mirror of
https://github.com/StackExchange/dnscontrol.git
synced 2025-02-24 23:53:01 +08:00
MSDNS: Fix failing DNS integration tests (#2734)
This commit is contained in:
Tom Limoncelli
GitHub
parent
0ca55815f8
commit
258654532a
4 changed files with 80 additions and 30 deletions
68
commands/types/dnscontrol.d.ts
vendored
68
commands/types/dnscontrol.d.ts
vendored
|
|
@ -377,7 +377,7 @@ declare function CAA(name: string, tag: "issue" | "issuewild" | "iodef", value:
|
|||
*
|
||||
* ## Example
|
||||
*
|
||||
* For example you can use:
|
||||
* ### Simple example
|
||||
*
|
||||
* ```javascript
|
||||
* CAA_BUILDER({
|
||||
|
|
@ -392,7 +392,62 @@ declare function CAA(name: string, tag: "issue" | "issuewild" | "iodef", value:
|
|||
* })
|
||||
* ```
|
||||
*
|
||||
* The parameters are:
|
||||
* `CAA_BUILDER()` builds multiple records:
|
||||
*
|
||||
* ```javascript
|
||||
* CAA("@", "iodef", "mailto:test@example.com", CAA_CRITICAL)
|
||||
* CAA("@", "issue", "letsencrypt.org")
|
||||
* CAA("@", "issue", "comodoca.com")
|
||||
* CAA("@", "issuewild", ";")
|
||||
* ```
|
||||
*
|
||||
* which in turns yield the following records:
|
||||
*
|
||||
* ```text
|
||||
* @ 300 IN CAA 128 iodef "mailto:test@example.com"
|
||||
* @ 300 IN CAA 0 issue "letsencrypt.org"
|
||||
* @ 300 IN CAA 0 issue "comodoca.com"
|
||||
* @ 300 IN CAA 0 issuewild ";"
|
||||
* ```
|
||||
*
|
||||
* ### Example with CAA_CRITICAL flag on all records
|
||||
*
|
||||
* The same example can be enriched with CAA_CRITICAL on all records:
|
||||
*
|
||||
* ```javascript
|
||||
* CAA_BUILDER({
|
||||
* label: "@",
|
||||
* iodef: "mailto:test@example.com",
|
||||
* iodef_critical: true,
|
||||
* issue: [
|
||||
* "letsencrypt.org",
|
||||
* "comodoca.com",
|
||||
* ],
|
||||
* issue_critical: true,
|
||||
* issuewild: "none",
|
||||
* issuewild_critical: true,
|
||||
* })
|
||||
* ```
|
||||
*
|
||||
* `CAA_BUILDER()` then builds (the same) multiple records - all with CAA_CRITICAL flag set:
|
||||
*
|
||||
* ```javascript
|
||||
* CAA("@", "iodef", "mailto:test@example.com", CAA_CRITICAL)
|
||||
* CAA("@", "issue", "letsencrypt.org", CAA_CRITICAL)
|
||||
* CAA("@", "issue", "comodoca.com", CAA_CRITICAL)
|
||||
* CAA("@", "issuewild", ";", CAA_CRITICAL)
|
||||
* ```
|
||||
*
|
||||
* which in turns yield the following records:
|
||||
*
|
||||
* ```text
|
||||
* @ 300 IN CAA 128 iodef "mailto:test@example.com"
|
||||
* @ 300 IN CAA 128 issue "letsencrypt.org"
|
||||
* @ 300 IN CAA 128 issue "comodoca.com"
|
||||
* @ 300 IN CAA 128 issuewild ";"
|
||||
* ```
|
||||
*
|
||||
* ### Parameters
|
||||
*
|
||||
* * `label:` The label of the CAA record. (Optional. Default: `"@"`)
|
||||
* * `iodef:` Report all violation to configured mail address.
|
||||
|
|
@ -402,15 +457,6 @@ declare function CAA(name: string, tag: "issue" | "issuewild" | "iodef", value:
|
|||
* * `issuewild:` An array of CAs which are allowed to issue wildcard certificates. (Can be simply `"none"` to refuse issuing wildcard certificates for all CAs)
|
||||
* * `issuewild_critical:` This can be `true` or `false`. If enabled and CA does not support this record, then certificate issue will be refused. (Optional. Default: `false`)
|
||||
*
|
||||
* `CAA_BUILDER()` returns multiple records (when configured as example above):
|
||||
*
|
||||
* ```javascript
|
||||
* CAA("@", "iodef", "mailto:test@example.com", CAA_CRITICAL)
|
||||
* CAA("@", "issue", "letsencrypt.org")
|
||||
* CAA("@", "issue", "comodoca.com")
|
||||
* CAA("@", "issuewild", ";")
|
||||
* ```
|
||||
*
|
||||
* @see https://docs.dnscontrol.org/language-reference/domain-modifiers/caa_builder
|
||||
*/
|
||||
declare function CAA_BUILDER(opts: { label?: string; iodef: string; iodef_critical?: boolean; issue: string[]; issue_critical?: boolean; issuewild: string[]; issuewild_critical?: boolean }): DomainModifier;
|
||||
|
|
|
|||
|
|
@ -17,15 +17,6 @@ func TxtHasBackslash(rc *models.RecordConfig) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// TxtStartsOrEndsWithSpaces audits TXT records that starts or ends with spaces
|
||||
func TxtStartsOrEndsWithSpaces(rc *models.RecordConfig) error {
|
||||
txt := rc.GetTargetTXTJoined()
|
||||
if len(txt) > 0 && (txt[0] == ' ' || txt[len(txt)-1] == ' ') {
|
||||
return fmt.Errorf("txtstring starts or ends with spaces")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// TxtHasBackticks audits TXT records for strings that contain backticks.
|
||||
func TxtHasBackticks(rc *models.RecordConfig) error {
|
||||
if strings.Contains(rc.GetTargetTXTJoined(), "`") {
|
||||
|
|
@ -42,6 +33,14 @@ func TxtHasDoubleQuotes(rc *models.RecordConfig) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// TxtHasSemicolon audits TXT records for strings that contain backticks.
|
||||
func TxtHasSemicolon(rc *models.RecordConfig) error {
|
||||
if strings.Contains(rc.GetTargetTXTJoined(), ";") {
|
||||
return fmt.Errorf("txtstring contains semicolon")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// TxtHasSingleQuotes audits TXT records for strings that contain single-quotes.
|
||||
func TxtHasSingleQuotes(rc *models.RecordConfig) error {
|
||||
if strings.Contains(rc.GetTargetTXTJoined(), "'") {
|
||||
|
|
@ -75,14 +74,6 @@ func TxtIsEmpty(rc *models.RecordConfig) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// TxtLongerThan255 audits TXT records for multiple strings
|
||||
func TxtLongerThan255(rc *models.RecordConfig) error {
|
||||
if len(rc.GetTargetTXTJoined()) > 255 {
|
||||
return fmt.Errorf("TXT records longer than 255 octets (chars)")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// TxtLongerThan returns a function that audits TXT records for length
|
||||
// greater than maxLength.
|
||||
func TxtLongerThan(maxLength int) func(rc *models.RecordConfig) error {
|
||||
|
|
@ -94,3 +85,12 @@ func TxtLongerThan(maxLength int) func(rc *models.RecordConfig) error {
|
|||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// TxtStartsOrEndsWithSpaces audits TXT records that starts or ends with spaces
|
||||
func TxtStartsOrEndsWithSpaces(rc *models.RecordConfig) error {
|
||||
txt := rc.GetTargetTXTJoined()
|
||||
if len(txt) > 0 && (txt[0] == ' ' || txt[len(txt)-1] == ' ') {
|
||||
return fmt.Errorf("txtstring starts or ends with spaces")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ func AuditRecords(records []*models.RecordConfig) []error {
|
|||
|
||||
a.Add("MX", rejectif.MxNull) // Last verified 2023-03
|
||||
|
||||
a.Add("TXT", rejectif.TxtLongerThan255) // Last verified 2023-03
|
||||
a.Add("TXT", rejectif.TxtLongerThan(255)) // Last verified 2023-03
|
||||
|
||||
a.Add("TXT", rejectif.TxtHasTrailingSpace) // Last verified 2023-03
|
||||
|
||||
|
|
|
|||
|
|
@ -15,15 +15,19 @@ func AuditRecords(records []*models.RecordConfig) []error {
|
|||
|
||||
a.Add("SRV", rejectif.SrvHasNullTarget) // Last verified 20-0212-28
|
||||
|
||||
a.Add("TXT", rejectif.TxtHasBackslash) // Last verified 2023-12-18
|
||||
|
||||
a.Add("TXT", rejectif.TxtHasBackticks) // Last verified 2023-02-02
|
||||
|
||||
a.Add("TXT", rejectif.TxtHasDoubleQuotes) // Last verified 2023-02-02
|
||||
|
||||
a.Add("TXT", rejectif.TxtLongerThan(255)) // Last verified 2023-02-02
|
||||
a.Add("TXT", rejectif.TxtHasSemicolon) // Last verified 2023-12-18
|
||||
|
||||
a.Add("TXT", rejectif.TxtHasSingleQuotes) // Last verified 2023-02-02
|
||||
|
||||
a.Add("TXT", rejectif.TxtIsEmpty) // Last verified 2023-02-02
|
||||
|
||||
a.Add("TXT", rejectif.TxtLongerThan(254)) // Last verified 2023-12-18
|
||||
|
||||
return a.Audit(records)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue