]> git.ipfire.org Git - thirdparty/pdns.git/blame - regression-tests.recursor-dnssec/test_Expired.py
Merge pull request #13743 from Habbie/auth-api-priority-error
[thirdparty/pdns.git] / regression-tests.recursor-dnssec / test_Expired.py
CommitLineData
cb54e9b5
PL
1import errno
2import os
3import subprocess
4import time
5
6import dns
faf36a9b 7import extendederrors
cb54e9b5
PL
8from recursortests import RecursorTest
9
10
11class testExpired(RecursorTest):
12 """This regression test starts the authoritative servers with a clock that is
13 set 15 days into the past. Hence, the recursor must reject the signatures
14 because they are expired.
15 """
16 _confdir = 'Expired'
17
18 _config_template = """dnssec=validate"""
19
20 _auth_env = {'LD_PRELOAD':os.environ.get('LIBFAKETIME'),
21 'FAKETIME':'-15d'}
22
23 def testA(self):
24 query = dns.message.make_query('host1.secure.example', 'A')
25 res = self.sendUDPQuery(query)
26
27 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
faf36a9b
O
28
29class testExpiredWithEDE(RecursorTest):
30 """This regression test starts the authoritative servers with a clock that is
31 set 15 days into the past. Hence, the recursor must reject the signatures
32 because they are expired.
33 """
34 _confdir = 'ExpiredWithEDE'
35
36 _config_template = """
37 dnssec=validate
38 extended-resolution-errors=yes
39 """
40
41 _auth_env = {'LD_PRELOAD':os.environ.get('LIBFAKETIME'),
42 'FAKETIME':'-15d'}
43
44 def testA(self):
45 qname = 'host1.secure.example'
46 query = dns.message.make_query(qname, 'A', want_dnssec=True)
47
48 for method in ("sendUDPQuery", "sendTCPQuery"):
49 sender = getattr(self, method)
50 res = sender(query, timeout=5.0)
51 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
52 self.assertEqual(res.edns, 0)
53 self.assertEqual(len(res.options), 1)
54 self.assertEqual(res.options[0].otype, 15)
55 self.assertEqual(res.options[0], extendederrors.ExtendedErrorOption(7, b''))