten-1.test.ex (test >>> sender host name required, to match against lsearch;TESTSUITE/aux-fixed/0064.hosts >>> looking up host name for V4NET.0.0.2 >>> IP address lookup yielded "ten-2.test.ex" ->>> ╎ten-2.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-2.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-2.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-2.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-2.test.ex >>> V4NET.0.0.2 OK >>> ╎host in "lsearch;TESTSUITE/aux-fixed/0064.hosts"? yes (matched "lsearch;TESTSUITE/aux-fixed/0064.hosts") diff --git a/test/stderr/0066 b/test/stderr/0066 index d2ba493b5..d5a7f0fae 100644 --- a/test/stderr/0066 +++ b/test/stderr/0066 @@ -501,8 +501,10 @@ MUNGED: ::1 will be omitted in what follows >>> sender host name required, to match against *-1.test.ex >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ╎ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec require list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> ╎ check dnssec request list +>>> ╎ ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> ╎host in "!TESTSUITE/aux-fixed/0066.nothosts : TESTSUITE/aux-var/0066.hostnets"? yes (matched "*-1.test.ex" in TESTSUITE/aux-var/0066.hostnets) diff --git a/test/stderr/0069 b/test/stderr/0069 index 71ffec767..741ef0f07 100644 --- a/test/stderr/0069 +++ b/test/stderr/0069 @@ -7,8 +7,10 @@ >>> sender host name required, to match against ^ten-1\.test\.ex >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> host in sender_unqualified_hosts? yes (matched "^ten-1\.test\.ex") diff --git a/test/stderr/0070 b/test/stderr/0070 index 4e4a38a3c..18fe9e93e 100644 --- a/test/stderr/0070 +++ b/test/stderr/0070 @@ -136,8 +136,10 @@ MUNGED: ::1 will be omitted in what follows >>> verifying EHLO/HELO argument "ten-1.test.ex" >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> matched host name @@ -165,12 +167,16 @@ MUNGED: ::1 will be omitted in what follows >>> looking up host name for V4NET.0.0.3 >>> IP address lookup yielded "ten-3.test.ex" >>> alias "ten-3-alias.test.ex" ->>> ten-3.test.ex not in empty list (option unset? cannot trace name) ->>> ten-3.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-3.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-3.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-3.test.ex >>> V4NET.0.0.3 OK ->>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) ->>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-3-alias.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-3-alias.test.ex >>> V4NET.0.0.3 OK >>> matched host name @@ -181,11 +187,13 @@ MUNGED: ::1 will be omitted in what follows >>> matched alias ten-3-alias.test.ex >>> verifying EHLO/HELO argument "ten-3xtra.test.ex" >>> getting IP address for ten-3xtra.test.ex ->>> ten-3xtra.test.ex in ""? ->>> ten-3xtra.test.ex in ""? no (end of list) ->>> ten-3xtra.test.ex in "*"? ->>> list element: * ->>> ten-3xtra.test.ex in "*"? yes (matched "*") +>>> check dnssec require list +>>> ten-3xtra.test.ex in ""? +>>> ten-3xtra.test.ex in ""? no (end of list) +>>> check dnssec request list +>>> ten-3xtra.test.ex in "*"? +>>> list element: * +>>> ten-3xtra.test.ex in "*"? yes (matched "*") >>> IP address for ten-3xtra.test.ex matches calling address >>> Forward DNS security status: unverified >>> host in hosts_connection_nolog? no (option unset) @@ -207,16 +215,20 @@ MUNGED: ::1 will be omitted in what follows >>> verifying EHLO/HELO argument "rhubarb" >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> getting IP address for rhubarb ->>> rhubarb in ""? ->>> rhubarb in ""? no (end of list) ->>> rhubarb in "*"? ->>> list element: * ->>> rhubarb in "*"? yes (matched "*") +>>> check dnssec require list +>>> rhubarb in ""? +>>> rhubarb in ""? no (end of list) +>>> check dnssec request list +>>> rhubarb in "*"? +>>> list element: * +>>> rhubarb in "*"? yes (matched "*") LOG: rejected "EHLO rhubarb" from (rhubarb) [V4NET.0.0.1] >>> host in hosts_connection_nolog? no (option unset) >>> host in host_lookup? no (option unset) @@ -243,11 +255,13 @@ MUNGED: ::1 will be omitted in what follows >>> looking up host name for 99.99.99.99 >>> Test harness: host name lookup returns DEFER >>> getting IP address for rhubarb ->>> rhubarb in ""? ->>> rhubarb in ""? no (end of list) ->>> rhubarb in "*"? ->>> list element: * ->>> rhubarb in "*"? yes (matched "*") +>>> check dnssec require list +>>> rhubarb in ""? +>>> rhubarb in ""? no (end of list) +>>> check dnssec request list +>>> rhubarb in "*"? +>>> list element: * +>>> rhubarb in "*"? yes (matched "*") LOG: temporarily rejected "EHLO rhubarb" from (rhubarb) [99.99.99.99] >>> host in hosts_connection_nolog? no (option unset) >>> host in host_lookup? no (option unset) @@ -363,11 +377,13 @@ MUNGED: ::1 will be omitted in what follows >>> looking up host name for 99.99.99.99 >>> Test harness: host name lookup returns DEFER >>> getting IP address for rhubarb ->>> rhubarb in ""? ->>> rhubarb in ""? no (end of list) ->>> rhubarb in "*"? ->>> list element: * ->>> rhubarb in "*"? yes (matched "*") +>>> check dnssec require list +>>> rhubarb in ""? +>>> rhubarb in ""? no (end of list) +>>> check dnssec request list +>>> rhubarb in "*"? +>>> list element: * +>>> rhubarb in "*"? yes (matched "*") >>> require: condition test failed in ACL "rcpt" >>> end of ACL "rcpt": not OK LOG: H=(rhubarb) [99.99.99.99] F= rejected RCPT : helo not verified diff --git a/test/stderr/0089 b/test/stderr/0089 index 8490d3b0e..107944c7f 100644 --- a/test/stderr/0089 +++ b/test/stderr/0089 @@ -86,8 +86,10 @@ LOG: H=(abc_xyz) [V4NET.0.0.0] F= rejected RCPT >> sender host name required, to match against *N-99.test.EX >>> looking up host name for V4NET.0.0.99 >>> IP address lookup yielded "ten-99.test.ex" ->>> ten-99.test.ex not in empty list (option unset? cannot trace name) ->>> ten-99.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-99.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-99.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-99.test.ex >>> V4NET.0.0.99 OK >>> host in sender_unqualified_hosts? yes (matched "*N-99.test.EX") diff --git a/test/stderr/0094 b/test/stderr/0094 index 96b59005a..0efe2f9ca 100644 --- a/test/stderr/0094 +++ b/test/stderr/0094 @@ -55,8 +55,10 @@ LOG: H=(test) [V4NET.11.12.13] F= rejected RCPT >> host in host_lookup? yes (matched "0.0.0.0/0") >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> host in host_reject_connection? no (option unset) @@ -119,23 +121,29 @@ host in host_lookup? list element: 0.0.0.0/0 host in host_lookup? yes (matched "0.0.0.0/0") looking up host name for V4NET.99.99.90 -DNS lookup of 90.99.99.V4NET.in-addr.arpa (PTR) using fakens -DNS lookup of 90.99.99.V4NET.in-addr.arpa (PTR) succeeded + DNS lookup of 90.99.99.V4NET.in-addr.arpa (PTR) using fakens + DNS lookup of 90.99.99.V4NET.in-addr.arpa (PTR) succeeded IP address lookup yielded "oneback.test.ex" alias "host1.masq.test.ex" -oneback.test.ex not in empty list (option unset? cannot trace name) -oneback.test.ex not in empty list (option unset? cannot trace name) -DNS lookup of oneback.test.ex (A) using fakens -DNS lookup of oneback.test.ex (A) succeeded -oneback.test.ex V4NET.99.99.90 mx=-1 sort=xx + check dnssec require list + oneback.test.ex not in empty list (option unset? cannot trace name) + check dnssec request list + oneback.test.ex not in empty list (option unset? cannot trace name) + faking res_search(AAAA) response length as 65535 + DNS lookup of oneback.test.ex (A) using fakens + DNS lookup of oneback.test.ex (A) succeeded + oneback.test.ex V4NET.99.99.90 mx=-1 sort=xx checking addresses for oneback.test.ex Forward DNS security status: unverified V4NET.99.99.90 OK -host1.masq.test.ex not in empty list (option unset? cannot trace name) -host1.masq.test.ex not in empty list (option unset? cannot trace name) -DNS lookup of host1.masq.test.ex (A) using fakens -DNS lookup of host1.masq.test.ex (A) succeeded -host1.masq.test.ex V4NET.90.90.90 mx=-1 sort=xx + check dnssec require list + host1.masq.test.ex not in empty list (option unset? cannot trace name) + check dnssec request list + host1.masq.test.ex not in empty list (option unset? cannot trace name) + faking res_search(AAAA) response length as 65535 + DNS lookup of host1.masq.test.ex (A) using fakens + DNS lookup of host1.masq.test.ex (A) succeeded + host1.masq.test.ex V4NET.90.90.90 mx=-1 sort=xx checking addresses for host1.masq.test.ex Forward DNS security status: unverified V4NET.90.90.90 diff --git a/test/stderr/0145 b/test/stderr/0145 index bf097166d..423a148f3 100644 --- a/test/stderr/0145 +++ b/test/stderr/0145 @@ -16,10 +16,12 @@ >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing x@mxt10.test.ex >>> calling domainlist router ->>> mxt10.test.ex in dnssec_require_domains? no (option unset) ->>> mxt10.test.ex in dnssec_request_domains? ->>> list element: * ->>> mxt10.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> mxt10.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> mxt10.test.ex in dnssec_request_domains? +>>> list element: * +>>> mxt10.test.ex in dnssec_request_domains? yes (matched "*") >>> domainlist router declined for x@mxt10.test.ex >>> "more" is false: skipping remaining routers >>> no more routers @@ -46,10 +48,12 @@ LOG: H=(test) [V4NET.9.8.7] F= rejected RCPT : Sender veri >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing x@ten-1.test.ex >>> calling domainlist router ->>> ten-1.test.ex in dnssec_require_domains? no (option unset) ->>> ten-1.test.ex in dnssec_request_domains? ->>> list element: * ->>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> ten-1.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> ten-1.test.ex in dnssec_request_domains? +>>> list element: * +>>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") >>> routed by domainlist router >>> ----------- end verify ------------ >>> require: condition test succeeded in ACL "check_recipient" @@ -58,10 +62,12 @@ LOG: H=(test) [V4NET.9.8.7] F= rejected RCPT : Sender veri >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing x@mxt10.test.ex >>> calling domainlist router ->>> mxt10.test.ex in dnssec_require_domains? no (option unset) ->>> mxt10.test.ex in dnssec_request_domains? ->>> list element: * ->>> mxt10.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> mxt10.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> mxt10.test.ex in dnssec_request_domains? +>>> list element: * +>>> mxt10.test.ex in dnssec_request_domains? yes (matched "*") >>> domainlist router declined for x@mxt10.test.ex >>> "more" is false: skipping remaining routers >>> no more routers diff --git a/test/stderr/0175 b/test/stderr/0175 index 2cc0d622a..81da79fe8 100644 --- a/test/stderr/0175 +++ b/test/stderr/0175 @@ -136,10 +136,12 @@ LOG: H=(test) [V4NET.0.0.0] F= rejected RCPT : >>> cached lookup data = NULL >>> ten-1.test.ex in domains? yes (end of list) >>> calling lookuphost router ->>> ten-1.test.ex in dnssec_require_domains? no (option unset) ->>> ten-1.test.ex in dnssec_request_domains? ->>> list element: * ->>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> ten-1.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> ten-1.test.ex in dnssec_request_domains? +>>> list element: * +>>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") >>> routed by lookuphost router >>> ----------- end verify ------------ >>> require: condition test succeeded in ACL "check_recipient" diff --git a/test/stderr/0183 b/test/stderr/0183 index 4e8a2a88f..827fde15b 100644 --- a/test/stderr/0183 +++ b/test/stderr/0183 @@ -39,10 +39,12 @@ userx in local_parts? yes (end of list) calling lookuphost router lookuphost router called for userx@test.again.dns domain = test.again.dns -test.again.dns in dnssec_require_domains? no (option unset) -test.again.dns in dnssec_request_domains? - list element: * - test.again.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.again.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.again.dns in dnssec_request_domains? + list element: * + test.again.dns in dnssec_request_domains? yes (matched "*") DNS lookup of test.again.dns (MX) using fakens DNS lookup of test.again.dns (MX) gave TRY_AGAIN test.again.dns in dns_again_means_nonexist? no (option unset) @@ -82,10 +84,12 @@ abcd in local_parts? yes (end of list) calling lookuphost router lookuphost router called for abcd@test.again.dns domain = test.again.dns -test.again.dns in dnssec_require_domains? no (option unset) -test.again.dns in dnssec_request_domains? - list element: * - test.again.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.again.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.again.dns in dnssec_request_domains? + list element: * + test.again.dns in dnssec_request_domains? yes (matched "*") DNS lookup of test.again.dns (MX): using cached value DNS_AGAIN test.again.dns not in empty list (option unset? cannot trace name) lookuphost router: defer for abcd@test.again.dns @@ -121,10 +125,12 @@ abcd in local_parts? yes (end of list) calling lookuphost router lookuphost router called for abcd@ten-1.test.ex domain = ten-1.test.ex -ten-1.test.ex in dnssec_require_domains? no (option unset) -ten-1.test.ex in dnssec_request_domains? - list element: * - ten-1.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1.test.ex in dnssec_request_domains? + list element: * + ten-1.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1.test.ex (MX) using fakens DNS lookup of ten-1.test.ex (MX) gave NO_DATA returning DNS_NODATA @@ -177,10 +183,12 @@ expanded list of hosts = 'test.again.dns' options = 'bydns' set transport smtp finding IP address for test.again.dns doing DNS lookup -test.again.dns in dnssec_require_domains? no (option unset) -test.again.dns in dnssec_request_domains? - list element: * - test.again.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.again.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.again.dns in dnssec_request_domains? + list element: * + test.again.dns in dnssec_request_domains? yes (matched "*") list element: * DNS lookup of test.again.dns (A) using fakens DNS lookup of test.again.dns (A) gave TRY_AGAIN @@ -221,10 +229,12 @@ original list of hosts = '$domain' options = 'bydns' expanded list of hosts = 'test.again.dns' options = 'bydns' finding IP address for test.again.dns doing DNS lookup -test.again.dns in dnssec_require_domains? no (option unset) -test.again.dns in dnssec_request_domains? - list element: * - test.again.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.again.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.again.dns in dnssec_request_domains? + list element: * + test.again.dns in dnssec_request_domains? yes (matched "*") list element: * DNS lookup of test.again.dns (A): using cached value DNS_AGAIN useryz router: defer for userz@test.again.dns @@ -260,10 +270,12 @@ xyz in local_parts? yes (end of list) calling lookuphost router lookuphost router called for xyz@ten-1.test.ex domain = ten-1.test.ex -ten-1.test.ex in dnssec_require_domains? no (option unset) -ten-1.test.ex in dnssec_request_domains? - list element: * - ten-1.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1.test.ex in dnssec_request_domains? + list element: * + ten-1.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1.test.ex (MX): using cached value DNS_NODATA list element: * DNS lookup of ten-1.test.ex (A) using fakens @@ -321,10 +333,12 @@ userx in local_parts? yes (end of list) calling lookuphost router lookuphost router called for userx@test.fail.dns domain = test.fail.dns -test.fail.dns in dnssec_require_domains? no (option unset) -test.fail.dns in dnssec_request_domains? - list element: * - test.fail.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.fail.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.fail.dns in dnssec_request_domains? + list element: * + test.fail.dns in dnssec_request_domains? yes (matched "*") DNS lookup of test.fail.dns (MX) using fakens DNS lookup of test.fail.dns (MX) gave NO_RECOVERY returning DNS_FAIL @@ -363,10 +377,12 @@ abcd in local_parts? yes (end of list) calling lookuphost router lookuphost router called for abcd@test.fail.dns domain = test.fail.dns -test.fail.dns in dnssec_require_domains? no (option unset) -test.fail.dns in dnssec_request_domains? - list element: * - test.fail.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.fail.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.fail.dns in dnssec_request_domains? + list element: * + test.fail.dns in dnssec_request_domains? yes (matched "*") DNS lookup of test.fail.dns (MX): using cached value DNS_FAIL test.fail.dns not in empty list (option unset? cannot trace name) lookuphost router: defer for abcd@test.fail.dns @@ -402,10 +418,12 @@ abcd in local_parts? yes (end of list) calling lookuphost router lookuphost router called for abcd@ten-1.test.ex domain = ten-1.test.ex -ten-1.test.ex in dnssec_require_domains? no (option unset) -ten-1.test.ex in dnssec_request_domains? - list element: * - ten-1.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1.test.ex in dnssec_request_domains? + list element: * + ten-1.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1.test.ex (MX) using fakens DNS lookup of ten-1.test.ex (MX) gave NO_DATA returning DNS_NODATA @@ -458,10 +476,12 @@ expanded list of hosts = 'test.fail.dns' options = 'bydns' set transport smtp finding IP address for test.fail.dns doing DNS lookup -test.fail.dns in dnssec_require_domains? no (option unset) -test.fail.dns in dnssec_request_domains? - list element: * - test.fail.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.fail.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.fail.dns in dnssec_request_domains? + list element: * + test.fail.dns in dnssec_request_domains? yes (matched "*") list element: * DNS lookup of test.fail.dns (A) using fakens DNS lookup of test.fail.dns (A) gave NO_RECOVERY @@ -501,10 +521,12 @@ original list of hosts = '$domain' options = 'bydns' expanded list of hosts = 'test.fail.dns' options = 'bydns' finding IP address for test.fail.dns doing DNS lookup -test.fail.dns in dnssec_require_domains? no (option unset) -test.fail.dns in dnssec_request_domains? - list element: * - test.fail.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.fail.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.fail.dns in dnssec_request_domains? + list element: * + test.fail.dns in dnssec_request_domains? yes (matched "*") list element: * DNS lookup of test.fail.dns (A): using cached value DNS_FAIL useryz router: defer for userz@test.fail.dns @@ -540,10 +562,12 @@ xyz in local_parts? yes (end of list) calling lookuphost router lookuphost router called for xyz@ten-1.test.ex domain = ten-1.test.ex -ten-1.test.ex in dnssec_require_domains? no (option unset) -ten-1.test.ex in dnssec_request_domains? - list element: * - ten-1.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1.test.ex in dnssec_request_domains? + list element: * + ten-1.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1.test.ex (MX): using cached value DNS_NODATA list element: * DNS lookup of ten-1.test.ex (A) using fakens @@ -601,10 +625,12 @@ userx in local_parts? yes (end of list) calling lookuphost router lookuphost router called for userx@nonexist.test.ex domain = nonexist.test.ex -nonexist.test.ex in dnssec_require_domains? no (option unset) -nonexist.test.ex in dnssec_request_domains? - list element: * - nonexist.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + nonexist.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + nonexist.test.ex in dnssec_request_domains? + list element: * + nonexist.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of nonexist.test.ex (MX) using fakens DNS lookup of nonexist.test.ex (MX) gave HOST_NOT_FOUND returning DNS_NOMATCH @@ -644,10 +670,12 @@ abcd in local_parts? yes (end of list) calling lookuphost router lookuphost router called for abcd@nonexist.test.ex domain = nonexist.test.ex -nonexist.test.ex in dnssec_require_domains? no (option unset) -nonexist.test.ex in dnssec_request_domains? - list element: * - nonexist.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + nonexist.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + nonexist.test.ex in dnssec_request_domains? + list element: * + nonexist.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of nonexist.test.ex (MX): using cached value DNS_NOMATCH lookuphost router declined for abcd@nonexist.test.ex "more" is false: skipping remaining routers @@ -683,10 +711,12 @@ abcd in local_parts? yes (end of list) calling lookuphost router lookuphost router called for abcd@ten-1.test.ex domain = ten-1.test.ex -ten-1.test.ex in dnssec_require_domains? no (option unset) -ten-1.test.ex in dnssec_request_domains? - list element: * - ten-1.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1.test.ex in dnssec_request_domains? + list element: * + ten-1.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1.test.ex (MX) using fakens DNS lookup of ten-1.test.ex (MX) gave NO_DATA returning DNS_NODATA @@ -739,10 +769,12 @@ expanded list of hosts = 'nonexist.test.ex' options = 'bydns' set transport smtp finding IP address for nonexist.test.ex doing DNS lookup -nonexist.test.ex in dnssec_require_domains? no (option unset) -nonexist.test.ex in dnssec_request_domains? - list element: * - nonexist.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + nonexist.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + nonexist.test.ex in dnssec_request_domains? + list element: * + nonexist.test.ex in dnssec_request_domains? yes (matched "*") list element: * DNS lookup of nonexist.test.ex (A) using fakens DNS lookup of nonexist.test.ex (A) gave HOST_NOT_FOUND @@ -783,10 +815,12 @@ original list of hosts = '$domain' options = 'bydns' expanded list of hosts = 'nonexist.test.ex' options = 'bydns' finding IP address for nonexist.test.ex doing DNS lookup -nonexist.test.ex in dnssec_require_domains? no (option unset) -nonexist.test.ex in dnssec_request_domains? - list element: * - nonexist.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + nonexist.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + nonexist.test.ex in dnssec_request_domains? + list element: * + nonexist.test.ex in dnssec_request_domains? yes (matched "*") list element: * DNS lookup of nonexist.test.ex (A): using cached value DNS_NOMATCH useryz router: defer for userz@nonexist.test.ex @@ -822,10 +856,12 @@ xyz in local_parts? yes (end of list) calling lookuphost router lookuphost router called for xyz@ten-1.test.ex domain = ten-1.test.ex -ten-1.test.ex in dnssec_require_domains? no (option unset) -ten-1.test.ex in dnssec_request_domains? - list element: * - ten-1.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1.test.ex in dnssec_request_domains? + list element: * + ten-1.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1.test.ex (MX): using cached value DNS_NODATA list element: * DNS lookup of ten-1.test.ex (A) using fakens @@ -868,10 +904,12 @@ srv in local_parts? calling srv router srv router called for srv@test.again.dns domain = test.again.dns -test.again.dns in dnssec_require_domains? no (option unset) -test.again.dns in dnssec_request_domains? - list element: * - test.again.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.again.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.again.dns in dnssec_request_domains? + list element: * + test.again.dns in dnssec_request_domains? yes (matched "*") DNS lookup of _smtp._tcp.test.again.dns (SRV) using fakens DNS lookup of _smtp._tcp.test.again.dns (SRV) gave TRY_AGAIN _smtp._tcp.test.again.dns in dns_again_means_nonexist? no (option unset) @@ -898,10 +936,12 @@ srv in local_parts? calling srv router srv router called for srv@test.fail.dns domain = test.fail.dns -test.fail.dns in dnssec_require_domains? no (option unset) -test.fail.dns in dnssec_request_domains? - list element: * - test.fail.dns in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.fail.dns in dnssec_require_domains? no (option unset) +check dnssec request list + test.fail.dns in dnssec_request_domains? + list element: * + test.fail.dns in dnssec_request_domains? yes (matched "*") DNS lookup of _smtp._tcp.test.fail.dns (SRV) using fakens DNS lookup of _smtp._tcp.test.fail.dns (SRV) gave NO_RECOVERY returning DNS_FAIL @@ -968,10 +1008,12 @@ userx in local_parts? yes (end of list) calling lookuphost router lookuphost router called for userx@nonexist.example.com domain = nonexist.example.com -nonexist.example.com in dnssec_require_domains? no (option unset) -nonexist.example.com in dnssec_request_domains? - list element: * - nonexist.example.com in dnssec_request_domains? yes (matched "*") +check dnssec require list + nonexist.example.com in dnssec_require_domains? no (option unset) +check dnssec request list + nonexist.example.com in dnssec_request_domains? + list element: * + nonexist.example.com in dnssec_request_domains? yes (matched "*") DNS lookup of nonexist.example.com (MX) using fakens DNS lookup of nonexist.example.com (MX) gave HOST_NOT_FOUND returning DNS_NOMATCH @@ -1022,10 +1064,12 @@ checking "condition" "${acl {delay}}"... calling delay router delay router called for userd@nonexist.example.com domain = nonexist.example.com -nonexist.example.com in dnssec_require_domains? no (option unset) -nonexist.example.com in dnssec_request_domains? - list element: * - nonexist.example.com in dnssec_request_domains? yes (matched "*") +check dnssec require list + nonexist.example.com in dnssec_require_domains? no (option unset) +check dnssec request list + nonexist.example.com in dnssec_request_domains? + list element: * + nonexist.example.com in dnssec_request_domains? yes (matched "*") DNS lookup of nonexist.example.com (MX): cached value DNS_NOMATCH past valid time DNS lookup of nonexist.example.com (MX) using fakens DNS lookup of nonexist.example.com (MX) gave HOST_NOT_FOUND diff --git a/test/stderr/0234 b/test/stderr/0234 index 5f34ad73d..211211964 100644 --- a/test/stderr/0234 +++ b/test/stderr/0234 @@ -18,6 +18,8 @@ >>> start sublist relay_domains >>> d in "@mx_any"? >>> ╎list element: @mx_any +>>> ╎check dnssec require list +>>> ╎check dnssec request list >>> d in "@mx_any"? no (end of list) >>> end sublist relay_domains >>> d in "+relay_domains"? no (end of list) @@ -35,6 +37,8 @@ LOG: H=(test) [V4NET.0.0.0] F= rejected RCPT : relay not permitted >>> start sublist relay_domains >>> mxt1.test.ex in "@mx_any"? >>> ╎list element: @mx_any +>>> ╎check dnssec require list +>>> ╎check dnssec request list >>> local host has lowest MX >>> ╎mxt1.test.ex in "@mx_any"? yes (matched "@mx_any") >>> end sublist relay_domains @@ -50,6 +54,8 @@ LOG: H=(test) [V4NET.0.0.0] F= rejected RCPT : relay not permitted >>> start sublist relay_domains >>> mxt6.test.ex in "@mx_any"? >>> ╎list element: @mx_any +>>> ╎check dnssec require list +>>> ╎check dnssec request list >>> local host in host list - removed hosts: >>> ten-2.test.ex V4NET.0.0.2 6 >>> eximtesthost.test.ex ip4.ip4.ip4.ip4 6 diff --git a/test/stderr/0277 b/test/stderr/0277 index 12c462e56..3cbd9d3db 100644 --- a/test/stderr/0277 +++ b/test/stderr/0277 @@ -21,12 +21,12 @@ host in host_lookup? end sublist lookup_hosts host in host_lookup? yes (matched "+lookup_hosts") looking up host name for V4NET.2.3.4 -DNS lookup of 4.3.2.V4NET.in-addr.arpa (PTR) using fakens -DNS lookup of 4.3.2.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND -returning DNS_NOMATCH -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - writing neg-cache entry for 4.3.2.V4NET.in-addr.arpa-PTR-xxxx, ttl -1 + DNS lookup of 4.3.2.V4NET.in-addr.arpa (PTR) using fakens + DNS lookup of 4.3.2.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND + returning DNS_NOMATCH + DNS: couldn't fake dnsa len + DNS: no SOA record found for neg-TTL + writing neg-cache entry for 4.3.2.V4NET.in-addr.arpa-PTR-4100041, ttl -1 LOG: host_lookup_failed MAIN no host name found for IP address V4NET.2.3.4 sender_fullhost = [V4NET.2.3.4] @@ -138,12 +138,12 @@ host in host_lookup? end sublist never_hosts host in host_lookup? yes (end of list) looking up host name for V4NET.10.11.12 -DNS lookup of 12.11.10.V4NET.in-addr.arpa (PTR) using fakens -DNS lookup of 12.11.10.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND -returning DNS_NOMATCH -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - writing neg-cache entry for 12.11.10.V4NET.in-addr.arpa-PTR-xxxx, ttl -1 + DNS lookup of 12.11.10.V4NET.in-addr.arpa (PTR) using fakens + DNS lookup of 12.11.10.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND + returning DNS_NOMATCH + DNS: couldn't fake dnsa len + DNS: no SOA record found for neg-TTL + writing neg-cache entry for 12.11.10.V4NET.in-addr.arpa-PTR-4100041, ttl -1 LOG: host_lookup_failed MAIN no host name found for IP address V4NET.10.11.12 sender_fullhost = [V4NET.10.11.12] @@ -208,12 +208,12 @@ host in host_lookup? end sublist never_hosts host in host_lookup? yes (end of list) looking up host name for V4NET.1.1.1 -DNS lookup of 1.1.1.V4NET.in-addr.arpa (PTR) using fakens -DNS lookup of 1.1.1.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND -returning DNS_NOMATCH -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - writing neg-cache entry for 1.1.1.V4NET.in-addr.arpa-PTR-xxxx, ttl -1 + DNS lookup of 1.1.1.V4NET.in-addr.arpa (PTR) using fakens + DNS lookup of 1.1.1.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND + returning DNS_NOMATCH + DNS: couldn't fake dnsa len + DNS: no SOA record found for neg-TTL + writing neg-cache entry for 1.1.1.V4NET.in-addr.arpa-PTR-4100041, ttl -1 LOG: host_lookup_failed MAIN no host name found for IP address V4NET.1.1.1 sender_fullhost = [V4NET.1.1.1] @@ -278,12 +278,12 @@ host in host_lookup? end sublist never_hosts host in host_lookup? yes (end of list) looking up host name for V4NET.2.2.2 -DNS lookup of 2.2.2.V4NET.in-addr.arpa (PTR) using fakens -DNS lookup of 2.2.2.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND -returning DNS_NOMATCH -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - writing neg-cache entry for 2.2.2.V4NET.in-addr.arpa-PTR-xxxx, ttl -1 + DNS lookup of 2.2.2.V4NET.in-addr.arpa (PTR) using fakens + DNS lookup of 2.2.2.V4NET.in-addr.arpa (PTR) gave HOST_NOT_FOUND + returning DNS_NOMATCH + DNS: couldn't fake dnsa len + DNS: no SOA record found for neg-TTL + writing neg-cache entry for 2.2.2.V4NET.in-addr.arpa-PTR-4100041, ttl -1 LOG: host_lookup_failed MAIN no host name found for IP address V4NET.2.2.2 sender_fullhost = [V4NET.2.2.2] diff --git a/test/stderr/0278 b/test/stderr/0278 index 0e32b4c92..30538f4f4 100644 --- a/test/stderr/0278 +++ b/test/stderr/0278 @@ -382,10 +382,12 @@ unknown in local_parts? yes (end of list) calling r2 router r2 router called for unknown@test.ex domain = test.ex -test.ex in dnssec_require_domains? no (option unset) -test.ex in dnssec_request_domains? - list element: * - test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + test.ex in dnssec_request_domains? + list element: * + test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of test.ex (MX) using fakens DNS lookup of test.ex (MX) gave NO_DATA returning DNS_NODATA diff --git a/test/stderr/0281 b/test/stderr/0281 index 0d9e1a3be..ade958445 100644 --- a/test/stderr/0281 +++ b/test/stderr/0281 @@ -50,6 +50,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <1@else.where>: domain doesn't >>> check domains = @mx_any >>> mxt13.test.ex in "@mx_any"? >>> list element: @mx_any +>>> check dnssec require list +>>> check dnssec request list >>> other1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> other1.test.ex in hosts_treat_as_local? yes (matched "other1.test.ex") @@ -65,6 +67,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <1@else.where>: domain doesn't >>> check domains = @mx_any >>> mxt1.test.ex in "@mx_any"? >>> list element: @mx_any +>>> check dnssec require list +>>> check dnssec request list >>> eximtesthost.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> eximtesthost.test.ex in hosts_treat_as_local? no (end of list) @@ -80,6 +84,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <1@else.where>: domain doesn't >>> check domains = @mx_any >>> mxt6.test.ex in "@mx_any"? >>> list element: @mx_any +>>> check dnssec require list +>>> check dnssec request list >>> ten-1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> ten-1.test.ex in hosts_treat_as_local? no (end of list) @@ -100,6 +106,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <1@else.where>: domain doesn't >>> check domains = @mx_any >>> mxt9.test.ex in "@mx_any"? >>> list element: @mx_any +>>> check dnssec require list +>>> check dnssec request list >>> ten-1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> ten-1.test.ex in hosts_treat_as_local? no (end of list) @@ -119,6 +127,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <2@mxt9.test.ex>: domain doesn >>> check domains = @mx_any >>> mxnone.test.ex in "@mx_any"? >>> list element: @mx_any +>>> check dnssec require list +>>> check dnssec request list >>> mxnone.test.ex in "@mx_any"? no (end of list) >>> require: condition test failed in ACL "acl_rcpt_2" >>> end of ACL "acl_rcpt_2": not OK @@ -129,6 +139,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <2@mxnone.test.ex>: domain doe >>> check domains = @mx_primary >>> mxt5.test.ex in "@mx_primary"? >>> list element: @mx_primary +>>> check dnssec require list +>>> check dnssec request list >>> ten-1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> ten-1.test.ex in hosts_treat_as_local? no (end of list) @@ -147,6 +159,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <2@mxnone.test.ex>: domain doe >>> check domains = @mx_primary >>> mxt6.test.ex in "@mx_primary"? >>> list element: @mx_primary +>>> check dnssec require list +>>> check dnssec request list >>> ten-1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> ten-1.test.ex in hosts_treat_as_local? no (end of list) @@ -169,6 +183,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <3@mxt6.test.ex>: domain doesn >>> check domains = @mx_primary >>> mxt9.test.ex in "@mx_primary"? >>> list element: @mx_primary +>>> check dnssec require list +>>> check dnssec request list >>> ten-1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> ten-1.test.ex in hosts_treat_as_local? no (end of list) @@ -188,6 +204,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <3@mxt9.test.ex>: domain doesn >>> check domains = @mx_primary >>> mxnone.test.ex in "@mx_primary"? >>> list element: @mx_primary +>>> check dnssec require list +>>> check dnssec request list >>> mxnone.test.ex in "@mx_primary"? no (end of list) >>> require: condition test failed in ACL "acl_rcpt_3" >>> end of ACL "acl_rcpt_3": not OK @@ -198,6 +216,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <3@mxnone.test.ex>: domain doe >>> check domains = @mx_secondary >>> mxt5.test.ex in "@mx_secondary"? >>> list element: @mx_secondary +>>> check dnssec require list +>>> check dnssec request list >>> eximtesthost.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> eximtesthost.test.ex in hosts_treat_as_local? no (end of list) @@ -212,6 +232,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <4@mxt5.test.ex>: domain doesn >>> check domains = @mx_secondary >>> mxt6.test.ex in "@mx_secondary"? >>> list element: @mx_secondary +>>> check dnssec require list +>>> check dnssec request list >>> ten-1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> ten-1.test.ex in hosts_treat_as_local? no (end of list) @@ -235,6 +257,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <4@mxt5.test.ex>: domain doesn >>> check domains = @mx_secondary >>> mxt9.test.ex in "@mx_secondary"? >>> list element: @mx_secondary +>>> check dnssec require list +>>> check dnssec request list >>> ten-1.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> ten-1.test.ex in hosts_treat_as_local? no (end of list) @@ -254,6 +278,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <4@mxt9.test.ex>: domain doesn >>> check domains = @mx_secondary >>> mxnone.test.ex in "@mx_secondary"? >>> list element: @mx_secondary +>>> check dnssec require list +>>> check dnssec request list >>> mxnone.test.ex in "@mx_secondary"? no (end of list) >>> require: condition test failed in ACL "acl_rcpt_4" >>> end of ACL "acl_rcpt_4": not OK @@ -343,6 +369,8 @@ MUNGED: ::1 will be omitted in what follows >>> check domains = @mx_any >>> mxt3.test.ex in "@mx_any"? >>> list element: @mx_any +>>> check dnssec require list +>>> check dnssec request list >>> not-exist.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> not-exist.test.ex in hosts_treat_as_local? no (end of list) @@ -362,6 +390,8 @@ MUNGED: ::1 will be omitted in what follows >>> check domains = @mx_primary >>> mxt3.test.ex in "@mx_primary"? >>> list element: @mx_primary +>>> check dnssec require list +>>> check dnssec request list >>> not-exist.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> not-exist.test.ex in hosts_treat_as_local? no (end of list) @@ -380,6 +410,8 @@ LOG: H=(test) [V4NET.1.1.1] F= rejected RCPT <3@mxt3.test.ex>: domain doesn >>> check domains = @mx_secondary >>> mxt3.test.ex in "@mx_secondary"? >>> list element: @mx_secondary +>>> check dnssec require list +>>> check dnssec request list >>> not-exist.test.ex in hosts_treat_as_local? >>> list element: other1.test.ex >>> not-exist.test.ex in hosts_treat_as_local? no (end of list) diff --git a/test/stderr/0303 b/test/stderr/0303 index 2a08f7e20..8e735c327 100644 --- a/test/stderr/0303 +++ b/test/stderr/0303 @@ -11,8 +11,10 @@ >>> myhost.test.ex in helo_lookup_domains? yes (matched "@") >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> host in hosts_connection_nolog? no (option unset) @@ -29,8 +31,10 @@ >>> [127.0.0.1] in helo_lookup_domains? yes (matched "@[]") >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> list element: * diff --git a/test/stderr/0308 b/test/stderr/0308 index b9b2fd69a..c030e8232 100644 --- a/test/stderr/0308 +++ b/test/stderr/0308 @@ -47,8 +47,10 @@ LOG: no host name found for IP address V4NET.0.0.97 >>> sender host name required, to match against *.test.ex >>> looking up host name for V4NET.0.0.1 >>> IP address lookup yielded "ten-1.test.ex" ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) ->>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> ten-1.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> host in "*.test.ex"? yes (matched "*.test.ex") diff --git a/test/stderr/0342 b/test/stderr/0342 index 3c954cbd9..195ba35e9 100644 --- a/test/stderr/0342 +++ b/test/stderr/0342 @@ -17,18 +17,22 @@ >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing x@ten-1 >>> calling dnslookup router ->>> ten-1 in dnssec_require_domains? no (option unset) ->>> ten-1 in dnssec_request_domains? ->>> list element: * ->>> ten-1 in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> ten-1 in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> ten-1 in dnssec_request_domains? +>>> list element: * +>>> ten-1 in dnssec_request_domains? yes (matched "*") >>> re-routed to x@ten-1.test.ex >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing x@ten-1.test.ex >>> calling dnslookup router ->>> ten-1.test.ex in dnssec_require_domains? no (option unset) ->>> ten-1.test.ex in dnssec_request_domains? ->>> list element: * ->>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> ten-1.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> ten-1.test.ex in dnssec_request_domains? +>>> list element: * +>>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") >>> routed by dnslookup router >>> ----------- end verify ------------ >>> deny: condition test failed in ACL "check_rcpt" diff --git a/test/stderr/0361 b/test/stderr/0361 index 0704cd81c..1a8f7c19e 100644 --- a/test/stderr/0361 +++ b/test/stderr/0361 @@ -100,20 +100,24 @@ recurse.test.ex in domains? yes (end of list) calling r1 router r1 router called for kilos@recurse.test.ex domain = recurse.test.ex -recurse.test.ex in dnssec_require_domains? no (option unset) -recurse.test.ex in dnssec_request_domains? - list element: * - recurse.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + recurse.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + recurse.test.ex in dnssec_request_domains? + list element: * + recurse.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of recurse.test.ex (MX) using fakens DNS lookup of recurse.test.ex (MX) gave HOST_NOT_FOUND returning DNS_NOMATCH faking res_search(MX) response length as 65535 writing neg-cache entry for recurse.test.ex-MX-xxxx, ttl 3000 r1 router widened recurse.test.ex to recurse.test.ex.test.ex -recurse.test.ex.test.ex in dnssec_require_domains? no (option unset) -recurse.test.ex.test.ex in dnssec_request_domains? - list element: * - recurse.test.ex.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + recurse.test.ex.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + recurse.test.ex.test.ex in dnssec_request_domains? + list element: * + recurse.test.ex.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of recurse.test.ex.test.ex (MX) using fakens DNS lookup of recurse.test.ex.test.ex (MX) gave NO_DATA returning DNS_NODATA diff --git a/test/stderr/0368 b/test/stderr/0368 index 4f8702dff..3b373e5e5 100644 --- a/test/stderr/0368 +++ b/test/stderr/0368 @@ -3,6 +3,8 @@ configuration file is TESTSUITE/test-config admin user dropping to exim gid; retaining priv uid mxt9.test.ex in domains? no (end of list) +check dnssec require list +check dnssec request list discarded duplicate host ten-1.test.ex (MX=8) fully qualified name = mxt9.test.ex host_find_bydns yield = HOST_FOUND (3); returned hosts: @@ -10,6 +12,8 @@ host_find_bydns yield = HOST_FOUND (3); returned hosts: ten-2.test.ex V4NET.0.0.2 MX=6 ten-3.test.ex V4NET.0.0.3 MX=7 mxt14.test.ex in domains? no (end of list) +check dnssec require list +check dnssec request list duplicate IP address V4NET.0.0.5 (MX=5) removed duplicate IP address V4NET.0.0.6 (MX=6) removed fully qualified name = mxt14.test.ex @@ -18,14 +22,20 @@ host_find_bydns yield = HOST_FOUND (3); returned hosts: ten-5-6.test.ex V4NET.0.0.6 MX=4 finding IP address for ten-1.test.ex doing DNS lookup +check dnssec require list +check dnssec request list fully qualified name = ten-1.test.ex ten-1.test.ex V4NET.0.0.1 mx=-1 sort=xx finding IP address for ten-1.test.ex doing DNS lookup +check dnssec require list +check dnssec request list fully qualified name = ten-1.test.ex ten-1.test.ex V4NET.0.0.1 mx=-1 sort=xx finding IP address for ten-2.test.ex doing DNS lookup +check dnssec require list +check dnssec request list fully qualified name = ten-2.test.ex ten-2.test.ex V4NET.0.0.2 mx=-1 sort=xx >>>>>>>>>>>>>>>> Exim pid=p1234 (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stderr/0381 b/test/stderr/0381 index c0a66731c..7a3950c14 100644 --- a/test/stderr/0381 +++ b/test/stderr/0381 @@ -48,23 +48,29 @@ host in "*.gov.uk.test.ex"? list element: *.gov.uk.test.ex sender host name required, to match against *.gov.uk.test.ex looking up host name for V4NET.99.99.97 -DNS lookup of 97.99.99.V4NET.in-addr.arpa (PTR) using fakens -DNS lookup of 97.99.99.V4NET.in-addr.arpa (PTR) succeeded + DNS lookup of 97.99.99.V4NET.in-addr.arpa (PTR) using fakens + DNS lookup of 97.99.99.V4NET.in-addr.arpa (PTR) succeeded IP address lookup yielded "x.gov.uk.test.ex" alias "x.co.uk.test.ex" - x.gov.uk.test.ex not in empty list (option unset? cannot trace name) - x.gov.uk.test.ex not in empty list (option unset? cannot trace name) -DNS lookup of x.gov.uk.test.ex (A) using fakens -DNS lookup of x.gov.uk.test.ex (A) succeeded -x.gov.uk.test.ex V4NET.99.99.97 mx=-1 sort=xx + check dnssec require list + x.gov.uk.test.ex not in empty list (option unset? cannot trace name) + check dnssec request list + x.gov.uk.test.ex not in empty list (option unset? cannot trace name) + faking res_search(AAAA) response length as 65535 + DNS lookup of x.gov.uk.test.ex (A) using fakens + DNS lookup of x.gov.uk.test.ex (A) succeeded + x.gov.uk.test.ex V4NET.99.99.97 mx=-1 sort=xx checking addresses for x.gov.uk.test.ex Forward DNS security status: unverified V4NET.99.99.97 OK - x.co.uk.test.ex not in empty list (option unset? cannot trace name) - x.co.uk.test.ex not in empty list (option unset? cannot trace name) -DNS lookup of x.co.uk.test.ex (A) using fakens -DNS lookup of x.co.uk.test.ex (A) succeeded -x.co.uk.test.ex V4NET.99.99.97 mx=-1 sort=xx + check dnssec require list + x.co.uk.test.ex not in empty list (option unset? cannot trace name) + check dnssec request list + x.co.uk.test.ex not in empty list (option unset? cannot trace name) + faking res_search(AAAA) response length as 65535 + DNS lookup of x.co.uk.test.ex (A) using fakens + DNS lookup of x.co.uk.test.ex (A) succeeded + x.co.uk.test.ex V4NET.99.99.97 mx=-1 sort=xx checking addresses for x.co.uk.test.ex Forward DNS security status: unverified V4NET.99.99.97 OK diff --git a/test/stderr/0386 b/test/stderr/0386 index 03c432317..52f542fa5 100644 --- a/test/stderr/0386 +++ b/test/stderr/0386 @@ -231,12 +231,12 @@ check acl = TESTSUITE/aux-fixed/0386.acl2 check dnslists = rbl.test.ex dnslists check: rbl.test.ex new DNS lookup for 13.12.11.V4NET.rbl.test.ex -DNS lookup of 13.12.11.V4NET.rbl.test.ex (A) using fakens -DNS lookup of 13.12.11.V4NET.rbl.test.ex (A) succeeded + DNS lookup of 13.12.11.V4NET.rbl.test.ex (A) using fakens + DNS lookup of 13.12.11.V4NET.rbl.test.ex (A) succeeded dnslists: wrote cache entry, ttl=3 DNS lookup for 13.12.11.V4NET.rbl.test.ex succeeded (yielding 127.0.0.2) -DNS lookup of 13.12.11.V4NET.rbl.test.ex (TXT) using fakens -DNS lookup of 13.12.11.V4NET.rbl.test.ex (TXT) succeeded + DNS lookup of 13.12.11.V4NET.rbl.test.ex (TXT) using fakens + DNS lookup of 13.12.11.V4NET.rbl.test.ex (TXT) succeeded => that means V4NET.11.12.13 is listed at rbl.test.ex warn: condition test succeeded in ACL "TESTSUITE/aux-fixed/0386.acl2" LOG: MAIN diff --git a/test/stderr/0419 b/test/stderr/0419 index ab8c60990..98d3a7813 100644 --- a/test/stderr/0419 +++ b/test/stderr/0419 @@ -29,10 +29,12 @@ mxt13.test.ex in domains? yes (end of list) calling dnslookup router dnslookup router called for k@mxt13.test.ex domain = mxt13.test.ex -mxt13.test.ex in dnssec_require_domains? no (option unset) -mxt13.test.ex in dnssec_request_domains? - list element: * - mxt13.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + mxt13.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + mxt13.test.ex in dnssec_request_domains? + list element: * + mxt13.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of mxt13.test.ex (MX) using fakens DNS lookup of mxt13.test.ex (MX) succeeded DNS lookup of other1.test.ex (A) using fakens diff --git a/test/stderr/0426 b/test/stderr/0426 index c489dbcef..197cdbc6e 100644 --- a/test/stderr/0426 +++ b/test/stderr/0426 @@ -28,6 +28,8 @@ local_part=x domain=uppercase.test.ex calling r1 router r1 router called for x@uppercase.test.ex domain = uppercase.test.ex +check dnssec require list +check dnssec request list uppercase.test.ex (MX resp) DNSSEC local host found for non-MX address fully qualified name = UpperCase.test.ex diff --git a/test/stderr/0443 b/test/stderr/0443 index 1d5b1f0d8..e1c28db83 100644 --- a/test/stderr/0443 +++ b/test/stderr/0443 @@ -16,10 +16,12 @@ >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing x@ten-1.test.ex >>> calling r1 router ->>> ten-1.test.ex in dnssec_require_domains? no (option unset) ->>> ten-1.test.ex in dnssec_request_domains? ->>> list element: * ->>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> ten-1.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> ten-1.test.ex in dnssec_request_domains? +>>> list element: * +>>> ten-1.test.ex in dnssec_request_domains? yes (matched "*") >>> routed by r1 router >>> Attempting full verification using callout >>> callout cache: no domain record found for ten-1.test.ex diff --git a/test/stderr/0463 b/test/stderr/0463 index 037fcbe6f..efe4fed19 100644 --- a/test/stderr/0463 +++ b/test/stderr/0463 @@ -18,20 +18,24 @@ local_part=x domain=ten-1 checking domains ten-1 in domains? list element: !@mx_any -DNS lookup of ten-1 (MX) using fakens -DNS lookup of ten-1 (MX) gave NO_DATA -returning DNS_NODATA -faking res_search(MX) response length as 65535 - writing neg-cache entry for ten-1-MX-xxxx, ttl 3000 -Address records are not being sought + check dnssec require list + check dnssec request list + DNS lookup of ten-1 (MX) using fakens + DNS lookup of ten-1 (MX) gave NO_DATA + returning DNS_NODATA + faking res_search(MX) response length as 65535 + writing neg-cache entry for ten-1-MX-4100041, ttl 3000 + Address records are not being sought ten-1 in domains? yes (end of list) calling all router all router called for x@ten-1 domain = ten-1 -ten-1 in dnssec_require_domains? no (option unset) -ten-1 in dnssec_request_domains? - list element: * - ten-1 in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1 in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1 in dnssec_request_domains? + list element: * + ten-1 in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1 (MX) using fakens DNS lookup of ten-1 (MX) gave NO_DATA returning DNS_NODATA @@ -54,20 +58,24 @@ local_part=x domain=ten-1.test.ex checking domains ten-1.test.ex in domains? list element: !@mx_any -DNS lookup of ten-1.test.ex (MX) using fakens -DNS lookup of ten-1.test.ex (MX) gave NO_DATA -returning DNS_NODATA -faking res_search(MX) response length as 65535 - writing neg-cache entry for ten-1.test.ex-MX-xxxx, ttl 3000 -Address records are not being sought + check dnssec require list + check dnssec request list + DNS lookup of ten-1.test.ex (MX) using fakens + DNS lookup of ten-1.test.ex (MX) gave NO_DATA + returning DNS_NODATA + faking res_search(MX) response length as 65535 + writing neg-cache entry for ten-1.test.ex-MX-4900041, ttl 3000 + Address records are not being sought ten-1.test.ex in domains? yes (end of list) calling all router all router called for x@ten-1.test.ex domain = ten-1.test.ex -ten-1.test.ex in dnssec_require_domains? no (option unset) -ten-1.test.ex in dnssec_request_domains? - list element: * - ten-1.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + ten-1.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + ten-1.test.ex in dnssec_request_domains? + list element: * + ten-1.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of ten-1.test.ex (MX) using fakens DNS lookup of ten-1.test.ex (MX) gave NO_DATA returning DNS_NODATA diff --git a/test/stderr/0469 b/test/stderr/0469 index c792d8a8a..a29d7763c 100644 --- a/test/stderr/0469 +++ b/test/stderr/0469 @@ -18,10 +18,12 @@ local_part=x domain=mxt1c.test.ex calling r1 router r1 router called for x@mxt1c.test.ex domain = mxt1c.test.ex -mxt1c.test.ex in dnssec_require_domains? no (option unset) -mxt1c.test.ex in dnssec_request_domains? - list element: * - mxt1c.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + mxt1c.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + mxt1c.test.ex in dnssec_request_domains? + list element: * + mxt1c.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of mxt1c.test.ex (MX) using fakens DNS lookup of mxt1c.test.ex (MX) succeeded DNS lookup of dontqualify (A) using fakens diff --git a/test/stderr/0499 b/test/stderr/0499 index 3cf1c41b9..236d952fd 100644 --- a/test/stderr/0499 +++ b/test/stderr/0499 @@ -21,13 +21,15 @@ mxt1.test.ex in domains? start sublist anymx mxt1.test.ex in "@mx_any"? ╎list element: @mx_any -DNS lookup of mxt1.test.ex (MX) using fakens -DNS lookup of mxt1.test.ex (MX) succeeded -DNS lookup of eximtesthost.test.ex (A) using fakens -DNS lookup of eximtesthost.test.ex (A) succeeded + ╎check dnssec require list + ╎check dnssec request list + ╎DNS lookup of mxt1.test.ex (MX) using fakens + ╎DNS lookup of mxt1.test.ex (MX) succeeded + ╎DNS lookup of eximtesthost.test.ex (A) using fakens + ╎DNS lookup of eximtesthost.test.ex (A) succeeded local host has lowest MX -host_find_bydns yield = HOST_FOUND_LOCAL (4); returned hosts: - eximtesthost.test.ex ip4.ip4.ip4.ip4 MX=5 + ╎host_find_bydns yield = HOST_FOUND_LOCAL (4); returned hosts: + ╎ eximtesthost.test.ex ip4.ip4.ip4.ip4 MX=5 ╎mxt1.test.ex in "@mx_any"? yes (matched "@mx_any") end sublist anymx data from lookup saved for cache for +anymx: key 'mxt1.test.ex' value '@mx_any' @@ -38,13 +40,15 @@ checking "condition" "${if match_domain{$domain}{+anymx}{yes}}"... start sublist anymx ╎mxt1.test.ex in "@mx_any"? ╎ list element: @mx_any -DNS lookup of mxt1.test.ex (MX) using fakens -DNS lookup of mxt1.test.ex (MX) succeeded -DNS lookup of eximtesthost.test.ex (A) using fakens -DNS lookup of eximtesthost.test.ex (A) succeeded + ╎ check dnssec require list + ╎ check dnssec request list + ╎ DNS lookup of mxt1.test.ex (MX) using fakens + ╎ DNS lookup of mxt1.test.ex (MX) succeeded + ╎ DNS lookup of eximtesthost.test.ex (A) using fakens + ╎ DNS lookup of eximtesthost.test.ex (A) succeeded local host has lowest MX -host_find_bydns yield = HOST_FOUND_LOCAL (4); returned hosts: - eximtesthost.test.ex ip4.ip4.ip4.ip4 MX=5 + ╎ host_find_bydns yield = HOST_FOUND_LOCAL (4); returned hosts: + ╎ eximtesthost.test.ex ip4.ip4.ip4.ip4 MX=5 ╎ mxt1.test.ex in "@mx_any"? yes (matched "@mx_any") end sublist anymx mxt1.test.ex in "+anymx"? yes (matched "+anymx") diff --git a/test/stderr/0513 b/test/stderr/0513 index ebce3cc35..53c05b205 100644 --- a/test/stderr/0513 +++ b/test/stderr/0513 @@ -24,10 +24,12 @@ >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing x@mxt2.test.ex >>> calling r1 router ->>> mxt2.test.ex in dnssec_require_domains? no (option unset) ->>> mxt2.test.ex in dnssec_request_domains? ->>> list element: * ->>> mxt2.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> mxt2.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> mxt2.test.ex in dnssec_request_domains? +>>> list element: * +>>> mxt2.test.ex in dnssec_request_domains? yes (matched "*") >>> r1 router declined for x@mxt2.test.ex >>> no more routers >>> ----------- end verify ------------ diff --git a/test/stderr/0545 b/test/stderr/0545 index 99f56d761..174c8508a 100644 --- a/test/stderr/0545 +++ b/test/stderr/0545 @@ -18,10 +18,12 @@ local_part=userx domain=alias-eximtesthost calling dns router dns router called for userx@alias-eximtesthost domain = alias-eximtesthost -alias-eximtesthost in dnssec_require_domains? no (option unset) -alias-eximtesthost in dnssec_request_domains? - list element: * - alias-eximtesthost in dnssec_request_domains? yes (matched "*") +check dnssec require list + alias-eximtesthost in dnssec_require_domains? no (option unset) +check dnssec request list + alias-eximtesthost in dnssec_request_domains? + list element: * + alias-eximtesthost in dnssec_request_domains? yes (matched "*") DNS lookup of alias-eximtesthost (MX) using fakens DNS lookup of alias-eximtesthost (MX) succeeded CNAME found: change to eximtesthost.test.ex @@ -51,10 +53,12 @@ local_part=userx domain=alias-eximtesthost.test.ex calling dns router dns router called for userx@alias-eximtesthost.test.ex domain = alias-eximtesthost.test.ex -alias-eximtesthost.test.ex in dnssec_require_domains? no (option unset) -alias-eximtesthost.test.ex in dnssec_request_domains? - list element: * - alias-eximtesthost.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + alias-eximtesthost.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + alias-eximtesthost.test.ex in dnssec_request_domains? + list element: * + alias-eximtesthost.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of alias-eximtesthost.test.ex (MX) using fakens DNS lookup of alias-eximtesthost.test.ex (MX) succeeded CNAME found: change to eximtesthost.test.ex @@ -99,10 +103,12 @@ local_part=userx domain=alias-eximtesthost.test.ex calling dns router dns router called for userx@alias-eximtesthost.test.ex domain = alias-eximtesthost.test.ex -alias-eximtesthost.test.ex in dnssec_require_domains? no (option unset) -alias-eximtesthost.test.ex in dnssec_request_domains? - list element: * - alias-eximtesthost.test.ex in dnssec_request_domains? yes (matched "*") +check dnssec require list + alias-eximtesthost.test.ex in dnssec_require_domains? no (option unset) +check dnssec request list + alias-eximtesthost.test.ex in dnssec_request_domains? + list element: * + alias-eximtesthost.test.ex in dnssec_request_domains? yes (matched "*") DNS lookup of alias-eximtesthost.test.ex (MX) using fakens DNS lookup of alias-eximtesthost.test.ex (MX) succeeded CNAME found: change to eximtesthost.test.ex diff --git a/test/stderr/0588 b/test/stderr/0588 index d7b0d74f2..4f51c0de0 100644 --- a/test/stderr/0588 +++ b/test/stderr/0588 @@ -15,10 +15,12 @@ >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing should_log@delay1500.test.ex >>> calling all router ->>> delay1500.test.ex in dnssec_require_domains? no (option unset) ->>> delay1500.test.ex in dnssec_request_domains? ->>> list element: * ->>> delay1500.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> delay1500.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> delay1500.test.ex in dnssec_request_domains? +>>> list element: * +>>> delay1500.test.ex in dnssec_request_domains? yes (matched "*") LOG: Long A lookup for 'delay1500.test.ex': ssss msec >>> local host found for non-MX address >>> routed by all router @@ -42,10 +44,12 @@ LOG: Long A lookup for 'delay1500.test.ex': ssss msec >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing should_not_log@delay500.test.ex >>> calling all router ->>> delay500.test.ex in dnssec_require_domains? no (option unset) ->>> delay500.test.ex in dnssec_request_domains? ->>> list element: * ->>> delay500.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> delay500.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> delay500.test.ex in dnssec_request_domains? +>>> list element: * +>>> delay500.test.ex in dnssec_request_domains? yes (matched "*") >>> local host found for non-MX address >>> routed by all router >>> ----------- end verify ------------ diff --git a/test/stderr/1000 b/test/stderr/1000 index 65573e245..4d20918e4 100644 --- a/test/stderr/1000 +++ b/test/stderr/1000 @@ -27,8 +27,10 @@ LOG: H=[2001:ab8:37f:20::1] rejected connection in "connect" ACL >>> host in host_lookup? yes (matched "*") >>> looking up host name for V6NET:1234:5:6:7:8:abc:d >>> IP address lookup yielded "test3.ipv6.test.ex" ->>> test3.ipv6.test.ex not in empty list (option unset? cannot trace name) ->>> test3.ipv6.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec require list +>>> test3.ipv6.test.ex not in empty list (option unset? cannot trace name) +>>> check dnssec request list +>>> test3.ipv6.test.ex not in empty list (option unset? cannot trace name) >>> checking addresses for test3.ipv6.test.ex >>> V6NET:1234:5:6:7:8:abc:d OK >>> host in host_reject_connection? no (option unset) diff --git a/test/stderr/1002 b/test/stderr/1002 index cd8cae71f..7dba773b5 100644 --- a/test/stderr/1002 +++ b/test/stderr/1002 @@ -28,6 +28,8 @@ >>> check domains = <+ @mx_any/ignore=<;127.0.0.1;::1 >>> mxt11a.test.ex in "<+ @mx_any/ignore=<;127.0.0.1;::1"? >>> list element: @mx_any/ignore=<;127.0.0.1;::1 +>>> check dnssec require list +>>> check dnssec request list >>> ::1 in "<;127.0.0.1;::1"? >>> list element: 127.0.0.1 >>> list element: ::1 diff --git a/test/stderr/2201 b/test/stderr/2201 index 30f49ff93..8435a4052 100644 --- a/test/stderr/2201 +++ b/test/stderr/2201 @@ -40,8 +40,8 @@ test.ex in domains? database lookup required for test.ex (tainted) dnsdb key: test.ex -DNS lookup of test.ex (TXT) using fakens -DNS lookup of test.ex (TXT) succeeded + DNS lookup of test.ex (TXT) using fakens + DNS lookup of test.ex (TXT) succeeded creating new cache entry lookup yielded: A░TXT░record░for░test.ex. test.ex in domains? yes (matched "dnsdb;test.ex") @@ -111,11 +111,11 @@ unknown in local_parts? database lookup required for unknown (tainted) dnsdb key: unknown -DNS lookup of unknown (TXT) using fakens -DNS lookup of unknown (TXT) gave HOST_NOT_FOUND -returning DNS_NOMATCH -faking res_search(TXT) response length as 65535 - writing neg-cache entry for unknown-TXT-xxxx, ttl 3000 + DNS lookup of unknown (TXT) using fakens + DNS lookup of unknown (TXT) gave HOST_NOT_FOUND + returning DNS_NOMATCH + faking res_search(TXT) response length as 65535 + writing neg-cache entry for unknown-TXT-4900041, ttl 3000 creating new cache entry lookup failed unknown in local_parts? no (end of list) @@ -148,8 +148,8 @@ CALLER@myhost.test.ex in senders? type=dnsdb key="A=myhost.test.ex" opts=NULL database lookup required for A=myhost.test.ex dnsdb key: myhost.test.ex -DNS lookup of myhost.test.ex (A) using fakens -DNS lookup of myhost.test.ex (A) succeeded + DNS lookup of myhost.test.ex (A) using fakens + DNS lookup of myhost.test.ex (A) succeeded creating new cache entry lookup yielded: V4NET.10.10.10 CALLER@myhost.test.ex in senders? yes (matched "dnsdb;A=myhost.test.ex") diff --git a/test/stderr/2202 b/test/stderr/2202 index 08fccbd17..b49cf18fe 100644 --- a/test/stderr/2202 +++ b/test/stderr/2202 @@ -48,15 +48,15 @@ check hosts = +ignore_unknown : *.$sender_address_domain : $sender_address_domai database lookup required for >:defer_never,mxh=cioce.test.again.dns (tainted) dnsdb key: cioce.test.again.dns -DNS lookup of cioce.test.again.dns (MX) using fakens -DNS lookup of cioce.test.again.dns (MX) gave TRY_AGAIN + DNS lookup of cioce.test.again.dns (MX) using fakens + DNS lookup of cioce.test.again.dns (MX) gave TRY_AGAIN cioce.test.again.dns in dns_again_means_nonexist? list element: * cioce.test.again.dns in dns_again_means_nonexist? yes (matched "*") -cioce.test.again.dns is in dns_again_means_nonexist: returning DNS_NOMATCH -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - writing neg-cache entry for cioce.test.again.dns-MX-xxxx, ttl -1 + cioce.test.again.dns is in dns_again_means_nonexist: returning DNS_NOMATCH + DNS: couldn't fake dnsa len + DNS: no SOA record found for neg-TTL + writing neg-cache entry for cioce.test.again.dns-MX-4900041, ttl -1 creating new cache entry lookup failed host in "+ignore_unknown : *.cioce.test.again.dns : cioce.test.again.dns : "? @@ -64,15 +64,17 @@ host in "+ignore_unknown : *.cioce.test.again.dns : cioce.test.again.dns : "? list element: *.cioce.test.again.dns sender host name required, to match against *.cioce.test.again.dns looking up host name for ip4.ip4.ip4.ip4 -DNS lookup of ip4-reverse.in-addr.arpa (PTR) using fakens -DNS lookup of ip4-reverse.in-addr.arpa (PTR) succeeded + DNS lookup of ip4-reverse.in-addr.arpa (PTR) using fakens + DNS lookup of ip4-reverse.in-addr.arpa (PTR) succeeded IP address lookup yielded "the.local.host.name" - the.local.host.name not in empty list (option unset? cannot trace name) - the.local.host.name not in empty list (option unset? cannot trace name) -DNS lookup of the.local.host.name (A) using fakens -DNS lookup of the.local.host.name (A) succeeded + check dnssec require list + the.local.host.name not in empty list (option unset? cannot trace name) + check dnssec request list + the.local.host.name not in empty list (option unset? cannot trace name) + DNS lookup of the.local.host.name (A) using fakens + DNS lookup of the.local.host.name (A) succeeded local host found for non-MX address -the.local.host.name ip4.ip4.ip4.ip4 mx=-1 sort=xx + the.local.host.name ip4.ip4.ip4.ip4 mx=-1 sort=xx checking addresses for the.local.host.name Forward DNS security status: unverified ip4.ip4.ip4.ip4 OK @@ -80,15 +82,15 @@ sender_fullhost = the.local.host.name (test) [ip4.ip4.ip4.ip4] sender_rcvhost = the.local.host.name ([ip4.ip4.ip4.ip4] helo=test) list element: cioce.test.again.dns using host_fake_gethostbyname for cioce.test.again.dns (IPv4) -DNS lookup of cioce.test.again.dns (A) using fakens -DNS lookup of cioce.test.again.dns (A) gave TRY_AGAIN + DNS lookup of cioce.test.again.dns (A) using fakens + DNS lookup of cioce.test.again.dns (A) gave TRY_AGAIN cioce.test.again.dns in dns_again_means_nonexist? list element: * cioce.test.again.dns in dns_again_means_nonexist? yes (matched "*") -cioce.test.again.dns is in dns_again_means_nonexist: returning DNS_NOMATCH -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - writing neg-cache entry for cioce.test.again.dns-A-xxxx, ttl -1 + cioce.test.again.dns is in dns_again_means_nonexist: returning DNS_NOMATCH + DNS: couldn't fake dnsa len + DNS: no SOA record found for neg-TTL + writing neg-cache entry for cioce.test.again.dns-A-49000c1, ttl -1 host_fake_gethostbyname(af=inet) returned 1 (HOST_NOT_FOUND) no IP address found for host cioce.test.again.dns (during SMTP connection from the.local.host.name (test) [ip4.ip4.ip4.ip4]) LOG: host_lookup_failed MAIN @@ -142,27 +144,31 @@ test.again.dns in "+try_again_dns_list"? start sublist try_again_dns_list test.again.dns in "@mx_any"? ╎list element: @mx_any -DNS lookup of test.again.dns (MX) using fakens -DNS lookup of test.again.dns (MX) gave TRY_AGAIN + ╎check dnssec require list + ╎check dnssec request list + ╎DNS lookup of test.again.dns (MX) using fakens + ╎DNS lookup of test.again.dns (MX) gave TRY_AGAIN ╎test.again.dns in dns_again_means_nonexist? ╎ list element: !+try_again_dns_list ╎ start sublist try_again_dns_list ╎ test.again.dns in "@mx_any"? ╎ ╎list element: @mx_any -DNS lookup of test.again.dns (MX) using fakens -DNS lookup of test.again.dns (MX) gave TRY_AGAIN + ╎ ╎check dnssec require list + ╎ ╎check dnssec request list + ╎ ╎DNS lookup of test.again.dns (MX) using fakens + ╎ ╎DNS lookup of test.again.dns (MX) gave TRY_AGAIN LOG: MAIN PANIC dns_again_means_nonexist recursion seen for test.again.dns (assuming nonexist) -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - writing neg-cache entry for test.again.dns-MX-xxxx, ttl -1 + ╎ ╎DNS: couldn't fake dnsa len + ╎ ╎DNS: no SOA record found for neg-TTL + ╎ ╎ writing neg-cache entry for test.again.dns-MX-4100041, ttl -1 ╎ test.again.dns in "@mx_any"? no (end of list) ╎ end sublist try_again_dns_list ╎test.again.dns in dns_again_means_nonexist? yes (end of list) -test.again.dns is in dns_again_means_nonexist: returning DNS_NOMATCH -DNS: couldn't fake dnsa len -DNS: no SOA record found for neg-TTL - update neg-cache entry for test.again.dns-MX-xxxx, ttl -1 + ╎test.again.dns is in dns_again_means_nonexist: returning DNS_NOMATCH + ╎DNS: couldn't fake dnsa len + ╎DNS: no SOA record found for neg-TTL + ╎ update neg-cache entry for test.again.dns-MX-4100041, ttl -1 test.again.dns in "@mx_any"? no (end of list) end sublist try_again_dns_list test.again.dns in "+try_again_dns_list"? no (end of list) diff --git a/test/stderr/3211 b/test/stderr/3211 index 0b8f8c0cf..ef339abf6 100644 --- a/test/stderr/3211 +++ b/test/stderr/3211 @@ -19,10 +19,12 @@ >>> calling skipped router >>> skipped router declined for userx@test.again.dns >>> calling temp router ->>> test.again.dns in dnssec_require_domains? no (option unset) ->>> test.again.dns in dnssec_request_domains? ->>> list element: * ->>> test.again.dns in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> test.again.dns in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> test.again.dns in dnssec_request_domains? +>>> list element: * +>>> test.again.dns in dnssec_request_domains? yes (matched "*") >>> test.again.dns in dns_again_means_nonexist? no (option unset) >>> test.again.dns not in empty list (option unset? cannot trace name) >>> temp router: defer for userx@test.again.dns @@ -51,10 +53,12 @@ LOG: H=(test) [1.2.3.4] F= temporarily rejected RCPT >> list element: !testdb;fail >>> test.again.dns in domains? yes (end of list) >>> calling r1 router ->>> test.again.dns in dnssec_require_domains? no (option unset) ->>> test.again.dns in dnssec_request_domains? ->>> list element: * ->>> test.again.dns in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> test.again.dns in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> test.again.dns in dnssec_request_domains? +>>> list element: * +>>> test.again.dns in dnssec_request_domains? yes (matched "*") >>> test.again.dns in dns_again_means_nonexist? no (option unset) >>> test.again.dns not in empty list (option unset? cannot trace name) >>> r1 router: defer for r1-userx@test.again.dns diff --git a/test/stderr/5840 b/test/stderr/5840 index 03248556d..809092727 100644 --- a/test/stderr/5840 +++ b/test/stderr/5840 @@ -18,10 +18,12 @@ >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing rcptuser@dane256ee.test.ex >>> calling client router ->>> dane256ee.test.ex in dnssec_require_domains? no (option unset) ->>> dane256ee.test.ex in dnssec_request_domains? ->>> list element: * ->>> dane256ee.test.ex in dnssec_request_domains? yes (matched "*") +>>> check dnssec require list +>>> dane256ee.test.ex in dnssec_require_domains? no (option unset) +>>> check dnssec request list +>>> dane256ee.test.ex in dnssec_request_domains? +>>> list element: * +>>> dane256ee.test.ex in dnssec_request_domains? yes (matched "*") >>> local host found for non-MX address >>> routed by client router >>> Attempting full verification using callout