Mailing List Archive

include: result confusion?
Hello!

When re-evaluating test results from the new libspf2 release, I get
this:

I have an spf record that includes: another domain. Say


foo.example -> v=spf1 ... include:bar.example ...

And bar.example exists in the DNS (with other record types, such as A),
but has no TXT or SPF records.

I read the RFC in a way that that should result in PermError, from the
table in section 5.2 (recursive result of None should cause the include
mechanism to throw PermError).

A test for that passed before the update (with libspf2 1.2.5), however
fails now.

Am I correct in my interpretation? Should this get fixed again, so that
a None from the included record should result in a PermError overall?

Kind regards,

Hannah.


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/
Powered by Listbox: http://www.listbox.com
Re: include: result confusion? [ In reply to ]
On Tue, 21 Oct 2008, Hannah Schroeter wrote:

> table in section 5.2 (recursive result of None should cause the include
> mechanism to throw PermError).
>
> A test for that passed before the update (with libspf2 1.2.5), however
> fails now.
>
> Am I correct in my interpretation? Should this get fixed again, so that
> a None from the included record should result in a PermError overall?

You are correct. I am tasked with making libspf2 pass the test suite.
I am behind.

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/
Powered by Listbox: http://www.listbox.com
Re: include: result confusion? [ In reply to ]
Hi!

On Tue, Oct 21, 2008 at 10:46:30AM -0400, Stuart D. Gathman wrote:
>On Tue, 21 Oct 2008, Hannah Schroeter wrote:

>> table in section 5.2 (recursive result of None should cause the include
>> mechanism to throw PermError).

>> A test for that passed before the update (with libspf2 1.2.5), however
>> fails now.

>> Am I correct in my interpretation? Should this get fixed again, so that
>> a None from the included record should result in a PermError overall?

>You are correct. I am tasked with making libspf2 pass the test suite.
>I am behind.

I have actually a few patches still pending with Shevek, and prepared
one to revert a change that made my own test for this fail (after
passing with 1.2.5).

Thanks for confirming my interpretation of the RFC, so I won't have to
change my local test and I will be able to keep the local change in our
local revision control systems (the one for the company's development
and from whence the deployed software is build, and my own for merging
stuff around with S.).

Kind regards,

Hannah.


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/
Powered by Listbox: http://www.listbox.com
Re: include: result confusion? [ In reply to ]
On Tue, 21 Oct 2008 16:59:43 +0200 Hannah Schroeter <hannah@schlund.de>
wrote:
>Hi!
>
>On Tue, Oct 21, 2008 at 10:46:30AM -0400, Stuart D. Gathman wrote:
>>On Tue, 21 Oct 2008, Hannah Schroeter wrote:
>
>>> table in section 5.2 (recursive result of None should cause the include
>>> mechanism to throw PermError).
>
>>> A test for that passed before the update (with libspf2 1.2.5), however
>>> fails now.
>
>>> Am I correct in my interpretation? Should this get fixed again, so that
>>> a None from the included record should result in a PermError overall?
>
>>You are correct. I am tasked with making libspf2 pass the test suite.
>>I am behind.
>
>I have actually a few patches still pending with Shevek, and prepared
>one to revert a change that made my own test for this fail (after
>passing with 1.2.5).
>
>Thanks for confirming my interpretation of the RFC, so I won't have to
>change my local test and I will be able to keep the local change in our
>local revision control systems (the one for the company's development
>and from whence the deployed software is build, and my own for merging
>stuff around with S.).
>

Ubuntu is releasing in about a week with 1.2.8. If somone could send me a
diff to revert this regression in the next few days I can get it fixed.
I'd really appreciate it.


Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/
Powered by Listbox: http://www.listbox.com
Re: include: result confusion? [ In reply to ]
Hi!

On Tue, Oct 21, 2008 at 06:29:26PM -0400, Scott Kitterman wrote:
>[...]

>>I have actually a few patches still pending with Shevek, and prepared
>>one to revert a change that made my own test for this fail (after
>>passing with 1.2.5).

>>Thanks for confirming my interpretation of the RFC, so I won't have to
>>change my local test and I will be able to keep the local change in our
>>local revision control systems (the one for the company's development
>>and from whence the deployed software is build, and my own for merging
>>stuff around with S.).

>Ubuntu is releasing in about a week with 1.2.8. If somone could send me a
>diff to revert this regression in the next few days I can get it fixed.
>I'd really appreciate it.

My patch is against Shevek's svn, the trunk (r14023). I guess it should
apply, at most with an offset in the line numbers.

Alas, Shevek's svn doesn't have tags or branches to give me a notion
from which revision the releases (e.g. 1.2.8) are, so I can't prepare
patches against the release proper. The only tag it has is "1.0.0".

I also include a patch for an issue that caused crashes in our MX that
might be helpful and that isn't yet included by Shevek because he's
pondering a different solution, while I think my patch is definitely
better than nothing (at least our crashes are definitely gone).

>Scott K

Kind regards,

Hannah.



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/
Powered by Listbox: http://www.listbox.com
Re: include: result confusion? [ In reply to ]
Hi!

Just to be public about this (I've already talked in private about this
with Scott):

My patch about the result code for included, but missing domains was
*wrong*. Please ignore it. The code in v1.2.8 *is* correct in this
respect. My local *test* was wrong.

The other patch (src/libspf/spf_request.c) still stands, I think.

Kind regards and sorry for any confusion,

Hannah.

On Wed, Oct 22, 2008 at 12:28:10PM +0200, Hannah Schroeter wrote:
>[...]

>>From f85a9a71c8051394c1f3c108f8eb0ba51e611be3 Mon Sep 17 00:00:00 2001
>From: Hannah Schroeter <hannah.schroeter@1und1.de>
>Date: Tue, 21 Oct 2008 16:28:33 +0200
>Subject: [PATCH] Fix result for include: of a domain that has no SPF or TXT record
> (should be PermError).

>---
> src/libspf2/spf_interpret.c | 5 +----
> 1 files changed, 1 insertions(+), 4 deletions(-)

That's what's *wrong*.

>[...]

>>From 5fdb382c9ecb40236ca8c41cec2b08d11e429774 Mon Sep 17 00:00:00 2001
>From: Hannah Schroeter <hannah.schroeter@1und1.de>
>Date: Mon, 20 Oct 2008 16:09:05 +0200
>Subject: [PATCH] actually keep track of max_var_len so SPF_record_expand_data doesn't fail
> and abort the whole program on some cases, e.g. creating the Received-SPF
> header when the envelope from is very long.

>---
> src/libspf2/spf_request.c | 50 +++++++++++++++++++++++++++++++++++++++++++-
> 1 files changed, 48 insertions(+), 2 deletions(-)

>[...]

That's what's probably ok.


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/
Powered by Listbox: http://www.listbox.com