Author: bago
Date: Tue Aug 19 02:16:58 2008
New Revision: 687003
URL: http://svn.apache.org/viewvc?rev=687003&view=rev
Log:
Update rfc4408-tests.yml testsuite from current OpenSPF head to expose the
macro expansion bug (JSPF-66)
Modified:
james/jspf/trunk/tester/src/main/resources/org/apache/james/jspf/rfc4408-tests.yml
Modified:
james/jspf/trunk/tester/src/main/resources/org/apache/james/jspf/rfc4408-tests.yml
URL:
http://svn.apache.org/viewvc/james/jspf/trunk/tester/src/main/resources/org/apache/james/jspf/rfc4408-tests.yml?rev=687003&r1=687002&r2=687003&view=diff
==============================================================================
---
james/jspf/trunk/tester/src/main/resources/org/apache/james/jspf/rfc4408-tests.yml
(original)
+++
james/jspf/trunk/tester/src/main/resources/org/apache/james/jspf/rfc4408-tests.yml
Tue Aug 19 02:16:58 2008
@@ -1,4 +1,4 @@
-# This is the openspf.org test suite (version 2007.05) based on RFC 4408.
+# This is the openspf.org test suite based on RFC 4408.
# http://www.openspf.org/Test_Suite
#
# $Id$
@@ -7,13 +7,12 @@
# See rfc4408-tests.CHANGES for a changelog.
#
# Contributors:
-# Stuart D Gathman everything so far
-# Julian Mehnle proofread YAML syntax, spelling, formal schema
-# Informal contributors (suggestions but no code):
-# Craig Whitmore
+# Stuart D Gathman 90% of the tests
+# Julian Mehnle some tests, proofread YAML syntax, formal schema
# Frank Ellermann
-# Wayne Schlitt
# Scott Kitterman
+# Wayne Schlitt
+# Craig Whitmore
# Norman Maurer
# Mark Shewmaker
# Philip Gladstone
@@ -365,13 +364,14 @@
comment: >-
An empty domain label, i.e. two successive dots, in a mechanism
target-name is valid domain-spec syntax, even though a DNS query cannot
- be composed from it. In analogy to 4.3/1 and 5/10/3, the mechanism
- should then be treated as a no-match.
+ be composed from it. The spec being unclear about it, this could either
+ be considered a syntax error, or, by analogy to 4.3/1 and 5/10/3, the
+ mechanism chould be treated as a no-match.
spec: [4.3/1, 5/10/3]
helo: mail.example.com
host: 1.2.3.4
mailfrom: [EMAIL PROTECTED]
- result: fail
+ result: [permerror, fail]
invalid-domain-long:
description: >-
target-name that is a valid domain-spec per RFC 4408 but an invalid
@@ -379,13 +379,14 @@
comment: >-
A domain label longer than 63 characters in a mechanism target-name is
valid domain-spec syntax, even though a DNS query cannot be composed
- from it. In analogy to 4.3/1 and 5/10/3, the mechanism should then be
- treated as a no-match.
+ from it. The spec being unclear about it, this could either be
+ considered a syntax error, or, by analogy to 4.3/1 and 5/10/3, the
+ mechanism chould be treated as a no-match.
spec: [4.3/1, 5/10/3]
helo: mail.example.com
host: 1.2.3.4
mailfrom: [EMAIL PROTECTED]
- result: fail
+ result: [permerror,fail]
invalid-domain-long-via-macro:
description: >-
target-name that is a valid domain-spec per RFC 4408 but an invalid
@@ -394,13 +395,14 @@
A domain label longer than 63 characters that results from macro
expansion in a mechanism target-name is valid domain-spec syntax (and is
not even subject to syntax checking after macro expansion), even though
- a DNS query cannot be composed from it. In analogy to 4.3/1 and 5/10/3,
- the mechanism should then be treated as a no-match.
+ a DNS query cannot be composed from it. The spec being unclear about
+ it, this could either be considered a syntax error, or, by analogy to
+ 4.3/1 and 5/10/3, the mechanism chould be treated as a no-match.
spec: [4.3/1, 5/10/3]
helo: "%%%%%%%%%%%%%%%%%%%%%%"
host: 1.2.3.4
mailfrom: [EMAIL PROTECTED]
- result: fail
+ result: [permerror,fail]
zonedata:
mail.example.com:
- A: 1.2.3.4
@@ -614,9 +616,8 @@
result: pass
a-bad-domain:
description: >-
- domain-spec must pass basic syntax checks
- comment: >-
- A ':' may appear in domain-spec, but not in top-label.
+ domain-spec must pass basic syntax checks;
+ a ':' may appear in domain-spec, but not in top-label
spec: 8.1/2
helo: mail.example.com
host: 1.2.3.4
@@ -682,7 +683,7 @@
result: fail
a-null:
description: >-
- Null not allowed in top-label.
+ Null octets not allowed in toplabel
spec: 8.1/2
helo: mail.example.com
host: 1.2.3.5
@@ -690,7 +691,7 @@
result: permerror
a-numeric:
description: >-
- Top-label may not be all numeric
+ toplabel may not be all numeric
comment: >-
A common publishing mistake is using ip4 addresses with A mechanism.
This should receive special diagnostic attention in the permerror.
@@ -699,26 +700,50 @@
host: 1.2.3.4
mailfrom: [EMAIL PROTECTED]
result: permerror
- a-numeric-top-label:
+ a-numeric-toplabel:
description: >-
- Top-label may not be all numeric
+ toplabel may not be all numeric
spec: 8.1/2
helo: mail.example.com
host: 1.2.3.4
mailfrom: [EMAIL PROTECTED]
result: permerror
- a-only-top-label:
+ a-dash-in-toplabel:
+ description: >-
+ toplabel may contain dashes
+ comment: >-
+ Going from the "toplabel" grammar definition, an implementation using
+ regular expressions in incrementally parsing SPF records might
+ erroneously try to match a TLD such as ".xn--zckzah" (cf. IDN TLDs!) to
+ '( *alphanum ALPHA *alphanum )' first before trying the alternative
+ '( 1*alphanum "-" *( alphanum / "-" ) alphanum )', essentially causing
+ a non-greedy, and thus, incomplete match. Make sure a greedy match is
+ performed!
+ spec: 8.1/2
+ helo: mail.example.com
+ host: 1.2.3.4
+ mailfrom: [EMAIL PROTECTED]
+ result: pass
+ a-bad-toplabel:
+ description: >-
+ toplabel may not begin with a dash
+ spec: 8.1/2
+ helo: mail.example.com
+ host: 1.2.3.4
+ mailfrom: [EMAIL PROTECTED]
+ result: permerror
+ a-only-toplabel:
description: >-
- Domain-spec may not consist of only a top-label without a leading dot.
+ domain-spec may not consist of only a toplabel.
spec: 8.1/2
helo: mail.example.com
host: 1.2.3.4
mailfrom: [EMAIL PROTECTED]
result: permerror
- a-only-top-label-trailing-dot:
+ a-only-toplabel-trailing-dot:
description: >-
- Domain-spec may not consist of only a top-label without a leading dot.
- comment:
+ domain-spec may not consist of only a toplabel.
+ comment: >-
"A trailing dot doesn't help."
spec: 8.1/2
helo: mail.example.com
@@ -727,7 +752,7 @@
result: permerror
a-colon-domain:
description: >-
- Domain-spec may contain any visible char except %
+ domain-spec may contain any visible char except %
spec: 8.1/2
helo: mail.example.com
host: 1.2.3.4
@@ -735,20 +760,12 @@
result: pass
a-colon-domain-ip4mapped:
description: >-
- Domain-spec may contain any visible char except %
+ domain-spec may contain any visible char except %
spec: 8.1/2
helo: mail.example.com
host: ::FFFF:1.2.3.4
mailfrom: [EMAIL PROTECTED]
result: pass
- a-bad-toplab:
- description: >-
- Toplabel may not begin with -
- spec: 8.1/2
- helo: mail.example.com
- host: 1.2.3.4
- mailfrom: [EMAIL PROTECTED]
- result: permerror
a-empty-domain:
description: >-
domain-spec cannot be empty.
@@ -803,6 +820,10 @@
- SPF: v=spf1 a:example.-com
e13.example.com:
- SPF: "v=spf1 a:"
+ e14.example.com:
+ - SPF: "v=spf1 a:foo.example.xn--zckzah -all"
+ foo.example.xn--zckzah:
+ - A: 1.2.3.4
---
description: Include mechanism semantics and syntax
tests:
@@ -1752,6 +1773,15 @@
host: 192.168.218.40
mailfrom: [EMAIL PROTECTED]
result: permerror
+ macro-mania-in-domain:
+ description: >-
+ macro-encoded percents (%%), spaces (%_), and URL-percent-encoded
+ spaces (%-)
+ spec: 8.1/3, 8.1/4
+ helo: mail.example.com
+ host: 1.2.3.4
+ mailfrom: [EMAIL PROTECTED]
+ result: pass
exp-txt-macro-char:
spec: 8.1/20
description: >-
@@ -1930,6 +1960,10 @@
- TXT: This is a test.
e1.example.com:
- SPF: v=spf1 -exists:%(ir).sbl.example.com ?all
+ e1a.example.com:
+ - SPF: "v=spf1 a:macro%%percent%_%_space%-url-space.example.com -all"
+ "macro%percent space%20url-space.example.com":
+ - A: 1.2.3.4
e2.example.com:
- SPF: v=spf1 -all exp=%{r}.example.com
e3.example.com:
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
