Commit 3b187cad authored by Mark Andrews's avatar Mark Andrews
Browse files

3873. [protocol] Only warn for SPF without TXT spf record. [RT #36210]

parent 0accdb26
3873. [protocol] Only warn for SPF without TXT spf record. [RT #36210]
3872. [bug] Address issues found by static analysis. [RT #36209]
3871. [bug] Don't publish an activated key automatically before
......
......@@ -24,19 +24,16 @@ echo "I:checking that SPF warnings have been correctly generated ($n)"
ret=0
grep "zone spf/IN: loaded serial 0" ns1/named.run > /dev/null || ret=1
grep "'x.spf' found SPF/TXT" ns1/named.run > /dev/null || ret=1
grep "'y.spf' found SPF/SPF" ns1/named.run > /dev/null || ret=1
grep "'spf' found SPF/" ns1/named.run > /dev/null && ret=1
grep "'y.spf' found type SPF" ns1/named.run > /dev/null || ret=1
grep "'spf' found type SPF" ns1/named.run > /dev/null && ret=1
grep "zone warn/IN: loaded serial 0" ns1/named.run > /dev/null || ret=1
grep "'x.warn' found SPF/TXT" ns1/named.run > /dev/null || ret=1
grep "'y.warn' found SPF/SPF" ns1/named.run > /dev/null || ret=1
grep "'warn' found SPF/" ns1/named.run > /dev/null && ret=1
grep "'y.warn' found type SPF" ns1/named.run > /dev/null || ret=1
grep "'warn' found type SPF" ns1/named.run > /dev/null && ret=1
grep "zone nowarn/IN: loaded serial 0" ns1/named.run > /dev/null || ret=1
grep "'x.nowarn' found SPF/" ns1/named.run > /dev/null && ret=1
grep "'y.nowarn' found SPF/" ns1/named.run > /dev/null && ret=1
grep "'nowarn' found SPF/" ns1/named.run > /dev/null && ret=1
grep "'y.nowarn' found type SPF" ns1/named.run > /dev/null && ret=1
grep "'nowarn' found type SPF" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
......
......@@ -2913,16 +2913,13 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) {
dns_rdataset_disassociate(&rdataset);
notxt:
if (have_spf != have_txt) {
if (have_spf && !have_txt) {
char namebuf[DNS_NAME_FORMATSIZE];
const char *found = have_txt ? "TXT" : "SPF";
const char *need = have_txt ? "SPF" : "TXT";
dns_name_format(name, namebuf, sizeof(namebuf));
dns_zone_log(zone, ISC_LOG_WARNING, "'%s' found SPF/%s "
"record but no SPF/%s record found, add "
"matching type %s record", namebuf, found,
need, need);
dns_zone_log(zone, ISC_LOG_WARNING, "'%s' found type "
"SPF record but no SPF TXT record found, "
"add matching type TXT record", namebuf);
}
next:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment