python/python-checkdmarc
SHA256
15
0
Fork 0
forked from pool/python-checkdmarc
Code Pull Requests Activity
Files
ad66934638437275d2c047219dbf042e28a2e91c7dfb0489fe69962905c7a911
python-checkdmarc/skip-network-tests.patch

69 lines
2.3 KiB
Diff
Raw Normal View History

Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
diff --git a/tests.py b/tests.py
index 8e58708..65605d4 100755
--- a/tests.py
+++ b/tests.py
- Update to 5.3.1: * Ignore UnicodeDecodeError exceptions when querying for TXT records * Check DNSSEC on MX hostnames * USE DNSSEC when requesting DNSKEY records * Do not require an RRSIG answer when querying for DNSKEY records * Pass in nameservers and timeout when running get_dnskey recursively * Properly cache DNSKEY answers * Fix exception handling for query_mta_sts_record * Check for TLSA records * Add support for parsing SMTP TLS Reporting (RFC8460) DNS records * Add missing import dns.dnssec * Always use the actual subdomain or domain provided * Include MTA-STS and BIMI results in CSV output * Added the include_tag_descriptions parameter to checkdmarc.bimi.check_bimi() * Added the exception class MTASTSPolicyDownloadError * Major refactoring: Change from a single module to a package of modules, with each checked standard as its own package * Add support for MTA-STS RFC 8461 * Add support for BIMI * Specify a BIMI selector using the --bimi-selector/-b option * Fix SPF query error and warning messages * Add support for null MX records - RFC 7505 * Make DMARC retorting URI error messages more clear * Fix compatibility with Python 3.8 * SPFRecordNotFound exception now includes a domain argument * The DMARC missing authorization error message now includes the full expected DNS record * Properly parse DMARC and BIMI records for domains that do not have an identified base domain OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
2024-02-29 01:48:13 +00:00
@@ -3,6 +3,7 @@
"""Automated tests"""
+import os.path
import unittest
from collections import OrderedDict
Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
@@ -99,6 +100,7 @@ class Test(unittest.TestCase):
- Update to 5.3.1: * Ignore UnicodeDecodeError exceptions when querying for TXT records * Check DNSSEC on MX hostnames * USE DNSSEC when requesting DNSKEY records * Do not require an RRSIG answer when querying for DNSKEY records * Pass in nameservers and timeout when running get_dnskey recursively * Properly cache DNSKEY answers * Fix exception handling for query_mta_sts_record * Check for TLSA records * Add support for parsing SMTP TLS Reporting (RFC8460) DNS records * Add missing import dns.dnssec * Always use the actual subdomain or domain provided * Include MTA-STS and BIMI results in CSV output * Added the include_tag_descriptions parameter to checkdmarc.bimi.check_bimi() * Added the exception class MTASTSPolicyDownloadError * Major refactoring: Change from a single module to a package of modules, with each checked standard as its own package * Add support for MTA-STS RFC 8461 * Add support for BIMI * Specify a BIMI selector using the --bimi-selector/-b option * Fix SPF query error and warning messages * Add support for null MX records - RFC 7505 * Make DMARC retorting URI error messages more clear * Fix compatibility with Python 3.8 * SPFRecordNotFound exception now includes a domain argument * The DMARC missing authorization error message now includes the full expected DNS record * Properly parse DMARC and BIMI records for domains that do not have an identified base domain OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
2024-02-29 01:48:13 +00:00
self.assertEqual(len(results["warnings"]), 0)
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
def testSplitSPFRecord(self):
"""Split SPF records are parsed properly"""
Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
@@ -140,6 +142,7 @@ class Test(unittest.TestCase):
domain,
)
- Update to 5.3.1: * Ignore UnicodeDecodeError exceptions when querying for TXT records * Check DNSSEC on MX hostnames * USE DNSSEC when requesting DNSKEY records * Do not require an RRSIG answer when querying for DNSKEY records * Pass in nameservers and timeout when running get_dnskey recursively * Properly cache DNSKEY answers * Fix exception handling for query_mta_sts_record * Check for TLSA records * Add support for parsing SMTP TLS Reporting (RFC8460) DNS records * Add missing import dns.dnssec * Always use the actual subdomain or domain provided * Include MTA-STS and BIMI results in CSV output * Added the include_tag_descriptions parameter to checkdmarc.bimi.check_bimi() * Added the exception class MTASTSPolicyDownloadError * Major refactoring: Change from a single module to a package of modules, with each checked standard as its own package * Add support for MTA-STS RFC 8461 * Add support for BIMI * Specify a BIMI selector using the --bimi-selector/-b option * Fix SPF query error and warning messages * Add support for null MX records - RFC 7505 * Make DMARC retorting URI error messages more clear * Fix compatibility with Python 3.8 * SPFRecordNotFound exception now includes a domain argument * The DMARC missing authorization error message now includes the full expected DNS record * Properly parse DMARC and BIMI records for domains that do not have an identified base domain OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
2024-02-29 01:48:13 +00:00
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
def testTooManySPFDNSLookups(self):
"""SPF records with > 10 SPF mechanisms that cause DNS lookups raise
SPFTooManyDNSLookups"""
Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
@@ -161,6 +164,7 @@ class Test(unittest.TestCase):
domain,
)
- Update to 5.3.1: * Ignore UnicodeDecodeError exceptions when querying for TXT records * Check DNSSEC on MX hostnames * USE DNSSEC when requesting DNSKEY records * Do not require an RRSIG answer when querying for DNSKEY records * Pass in nameservers and timeout when running get_dnskey recursively * Properly cache DNSKEY answers * Fix exception handling for query_mta_sts_record * Check for TLSA records * Add support for parsing SMTP TLS Reporting (RFC8460) DNS records * Add missing import dns.dnssec * Always use the actual subdomain or domain provided * Include MTA-STS and BIMI results in CSV output * Added the include_tag_descriptions parameter to checkdmarc.bimi.check_bimi() * Added the exception class MTASTSPolicyDownloadError * Major refactoring: Change from a single module to a package of modules, with each checked standard as its own package * Add support for MTA-STS RFC 8461 * Add support for BIMI * Specify a BIMI selector using the --bimi-selector/-b option * Fix SPF query error and warning messages * Add support for null MX records - RFC 7505 * Make DMARC retorting URI error messages more clear * Fix compatibility with Python 3.8 * SPFRecordNotFound exception now includes a domain argument * The DMARC missing authorization error message now includes the full expected DNS record * Properly parse DMARC and BIMI records for domains that do not have an identified base domain OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
2024-02-29 01:48:13 +00:00
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
def testTooManySPFVoidDNSLookups(self):
"""SPF records with > 2 void DNS lookups"""
Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
@@ -274,6 +278,7 @@ class Test(unittest.TestCase):
domain,
)
- Update to 5.3.1: * Ignore UnicodeDecodeError exceptions when querying for TXT records * Check DNSSEC on MX hostnames * USE DNSSEC when requesting DNSKEY records * Do not require an RRSIG answer when querying for DNSKEY records * Pass in nameservers and timeout when running get_dnskey recursively * Properly cache DNSKEY answers * Fix exception handling for query_mta_sts_record * Check for TLSA records * Add support for parsing SMTP TLS Reporting (RFC8460) DNS records * Add missing import dns.dnssec * Always use the actual subdomain or domain provided * Include MTA-STS and BIMI results in CSV output * Added the include_tag_descriptions parameter to checkdmarc.bimi.check_bimi() * Added the exception class MTASTSPolicyDownloadError * Major refactoring: Change from a single module to a package of modules, with each checked standard as its own package * Add support for MTA-STS RFC 8461 * Add support for BIMI * Specify a BIMI selector using the --bimi-selector/-b option * Fix SPF query error and warning messages * Add support for null MX records - RFC 7505 * Make DMARC retorting URI error messages more clear * Fix compatibility with Python 3.8 * SPFRecordNotFound exception now includes a domain argument * The DMARC missing authorization error message now includes the full expected DNS record * Properly parse DMARC and BIMI records for domains that do not have an identified base domain OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
2024-02-29 01:48:13 +00:00
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
def testSPFMissingMXRecord(self):
"""A warning is issued if an SPF record contains a mx mechanism
pointing to a domain that has no MX records"""
Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
@@ -285,6 +290,7 @@ class Test(unittest.TestCase):
"{0} does not have any MX records".format(domain), results["warnings"]
)
- Update to 5.3.1: * Ignore UnicodeDecodeError exceptions when querying for TXT records * Check DNSSEC on MX hostnames * USE DNSSEC when requesting DNSKEY records * Do not require an RRSIG answer when querying for DNSKEY records * Pass in nameservers and timeout when running get_dnskey recursively * Properly cache DNSKEY answers * Fix exception handling for query_mta_sts_record * Check for TLSA records * Add support for parsing SMTP TLS Reporting (RFC8460) DNS records * Add missing import dns.dnssec * Always use the actual subdomain or domain provided * Include MTA-STS and BIMI results in CSV output * Added the include_tag_descriptions parameter to checkdmarc.bimi.check_bimi() * Added the exception class MTASTSPolicyDownloadError * Major refactoring: Change from a single module to a package of modules, with each checked standard as its own package * Add support for MTA-STS RFC 8461 * Add support for BIMI * Specify a BIMI selector using the --bimi-selector/-b option * Fix SPF query error and warning messages * Add support for null MX records - RFC 7505 * Make DMARC retorting URI error messages more clear * Fix compatibility with Python 3.8 * SPFRecordNotFound exception now includes a domain argument * The DMARC missing authorization error message now includes the full expected DNS record * Properly parse DMARC and BIMI records for domains that do not have an identified base domain OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
2024-02-29 01:48:13 +00:00
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
def testSPFMissingARecord(self):
"""A warning is issued if an SPF record contains a mx mechanism
pointing to a domain that has no A records"""
Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
@@ -296,6 +302,7 @@ class Test(unittest.TestCase):
"cardinalhealth.net does not have any A/AAAA records", results["warnings"]
)
- Update to 5.3.1: * Ignore UnicodeDecodeError exceptions when querying for TXT records * Check DNSSEC on MX hostnames * USE DNSSEC when requesting DNSKEY records * Do not require an RRSIG answer when querying for DNSKEY records * Pass in nameservers and timeout when running get_dnskey recursively * Properly cache DNSKEY answers * Fix exception handling for query_mta_sts_record * Check for TLSA records * Add support for parsing SMTP TLS Reporting (RFC8460) DNS records * Add missing import dns.dnssec * Always use the actual subdomain or domain provided * Include MTA-STS and BIMI results in CSV output * Added the include_tag_descriptions parameter to checkdmarc.bimi.check_bimi() * Added the exception class MTASTSPolicyDownloadError * Major refactoring: Change from a single module to a package of modules, with each checked standard as its own package * Add support for MTA-STS RFC 8461 * Add support for BIMI * Specify a BIMI selector using the --bimi-selector/-b option * Fix SPF query error and warning messages * Add support for null MX records - RFC 7505 * Make DMARC retorting URI error messages more clear * Fix compatibility with Python 3.8 * SPFRecordNotFound exception now includes a domain argument * The DMARC missing authorization error message now includes the full expected DNS record * Properly parse DMARC and BIMI records for domains that do not have an identified base domain OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
2024-02-29 01:48:13 +00:00
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
def testDMARCPctLessThan100Warning(self):
"""A warning is issued if the DMARC pvt value is less than 100"""
Accepting request 1223160 from home:mnhauke - Update to version 5.7.8 * Move SVG validation errors from ["bimi"]["warnings"] to ["bimi"]["image"]["validation_errors"] (#150) - Update to version 5.7.7 * Fix VMC validation errors not appearing. - Update to version 5.7.6 * Fix crash when trying to output to CSV format - Update to version 5.7.5 * Fix BIMI lookup for subdomains that do not have a BIMI record. - Update to version 5.7.4 * Add additional checks for tiny-ps SVG requirements - Update to version 5.7.3 * BIMI images and mark certificates + Better error handling + Simplified warning messages + sha256_hash output fields renamed to sha256 - Update to version 5.7.2 * Account for float SVG sizes - Update to version 5.7.1 * Properly parse a certificate SAN * Certificate warnings fire properly * Make the expires timestamp more readable - Update to version 5.7.0 * checkdmarc will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI l tag. Additionally, SVG and certificate metadata is now included in the checkdmarc.bimi.parse_bimi_record() API and JSON CLI output. OBS-URL: https://build.opensuse.org/request/show/1223160 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=9
2024-11-11 11:34:51 +00:00
@@ -347,6 +354,7 @@ class Test(unittest.TestCase):
domain,
)
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
def testBIMI(self):
"""Test BIMI checks"""
domain = "chase.com"
Copy Permalink