forked from pool/python-checkdmarc
Steve Kowalik
7f1ac1cbd4
* Ignore UnicodeDecodeError exceptions when querying for TXT records
* Check DNSSEC on MX hostnames
* USE DNSSEC when requesting DNSKEY records
* Do not require an RRSIG answer when querying for DNSKEY records
* Pass in nameservers and timeout when running get_dnskey recursively
* Properly cache DNSKEY answers
* Fix exception handling for query_mta_sts_record
* Check for TLSA records
* Add support for parsing SMTP TLS Reporting (RFC8460) DNS records
* Add missing import dns.dnssec
* Always use the actual subdomain or domain provided
* Include MTA-STS and BIMI results in CSV output
* Added the include_tag_descriptions parameter to
checkdmarc.bimi.check_bimi()
* Added the exception class MTASTSPolicyDownloadError
* Major refactoring: Change from a single module to a package of modules,
with each checked standard as its own package
* Add support for MTA-STS RFC 8461
* Add support for BIMI
* Specify a BIMI selector using the --bimi-selector/-b option
* Fix SPF query error and warning messages
* Add support for null MX records - RFC 7505
* Make DMARC retorting URI error messages more clear
* Fix compatibility with Python 3.8
* SPFRecordNotFound exception now includes a domain argument
* The DMARC missing authorization error message now includes the full
expected DNS record
* Properly parse DMARC and BIMI records for domains that do not have an
identified base domain
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=5
59 lines
2.3 KiB
Diff
59 lines
2.3 KiB
Diff
--- tests.py~ 2024-02-29 12:22:56.007309853 +1100
|
|
+++ tests.py 2024-02-29 12:25:49.618057933 +1100
|
|
@@ -3,6 +3,7 @@
|
|
|
|
"""Automated tests"""
|
|
|
|
+import os.path
|
|
import unittest
|
|
from collections import OrderedDict
|
|
|
|
@@ -94,6 +95,7 @@
|
|
|
|
self.assertEqual(len(results["warnings"]), 0)
|
|
|
|
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
|
|
def testSplitSPFRecord(self):
|
|
"""Split SPF records are parsed properly"""
|
|
|
|
@@ -129,6 +131,7 @@
|
|
self.assertRaises(checkdmarc.spf.SPFRecordNotFound,
|
|
checkdmarc.spf.parse_spf_record, spf_record, domain)
|
|
|
|
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
|
|
def testTooManySPFDNSLookups(self):
|
|
"""SPF records with > 10 SPF mechanisms that cause DNS lookups raise
|
|
SPFTooManyDNSLookups"""
|
|
@@ -144,6 +147,7 @@
|
|
self.assertRaises(checkdmarc.spf.SPFTooManyDNSLookups,
|
|
checkdmarc.spf.parse_spf_record, spf_record, domain)
|
|
|
|
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
|
|
def testTooManySPFVoidDNSLookups(self):
|
|
"""SPF records with > 2 void DNS lookups"""
|
|
|
|
@@ -216,6 +220,7 @@
|
|
self.assertRaises(checkdmarc.spf.SPFIncludeLoop,
|
|
checkdmarc.spf.parse_spf_record, spf_record, domain)
|
|
|
|
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
|
|
def testSPFMissingMXRecord(self):
|
|
"""A warning is issued if an SPF record contains a mx mechanism
|
|
pointing to a domain that has no MX records"""
|
|
@@ -226,6 +231,7 @@
|
|
self.assertIn("{0} does not have any MX records".format(domain),
|
|
results["warnings"])
|
|
|
|
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
|
|
def testSPFMissingARecord(self):
|
|
"""A warning is issued if an SPF record contains a mx mechanism
|
|
pointing to a domain that has no A records"""
|
|
@@ -236,6 +242,7 @@
|
|
self.assertIn("cardinalhealth.net does not have any A/AAAA records",
|
|
results["warnings"])
|
|
|
|
+ @unittest.skipUnless(os.path.exists("/etc/resolv.conf"), "no network")
|
|
def testDMARCPctLessThan100Warning(self):
|
|
"""A warning is issued if the DMARC pvt value is less than 100"""
|
|
|