git » spf » commit 0cc9472

test: Update RFC test suite to the latest version

author Alberto Bertogli
2022-08-06 08:21:59 UTC
committer Alberto Bertogli
2022-08-06 10:02:27 UTC
parent 043d2ff0a12fe04dbaade76cb1974545bebc3331
test: Update RFC test suite to the latest version

This patch updates RFC test suite to its latest version, taken from
pyspf's commit 0b985f9692d7ae305774913e67ed639240e237e7.

It introduces two new tests, for correctness on corner cases:
 - Mechanisms are separated by spaces only, not any control char.
 - Referencing the same TXT record through multiple CNAME aliases
testdata/rfc4408-tests.yml +1 -3
testdata/rfc7208-tests.CHANGES +4 -0
testdata/rfc7208-tests.yml +36 -0 
diff --git a/testdata/rfc4408-tests.yml b/testdata/rfc4408-tests.yml
index ac904c9..d39dfd8 100644
--- a/testdata/rfc4408-tests.yml
+++ b/testdata/rfc4408-tests.yml
@@ -8,9 +8,7 @@
 #
 # Contributors:
 #   Stuart D Gathman    90% of the tests
-#   Julian Mehnle       proofread YAML syntax, spelling, formal schema
-# Informal contributors (suggestions but no code):
-#   Craig Whitmore
+#   Julian Mehnle       some tests, proofread YAML syntax, formal schema
 #   Frank Ellermann
 #   Scott Kitterman
 #   Wayne Schlitt
diff --git a/testdata/rfc7208-tests.CHANGES b/testdata/rfc7208-tests.CHANGES
index 1b86914..3ae7c1d 100644
--- a/testdata/rfc7208-tests.CHANGES
+++ b/testdata/rfc7208-tests.CHANGES
@@ -6,6 +6,10 @@
 #   - = Removed a test case or otherwise relaxed a requirement
 #   * = Fixed a bug, or made a minor improvement
 
+--- 2019.08 (UNRELEASED)
+  ! Added multiple tests for creative syntax errors in SPF records
+    that were breaking implementations.
+
 --- 2014.04 (UNRELEASED)
   ! Updates for RFC 7208 (4408bis)
     ! Updated multiple tests not to consider type SPF records under mixed
diff --git a/testdata/rfc7208-tests.yml b/testdata/rfc7208-tests.yml
index cb0933a..7cdac46 100644
--- a/testdata/rfc7208-tests.yml
+++ b/testdata/rfc7208-tests.yml
@@ -159,6 +159,14 @@ tests:
     host: 192.0.2.5
     mailfrom: "silly@null.example.com"
     result: pass
+  badip4:
+    description: >-
+      Mechanisms are separated by spaces only, not any control char.
+    spec: 4.6.1/2
+    helo: foobar
+    host: 192.0.2.5
+    mailfrom: "oops@badip.example.com"
+    result: permerror
 zonedata:
   example.com:
     - TIMEOUT: true
@@ -189,6 +197,8 @@ zonedata:
   null.example.com:
     - SPF: [ "v=spf1 ip4:", "192.0.2.5 -all" ]
     - SPF: [ ]
+  badip.example.com:
+    - SPF:  "v=spf1 ip4:192.0.2.5\x0a include:spf.protection.outlook.com ~all"
 ---
 description: Record lookup
 tests:
@@ -2644,6 +2654,16 @@ tests:
     mailfrom: test@example.org
     result: pass
     strict: 2
+  cname-aliasing:
+    description: >-
+      referencing the same TXT record through multiple CNAME aliases
+    comment: >-
+      Pyspf incorrectly reports multiple SPF records
+    spec: 3.2/1
+    helo: mail.example.org
+    host: 192.0.2.27
+    mailfrom: test@mail.example.org
+    result: fail
 zonedata:
   example.org:
     - SPF: "v=spf1 mx redirect=_spf.example.com"
@@ -2663,3 +2683,19 @@ zonedata:
     - SPF: "v=spf1 ptr:fe.example.org ptr:sgp.example.com exp=_expspf.example.org -all"
   _expspf.example.org:
     - TXT: "Sender domain not allowed from this host. Please see http://www.openspf.org/Why?s=mfrom&id=%{S}&ip=%{C}&r=%{R}"
+  a.example.org:
+    - TXT: "Another TXT record."
+    - TXT: "v=spf1 ip4:192.0.2.225 ?include:webmail.pair.com ?include:relay.pair.com -all"
+    - TXT: "More TXT records."
+    - TXT: "A third TXT record."
+    - AAAA: 2001:db8:ff0:300::4
+  b.example.org:
+    - CNAME: "a.example.org"
+  mail.example.org:
+    - SPF: "v=spf1 include:a.example.org include:b.example.org -all"
+    - A: 192.0.2.28
+  webmail.pair.com:
+    - TXT: "v=spf1 ip4:66.39.3.0/24 ip4:209.68.6.94/32"
+  relay.pair.com:
+    - TXT: "v=spf1 ip4:209.68.5.9/32 ip4:209.68.5.15/32 a -all"
+    - A: 192.0.2.131