]>
Commit | Line | Data |
---|---|---|
ec5f5c6b RG |
1 | #!/usr/bin/env python |
2 | from datetime import datetime, timedelta | |
ec5f5c6b | 3 | import os |
b1bec9f0 | 4 | import dns |
ec5f5c6b RG |
5 | from dnsdisttests import DNSDistTest |
6 | ||
b1bec9f0 RG |
7 | class TestAdvancedAllow(DNSDistTest): |
8 | ||
9 | _config_template = """ | |
10 | addAction(makeRule("allowed.advanced.tests.powerdns.com."), AllowAction()) | |
11 | addAction(AllRule(), DropAction()) | |
12 | newServer{address="127.0.0.1:%s"} | |
13 | """ | |
14 | ||
15 | def testAdvancedAllow(self): | |
16 | """ | |
17 | Advanced: Allowed qname is not dropped | |
18 | ||
19 | A query for allowed.advanced.tests.powerdns.com. should be allowed | |
20 | while others should be dropped. | |
21 | """ | |
22 | name = 'allowed.advanced.tests.powerdns.com.' | |
23 | query = dns.message.make_query(name, 'A', 'IN') | |
24 | response = dns.message.make_response(query) | |
25 | rrset = dns.rrset.from_text(name, | |
26 | 3600, | |
27 | dns.rdataclass.IN, | |
28 | dns.rdatatype.A, | |
29 | '127.0.0.1') | |
30 | response.answer.append(rrset) | |
31 | ||
32 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
33 | self.assertTrue(receivedQuery) | |
34 | self.assertTrue(receivedResponse) | |
35 | receivedQuery.id = query.id | |
36 | self.assertEquals(query, receivedQuery) | |
37 | self.assertEquals(response, receivedResponse) | |
38 | ||
39 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
40 | self.assertTrue(receivedQuery) | |
41 | self.assertTrue(receivedResponse) | |
42 | receivedQuery.id = query.id | |
43 | self.assertEquals(query, receivedQuery) | |
44 | self.assertEquals(response, receivedResponse) | |
45 | ||
46 | def testAdvancedAllowDropped(self): | |
47 | """ | |
48 | Advanced: Not allowed qname is dropped | |
49 | ||
50 | A query for notallowed.advanced.tests.powerdns.com. should be dropped. | |
51 | """ | |
52 | name = 'notallowed.advanced.tests.powerdns.com.' | |
53 | query = dns.message.make_query(name, 'A', 'IN') | |
54 | (_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False) | |
55 | self.assertEquals(receivedResponse, None) | |
56 | ||
57 | (_, receivedResponse) = self.sendTCPQuery(query, response=None, useQueue=False) | |
58 | self.assertEquals(receivedResponse, None) | |
59 | ||
ec5f5c6b RG |
60 | class TestAdvancedFixupCase(DNSDistTest): |
61 | ||
ec5f5c6b RG |
62 | _config_template = """ |
63 | truncateTC(true) | |
64 | fixupCase(true) | |
65 | newServer{address="127.0.0.1:%s"} | |
66 | """ | |
67 | ||
ec5f5c6b RG |
68 | def testAdvancedFixupCase(self): |
69 | """ | |
617dfe22 RG |
70 | Advanced: Fixup Case |
71 | ||
ec5f5c6b RG |
72 | Send a query with lower and upper chars, |
73 | make the backend return a lowercase version, | |
74 | check that dnsdist fixes the response. | |
75 | """ | |
76 | name = 'fiXuPCasE.advanced.tests.powerdns.com.' | |
77 | query = dns.message.make_query(name, 'A', 'IN') | |
78 | lowercasequery = dns.message.make_query(name.lower(), 'A', 'IN') | |
79 | response = dns.message.make_response(lowercasequery) | |
80 | expectedResponse = dns.message.make_response(query) | |
81 | rrset = dns.rrset.from_text(name, | |
82 | 3600, | |
83 | dns.rdataclass.IN, | |
84 | dns.rdatatype.A, | |
85 | '127.0.0.1') | |
86 | response.answer.append(rrset) | |
87 | expectedResponse.answer.append(rrset) | |
88 | ||
89 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
90 | self.assertTrue(receivedQuery) | |
91 | self.assertTrue(receivedResponse) | |
92 | receivedQuery.id = query.id | |
ec5f5c6b RG |
93 | self.assertEquals(query, receivedQuery) |
94 | self.assertEquals(expectedResponse, receivedResponse) | |
95 | ||
96 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
97 | self.assertTrue(receivedQuery) | |
98 | self.assertTrue(receivedResponse) | |
99 | receivedQuery.id = query.id | |
ec5f5c6b RG |
100 | self.assertEquals(query, receivedQuery) |
101 | self.assertEquals(expectedResponse, receivedResponse) | |
102 | ||
103 | ||
104 | class TestAdvancedRemoveRD(DNSDistTest): | |
105 | ||
ec5f5c6b RG |
106 | _config_template = """ |
107 | addNoRecurseRule("norecurse.advanced.tests.powerdns.com.") | |
108 | newServer{address="127.0.0.1:%s"} | |
109 | """ | |
110 | ||
ec5f5c6b RG |
111 | def testAdvancedNoRD(self): |
112 | """ | |
617dfe22 RG |
113 | Advanced: No RD |
114 | ||
ec5f5c6b RG |
115 | Send a query with RD, |
116 | check that dnsdist clears the RD flag. | |
117 | """ | |
118 | name = 'norecurse.advanced.tests.powerdns.com.' | |
119 | query = dns.message.make_query(name, 'A', 'IN') | |
120 | expectedQuery = dns.message.make_query(name, 'A', 'IN') | |
121 | expectedQuery.flags &= ~dns.flags.RD | |
122 | ||
123 | response = dns.message.make_response(query) | |
124 | rrset = dns.rrset.from_text(name, | |
125 | 3600, | |
126 | dns.rdataclass.IN, | |
127 | dns.rdatatype.A, | |
128 | '127.0.0.1') | |
129 | response.answer.append(rrset) | |
130 | ||
131 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
132 | self.assertTrue(receivedQuery) | |
133 | self.assertTrue(receivedResponse) | |
134 | receivedQuery.id = expectedQuery.id | |
ec5f5c6b RG |
135 | self.assertEquals(expectedQuery, receivedQuery) |
136 | self.assertEquals(response, receivedResponse) | |
137 | ||
138 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
139 | self.assertTrue(receivedQuery) | |
140 | self.assertTrue(receivedResponse) | |
141 | receivedQuery.id = expectedQuery.id | |
ec5f5c6b RG |
142 | self.assertEquals(expectedQuery, receivedQuery) |
143 | self.assertEquals(response, receivedResponse) | |
144 | ||
145 | def testAdvancedKeepRD(self): | |
146 | """ | |
617dfe22 RG |
147 | Advanced: No RD canary |
148 | ||
ec5f5c6b RG |
149 | Send a query with RD for a canary domain, |
150 | check that dnsdist does not clear the RD flag. | |
151 | """ | |
152 | name = 'keeprecurse.advanced.tests.powerdns.com.' | |
153 | query = dns.message.make_query(name, 'A', 'IN') | |
154 | ||
155 | response = dns.message.make_response(query) | |
156 | rrset = dns.rrset.from_text(name, | |
157 | 3600, | |
158 | dns.rdataclass.IN, | |
159 | dns.rdatatype.A, | |
160 | '127.0.0.1') | |
161 | response.answer.append(rrset) | |
162 | ||
163 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
164 | self.assertTrue(receivedQuery) | |
165 | self.assertTrue(receivedResponse) | |
166 | receivedQuery.id = query.id | |
ec5f5c6b RG |
167 | self.assertEquals(query, receivedQuery) |
168 | self.assertEquals(response, receivedResponse) | |
169 | ||
170 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
171 | self.assertTrue(receivedQuery) | |
172 | self.assertTrue(receivedResponse) | |
173 | receivedQuery.id = query.id | |
ec5f5c6b RG |
174 | self.assertEquals(query, receivedQuery) |
175 | self.assertEquals(response, receivedResponse) | |
176 | ||
177 | ||
178 | class TestAdvancedAddCD(DNSDistTest): | |
179 | ||
ec5f5c6b RG |
180 | _config_template = """ |
181 | addDisableValidationRule("setcd.advanced.tests.powerdns.com.") | |
b1bec9f0 | 182 | addAction(makeRule("setcdviaaction.advanced.tests.powerdns.com."), DisableValidationAction()) |
ec5f5c6b RG |
183 | newServer{address="127.0.0.1:%s"} |
184 | """ | |
185 | ||
ec5f5c6b RG |
186 | def testAdvancedSetCD(self): |
187 | """ | |
617dfe22 RG |
188 | Advanced: Set CD |
189 | ||
ec5f5c6b RG |
190 | Send a query with CD cleared, |
191 | check that dnsdist set the CD flag. | |
192 | """ | |
193 | name = 'setcd.advanced.tests.powerdns.com.' | |
194 | query = dns.message.make_query(name, 'A', 'IN') | |
b1bec9f0 RG |
195 | expectedQuery = dns.message.make_query(name, 'A', 'IN') |
196 | expectedQuery.flags |= dns.flags.CD | |
197 | ||
198 | response = dns.message.make_response(query) | |
199 | rrset = dns.rrset.from_text(name, | |
200 | 3600, | |
201 | dns.rdataclass.IN, | |
202 | dns.rdatatype.A, | |
203 | '127.0.0.1') | |
204 | response.answer.append(rrset) | |
205 | ||
206 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
207 | self.assertTrue(receivedQuery) | |
208 | self.assertTrue(receivedResponse) | |
209 | receivedQuery.id = expectedQuery.id | |
210 | self.assertEquals(expectedQuery, receivedQuery) | |
211 | self.assertEquals(response, receivedResponse) | |
212 | ||
213 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
214 | self.assertTrue(receivedQuery) | |
215 | self.assertTrue(receivedResponse) | |
216 | receivedQuery.id = expectedQuery.id | |
217 | self.assertEquals(expectedQuery, receivedQuery) | |
218 | self.assertEquals(response, receivedResponse) | |
219 | ||
220 | def testAdvancedSetCDViaAction(self): | |
221 | """ | |
222 | Advanced: Set CD via Action | |
223 | ||
224 | Send a query with CD cleared, | |
225 | check that dnsdist set the CD flag. | |
226 | """ | |
227 | name = 'setcdviaaction.advanced.tests.powerdns.com.' | |
228 | query = dns.message.make_query(name, 'A', 'IN') | |
229 | expectedQuery = dns.message.make_query(name, 'A', 'IN') | |
ec5f5c6b RG |
230 | expectedQuery.flags |= dns.flags.CD |
231 | ||
232 | response = dns.message.make_response(query) | |
233 | rrset = dns.rrset.from_text(name, | |
234 | 3600, | |
235 | dns.rdataclass.IN, | |
236 | dns.rdatatype.A, | |
237 | '127.0.0.1') | |
238 | response.answer.append(rrset) | |
239 | ||
240 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
241 | self.assertTrue(receivedQuery) | |
242 | self.assertTrue(receivedResponse) | |
243 | receivedQuery.id = expectedQuery.id | |
ec5f5c6b RG |
244 | self.assertEquals(expectedQuery, receivedQuery) |
245 | self.assertEquals(response, receivedResponse) | |
246 | ||
247 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
248 | self.assertTrue(receivedQuery) | |
249 | self.assertTrue(receivedResponse) | |
250 | receivedQuery.id = expectedQuery.id | |
ec5f5c6b RG |
251 | self.assertEquals(expectedQuery, receivedQuery) |
252 | self.assertEquals(response, receivedResponse) | |
253 | ||
254 | def testAdvancedKeepNoCD(self): | |
255 | """ | |
617dfe22 RG |
256 | Advanced: Preserve CD canary |
257 | ||
ec5f5c6b RG |
258 | Send a query without CD for a canary domain, |
259 | check that dnsdist does not set the CD flag. | |
260 | """ | |
261 | name = 'keepnocd.advanced.tests.powerdns.com.' | |
262 | query = dns.message.make_query(name, 'A', 'IN') | |
263 | ||
264 | response = dns.message.make_response(query) | |
265 | rrset = dns.rrset.from_text(name, | |
266 | 3600, | |
267 | dns.rdataclass.IN, | |
268 | dns.rdatatype.A, | |
269 | '127.0.0.1') | |
270 | response.answer.append(rrset) | |
271 | ||
272 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
273 | self.assertTrue(receivedQuery) | |
274 | self.assertTrue(receivedResponse) | |
275 | receivedQuery.id = query.id | |
ec5f5c6b RG |
276 | self.assertEquals(query, receivedQuery) |
277 | self.assertEquals(response, receivedResponse) | |
278 | ||
279 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
280 | self.assertTrue(receivedQuery) | |
281 | self.assertTrue(receivedResponse) | |
282 | receivedQuery.id = query.id | |
ec5f5c6b RG |
283 | self.assertEquals(query, receivedQuery) |
284 | self.assertEquals(response, receivedResponse) | |
285 | ||
b1bec9f0 RG |
286 | class TestAdvancedClearRD(DNSDistTest): |
287 | ||
288 | _config_template = """ | |
289 | addNoRecurseRule("clearrd.advanced.tests.powerdns.com.") | |
290 | addAction(makeRule("clearrdviaaction.advanced.tests.powerdns.com."), NoRecurseAction()) | |
291 | newServer{address="127.0.0.1:%s"} | |
292 | """ | |
293 | ||
294 | def testAdvancedClearRD(self): | |
295 | """ | |
296 | Advanced: Clear RD | |
297 | ||
298 | Send a query with RD set, | |
299 | check that dnsdist clears the RD flag. | |
300 | """ | |
301 | name = 'clearrd.advanced.tests.powerdns.com.' | |
302 | query = dns.message.make_query(name, 'A', 'IN') | |
303 | expectedQuery = dns.message.make_query(name, 'A', 'IN') | |
304 | expectedQuery.flags &= ~dns.flags.RD | |
305 | ||
306 | response = dns.message.make_response(query) | |
307 | rrset = dns.rrset.from_text(name, | |
308 | 3600, | |
309 | dns.rdataclass.IN, | |
310 | dns.rdatatype.A, | |
311 | '127.0.0.1') | |
312 | response.answer.append(rrset) | |
313 | ||
314 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
315 | self.assertTrue(receivedQuery) | |
316 | self.assertTrue(receivedResponse) | |
317 | receivedQuery.id = expectedQuery.id | |
318 | self.assertEquals(expectedQuery, receivedQuery) | |
319 | self.assertEquals(response, receivedResponse) | |
320 | ||
321 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
322 | self.assertTrue(receivedQuery) | |
323 | self.assertTrue(receivedResponse) | |
324 | receivedQuery.id = expectedQuery.id | |
325 | self.assertEquals(expectedQuery, receivedQuery) | |
326 | self.assertEquals(response, receivedResponse) | |
327 | ||
328 | def testAdvancedClearRDViaAction(self): | |
329 | """ | |
330 | Advanced: Clear RD via Action | |
331 | ||
332 | Send a query with RD set, | |
333 | check that dnsdist clears the RD flag. | |
334 | """ | |
335 | name = 'clearrdviaaction.advanced.tests.powerdns.com.' | |
336 | query = dns.message.make_query(name, 'A', 'IN') | |
337 | expectedQuery = dns.message.make_query(name, 'A', 'IN') | |
338 | expectedQuery.flags &= ~dns.flags.RD | |
339 | ||
340 | response = dns.message.make_response(query) | |
341 | rrset = dns.rrset.from_text(name, | |
342 | 3600, | |
343 | dns.rdataclass.IN, | |
344 | dns.rdatatype.A, | |
345 | '127.0.0.1') | |
346 | response.answer.append(rrset) | |
347 | ||
348 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
349 | self.assertTrue(receivedQuery) | |
350 | self.assertTrue(receivedResponse) | |
351 | receivedQuery.id = expectedQuery.id | |
352 | self.assertEquals(expectedQuery, receivedQuery) | |
353 | self.assertEquals(response, receivedResponse) | |
354 | ||
355 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
356 | self.assertTrue(receivedQuery) | |
357 | self.assertTrue(receivedResponse) | |
358 | receivedQuery.id = expectedQuery.id | |
359 | self.assertEquals(expectedQuery, receivedQuery) | |
360 | self.assertEquals(response, receivedResponse) | |
361 | ||
362 | def testAdvancedKeepRD(self): | |
363 | """ | |
364 | Advanced: Preserve RD canary | |
365 | ||
366 | Send a query with RD for a canary domain, | |
367 | check that dnsdist does not clear the RD flag. | |
368 | """ | |
369 | name = 'keeprd.advanced.tests.powerdns.com.' | |
370 | query = dns.message.make_query(name, 'A', 'IN') | |
371 | ||
372 | response = dns.message.make_response(query) | |
373 | rrset = dns.rrset.from_text(name, | |
374 | 3600, | |
375 | dns.rdataclass.IN, | |
376 | dns.rdatatype.A, | |
377 | '127.0.0.1') | |
378 | response.answer.append(rrset) | |
379 | ||
380 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
381 | self.assertTrue(receivedQuery) | |
382 | self.assertTrue(receivedResponse) | |
383 | receivedQuery.id = query.id | |
384 | self.assertEquals(query, receivedQuery) | |
385 | self.assertEquals(response, receivedResponse) | |
386 | ||
387 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
388 | self.assertTrue(receivedQuery) | |
389 | self.assertTrue(receivedResponse) | |
390 | receivedQuery.id = query.id | |
391 | self.assertEquals(query, receivedQuery) | |
392 | self.assertEquals(response, receivedResponse) | |
393 | ||
ec5f5c6b RG |
394 | |
395 | class TestAdvancedACL(DNSDistTest): | |
396 | ||
ec5f5c6b RG |
397 | _config_template = """ |
398 | newServer{address="127.0.0.1:%s"} | |
399 | """ | |
18a0e7c6 | 400 | _acl = ['192.0.2.1/32'] |
ec5f5c6b RG |
401 | |
402 | def testACLBlocked(self): | |
403 | """ | |
617dfe22 RG |
404 | Advanced: ACL blocked |
405 | ||
ec5f5c6b RG |
406 | Send an A query to "tests.powerdns.com.", |
407 | we expect no response since 127.0.0.1 is not on the | |
408 | ACL. | |
409 | """ | |
903853f4 | 410 | name = 'tests.powerdns.com.' |
7791f83a | 411 | query = dns.message.make_query(name, 'A', 'IN') |
7791f83a RG |
412 | |
413 | (_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False) | |
903853f4 | 414 | self.assertEquals(receivedResponse, None) |
7791f83a RG |
415 | |
416 | (_, receivedResponse) = self.sendTCPQuery(query, response=None, useQueue=False) | |
903853f4 RG |
417 | self.assertEquals(receivedResponse, None) |
418 | ||
419 | class TestAdvancedDelay(DNSDistTest): | |
420 | ||
421 | _config_template = """ | |
422 | addAction(AllRule(), DelayAction(1000)) | |
423 | newServer{address="127.0.0.1:%s"} | |
424 | """ | |
7791f83a | 425 | |
903853f4 | 426 | def testDelayed(self): |
7791f83a | 427 | """ |
903853f4 | 428 | Advanced: Delayed |
7791f83a | 429 | |
903853f4 RG |
430 | Send an A query to "tests.powerdns.com.", |
431 | check that the response delay is longer than 1000 ms | |
432 | over UDP, less than that over TCP. | |
7791f83a | 433 | """ |
903853f4 RG |
434 | name = 'tests.powerdns.com.' |
435 | query = dns.message.make_query(name, 'A', 'IN') | |
436 | response = dns.message.make_response(query) | |
7791f83a RG |
437 | rrset = dns.rrset.from_text(name, |
438 | 60, | |
439 | dns.rdataclass.IN, | |
903853f4 RG |
440 | dns.rdatatype.A, |
441 | '192.0.2.1') | |
442 | response.answer.append(rrset) | |
7791f83a | 443 | |
903853f4 RG |
444 | begin = datetime.now() |
445 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
446 | end = datetime.now() | |
447 | receivedQuery.id = query.id | |
448 | self.assertEquals(query, receivedQuery) | |
449 | self.assertEquals(response, receivedResponse) | |
450 | self.assertTrue((end - begin) > timedelta(0, 1)) | |
451 | ||
452 | begin = datetime.now() | |
453 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
454 | end = datetime.now() | |
455 | receivedQuery.id = query.id | |
456 | self.assertEquals(query, receivedQuery) | |
457 | self.assertEquals(response, receivedResponse) | |
458 | self.assertTrue((end - begin) < timedelta(0, 1)) | |
7791f83a | 459 | |
e7a1029c RG |
460 | |
461 | class TestAdvancedTruncateAnyAndTCP(DNSDistTest): | |
462 | ||
463 | _config_template = """ | |
464 | truncateTC(false) | |
465 | addAction(AndRule({QTypeRule("ANY"), TCPRule(true)}), TCAction()) | |
466 | newServer{address="127.0.0.1:%s"} | |
467 | """ | |
468 | def testTruncateAnyOverTCP(self): | |
469 | """ | |
470 | Advanced: Truncate ANY over TCP | |
471 | ||
b1bec9f0 | 472 | Send an ANY query to "anytruncatetcp.advanced.tests.powerdns.com.", |
e7a1029c RG |
473 | should be truncated over TCP, not over UDP (yes, it makes no sense, |
474 | deal with it). | |
475 | """ | |
b1bec9f0 | 476 | name = 'anytruncatetcp.advanced.tests.powerdns.com.' |
e7a1029c RG |
477 | query = dns.message.make_query(name, 'ANY', 'IN') |
478 | ||
479 | response = dns.message.make_response(query) | |
480 | rrset = dns.rrset.from_text(name, | |
481 | 3600, | |
482 | dns.rdataclass.IN, | |
483 | dns.rdatatype.A, | |
484 | '127.0.0.1') | |
485 | ||
486 | response.answer.append(rrset) | |
487 | ||
488 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
489 | self.assertTrue(receivedQuery) | |
490 | self.assertTrue(receivedResponse) | |
491 | receivedQuery.id = query.id | |
e7a1029c RG |
492 | self.assertEquals(query, receivedQuery) |
493 | self.assertEquals(receivedResponse, response) | |
494 | ||
495 | expectedResponse = dns.message.make_response(query) | |
496 | expectedResponse.flags |= dns.flags.TC | |
497 | ||
498 | (_, receivedResponse) = self.sendTCPQuery(query, response=None, useQueue=False) | |
e7a1029c RG |
499 | self.assertEquals(receivedResponse, expectedResponse) |
500 | ||
501 | class TestAdvancedAndNot(DNSDistTest): | |
502 | ||
503 | _config_template = """ | |
504 | addAction(AndRule({NotRule(QTypeRule("A")), TCPRule(false)}), RCodeAction(4)) | |
505 | newServer{address="127.0.0.1:%s"} | |
506 | """ | |
507 | def testAOverUDPReturnsNotImplementedCanary(self): | |
508 | """ | |
509 | Advanced: !A && UDP canary | |
510 | ||
511 | dnsdist is configured to reply 'not implemented' for query | |
512 | over UDP AND !qtype A. | |
513 | We send an A query over UDP and TCP, and check that the | |
514 | response is OK. | |
515 | """ | |
b1bec9f0 | 516 | name = 'andnot.advanced.tests.powerdns.com.' |
e7a1029c RG |
517 | query = dns.message.make_query(name, 'A', 'IN') |
518 | response = dns.message.make_response(query) | |
519 | rrset = dns.rrset.from_text(name, | |
520 | 3600, | |
521 | dns.rdataclass.IN, | |
522 | dns.rdatatype.A, | |
523 | '127.0.0.1') | |
524 | response.answer.append(rrset) | |
525 | ||
526 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
527 | self.assertTrue(receivedQuery) | |
528 | self.assertTrue(receivedResponse) | |
529 | receivedQuery.id = query.id | |
e7a1029c RG |
530 | self.assertEquals(query, receivedQuery) |
531 | self.assertEquals(receivedResponse, response) | |
532 | ||
533 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
534 | self.assertTrue(receivedQuery) | |
535 | self.assertTrue(receivedResponse) | |
536 | receivedQuery.id = query.id | |
e7a1029c RG |
537 | self.assertEquals(query, receivedQuery) |
538 | self.assertEquals(receivedResponse, response) | |
539 | ||
540 | def testAOverUDPReturnsNotImplemented(self): | |
541 | """ | |
542 | Advanced: !A && UDP | |
543 | ||
544 | dnsdist is configured to reply 'not implemented' for query | |
545 | over UDP AND !qtype A. | |
546 | We send a TXT query over UDP and TCP, and check that the | |
547 | response is OK for TCP and 'not implemented' for UDP. | |
548 | """ | |
b1bec9f0 | 549 | name = 'andnot.advanced.tests.powerdns.com.' |
e7a1029c RG |
550 | query = dns.message.make_query(name, 'TXT', 'IN') |
551 | ||
552 | expectedResponse = dns.message.make_response(query) | |
553 | expectedResponse.set_rcode(dns.rcode.NOTIMP) | |
554 | ||
555 | (_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False) | |
e7a1029c RG |
556 | self.assertEquals(receivedResponse, expectedResponse) |
557 | ||
558 | response = dns.message.make_response(query) | |
559 | rrset = dns.rrset.from_text(name, | |
560 | 3600, | |
561 | dns.rdataclass.IN, | |
562 | dns.rdatatype.TXT, | |
563 | 'nothing to see here') | |
564 | response.answer.append(rrset) | |
565 | ||
566 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
567 | self.assertTrue(receivedQuery) | |
568 | self.assertTrue(receivedResponse) | |
569 | receivedQuery.id = query.id | |
e7a1029c RG |
570 | self.assertEquals(query, receivedQuery) |
571 | self.assertEquals(receivedResponse, response) | |
572 | ||
573 | class TestAdvancedOr(DNSDistTest): | |
574 | ||
575 | _config_template = """ | |
576 | addAction(OrRule({QTypeRule("A"), TCPRule(false)}), RCodeAction(4)) | |
577 | newServer{address="127.0.0.1:%s"} | |
578 | """ | |
579 | def testAAAAOverUDPReturnsNotImplemented(self): | |
580 | """ | |
581 | Advanced: A || UDP: AAAA | |
582 | ||
583 | dnsdist is configured to reply 'not implemented' for query | |
584 | over UDP OR qtype A. | |
585 | We send an AAAA query over UDP and TCP, and check that the | |
586 | response is 'not implemented' for UDP and OK for TCP. | |
587 | """ | |
b1bec9f0 | 588 | name = 'aorudp.advanced.tests.powerdns.com.' |
e7a1029c RG |
589 | query = dns.message.make_query(name, 'AAAA', 'IN') |
590 | response = dns.message.make_response(query) | |
591 | rrset = dns.rrset.from_text(name, | |
592 | 3600, | |
593 | dns.rdataclass.IN, | |
594 | dns.rdatatype.AAAA, | |
595 | '::1') | |
596 | response.answer.append(rrset) | |
597 | ||
598 | expectedResponse = dns.message.make_response(query) | |
599 | expectedResponse.set_rcode(dns.rcode.NOTIMP) | |
600 | ||
601 | (_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False) | |
e7a1029c RG |
602 | self.assertEquals(receivedResponse, expectedResponse) |
603 | ||
604 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
605 | self.assertTrue(receivedQuery) | |
606 | self.assertTrue(receivedResponse) | |
607 | receivedQuery.id = query.id | |
e7a1029c RG |
608 | self.assertEquals(query, receivedQuery) |
609 | self.assertEquals(receivedResponse, response) | |
610 | ||
611 | def testAOverUDPReturnsNotImplemented(self): | |
612 | """ | |
613 | Advanced: A || UDP: A | |
614 | ||
615 | dnsdist is configured to reply 'not implemented' for query | |
616 | over UDP OR qtype A. | |
617 | We send an A query over UDP and TCP, and check that the | |
618 | response is 'not implemented' for both. | |
619 | """ | |
b1bec9f0 | 620 | name = 'aorudp.advanced.tests.powerdns.com.' |
e7a1029c RG |
621 | query = dns.message.make_query(name, 'A', 'IN') |
622 | ||
623 | expectedResponse = dns.message.make_response(query) | |
624 | expectedResponse.set_rcode(dns.rcode.NOTIMP) | |
625 | ||
626 | (_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False) | |
e7a1029c RG |
627 | self.assertEquals(receivedResponse, expectedResponse) |
628 | ||
629 | (_, receivedResponse) = self.sendTCPQuery(query, response=None, useQueue=False) | |
e7a1029c | 630 | self.assertEquals(receivedResponse, expectedResponse) |
886e2cf2 | 631 | |
b1bec9f0 RG |
632 | |
633 | class TestAdvancedLogAction(DNSDistTest): | |
634 | ||
635 | _config_template = """ | |
636 | newServer{address="127.0.0.1:%s"} | |
637 | addAction(AllRule(), LogAction("dnsdist.log", false)) | |
638 | """ | |
639 | def testAdvancedLogAction(self): | |
640 | """ | |
641 | Advanced: Log all queries | |
642 | ||
643 | """ | |
644 | count = 50 | |
645 | name = 'logaction.advanced.tests.powerdns.com.' | |
646 | query = dns.message.make_query(name, 'A', 'IN') | |
647 | response = dns.message.make_response(query) | |
648 | rrset = dns.rrset.from_text(name, | |
649 | 3600, | |
650 | dns.rdataclass.IN, | |
651 | dns.rdatatype.A, | |
652 | '127.0.0.1') | |
653 | response.answer.append(rrset) | |
654 | ||
655 | for _ in range(count): | |
656 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
657 | self.assertTrue(receivedQuery) | |
658 | self.assertTrue(receivedResponse) | |
659 | receivedQuery.id = query.id | |
b1bec9f0 RG |
660 | self.assertEquals(query, receivedQuery) |
661 | self.assertEquals(response, receivedResponse) | |
662 | ||
663 | self.assertTrue(os.path.isfile('dnsdist.log')) | |
664 | self.assertTrue(os.stat('dnsdist.log').st_size > 0) | |
665 | ||
666 | class TestAdvancedDNSSEC(DNSDistTest): | |
667 | ||
668 | _config_template = """ | |
669 | newServer{address="127.0.0.1:%s"} | |
670 | addAction(DNSSECRule(), DropAction()) | |
671 | """ | |
672 | def testAdvancedDNSSECDrop(self): | |
673 | """ | |
674 | Advanced: DNSSEC Rule | |
675 | ||
676 | """ | |
677 | name = 'dnssec.advanced.tests.powerdns.com.' | |
678 | query = dns.message.make_query(name, 'A', 'IN') | |
679 | doquery = dns.message.make_query(name, 'A', 'IN', want_dnssec=True) | |
680 | response = dns.message.make_response(query) | |
681 | rrset = dns.rrset.from_text(name, | |
682 | 3600, | |
683 | dns.rdataclass.IN, | |
684 | dns.rdatatype.A, | |
685 | '127.0.0.1') | |
686 | response.answer.append(rrset) | |
687 | ||
688 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
689 | self.assertTrue(receivedQuery) | |
690 | self.assertTrue(receivedResponse) | |
691 | receivedQuery.id = query.id | |
b1bec9f0 RG |
692 | self.assertEquals(query, receivedQuery) |
693 | self.assertEquals(response, receivedResponse) | |
694 | ||
695 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
696 | self.assertTrue(receivedQuery) | |
697 | self.assertTrue(receivedResponse) | |
698 | receivedQuery.id = query.id | |
b1bec9f0 RG |
699 | self.assertEquals(query, receivedQuery) |
700 | self.assertEquals(response, receivedResponse) | |
701 | ||
702 | (_, receivedResponse) = self.sendUDPQuery(doquery, response) | |
703 | self.assertEquals(receivedResponse, None) | |
704 | (_, receivedResponse) = self.sendTCPQuery(doquery, response) | |
705 | self.assertEquals(receivedResponse, None) | |
706 | ||
707 | class TestAdvancedQClass(DNSDistTest): | |
708 | ||
709 | _config_template = """ | |
710 | newServer{address="127.0.0.1:%s"} | |
711 | addAction(QClassRule(3), DropAction()) | |
712 | """ | |
713 | def testAdvancedQClassChaosDrop(self): | |
714 | """ | |
715 | Advanced: Drop QClass CHAOS | |
716 | ||
717 | """ | |
718 | name = 'qclasschaos.advanced.tests.powerdns.com.' | |
719 | query = dns.message.make_query(name, 'TXT', 'CHAOS') | |
720 | response = dns.message.make_response(query) | |
721 | rrset = dns.rrset.from_text(name, | |
722 | 3600, | |
723 | dns.rdataclass.CH, | |
724 | dns.rdatatype.TXT, | |
725 | 'hop') | |
726 | response.answer.append(rrset) | |
727 | ||
728 | (_, receivedResponse) = self.sendUDPQuery(query, response) | |
729 | self.assertEquals(receivedResponse, None) | |
730 | (_, receivedResponse) = self.sendTCPQuery(query, response) | |
731 | self.assertEquals(receivedResponse, None) | |
732 | ||
733 | def testAdvancedQClassINAllow(self): | |
734 | """ | |
735 | Advanced: Allow QClass IN | |
736 | ||
737 | """ | |
738 | name = 'qclassin.advanced.tests.powerdns.com.' | |
739 | query = dns.message.make_query(name, 'A', 'IN') | |
740 | response = dns.message.make_response(query) | |
741 | rrset = dns.rrset.from_text(name, | |
742 | 3600, | |
743 | dns.rdataclass.IN, | |
744 | dns.rdatatype.A, | |
745 | '127.0.0.1') | |
746 | response.answer.append(rrset) | |
747 | ||
748 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
749 | self.assertTrue(receivedQuery) | |
750 | self.assertTrue(receivedResponse) | |
751 | receivedQuery.id = query.id | |
b1bec9f0 RG |
752 | self.assertEquals(query, receivedQuery) |
753 | self.assertEquals(response, receivedResponse) | |
754 | ||
755 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
756 | self.assertTrue(receivedQuery) | |
757 | self.assertTrue(receivedResponse) | |
758 | receivedQuery.id = query.id | |
b1bec9f0 RG |
759 | self.assertEquals(query, receivedQuery) |
760 | self.assertEquals(response, receivedResponse) | |
88d05ca1 RG |
761 | |
762 | class TestAdvancedNonTerminalRule(DNSDistTest): | |
763 | ||
764 | _config_template = """ | |
765 | newServer{address="127.0.0.1:%s", pool="real"} | |
766 | addAction(AllRule(), DisableValidationAction()) | |
767 | addAction(AllRule(), PoolAction("real")) | |
768 | addAction(AllRule(), DropAction()) | |
769 | """ | |
770 | def testAdvancedNonTerminalRules(self): | |
771 | """ | |
772 | Advanced: Non terminal rules | |
773 | ||
774 | We check that DisableValidationAction() is applied | |
775 | but does not stop the processing, then that | |
776 | PoolAction() is applied _and_ stop the processing. | |
777 | """ | |
778 | name = 'nonterminal.advanced.tests.powerdns.com.' | |
779 | query = dns.message.make_query(name, 'A', 'IN') | |
780 | expectedQuery = dns.message.make_query(name, 'A', 'IN') | |
781 | expectedQuery.flags |= dns.flags.CD | |
782 | response = dns.message.make_response(query) | |
783 | rrset = dns.rrset.from_text(name, | |
784 | 3600, | |
785 | dns.rdataclass.IN, | |
786 | dns.rdatatype.A, | |
787 | '192.2.0.1') | |
788 | response.answer.append(rrset) | |
789 | ||
790 | (receivedQuery, receivedResponse) = self.sendUDPQuery(query, response) | |
791 | self.assertTrue(receivedQuery) | |
792 | self.assertTrue(receivedResponse) | |
793 | receivedQuery.id = expectedQuery.id | |
794 | self.assertEquals(expectedQuery, receivedQuery) | |
795 | self.assertEquals(response, receivedResponse) | |
796 | ||
797 | (receivedQuery, receivedResponse) = self.sendTCPQuery(query, response) | |
798 | self.assertTrue(receivedQuery) | |
799 | self.assertTrue(receivedResponse) | |
800 | receivedQuery.id = expectedQuery.id | |
801 | self.assertEquals(expectedQuery, receivedQuery) | |
802 | self.assertEquals(response, receivedResponse) |