]> git.ipfire.org Git - thirdparty/pdns.git/blame - regression-tests.recursor-dnssec/test_Flags.py
projects / thirdparty / pdns.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #4153 from pieterlexis/400-docs
[thirdparty/pdns.git] / regression-tests.recursor-dnssec / test_Flags.py
CommitLineData
7568b07d
PL		 1import os
2import socket
d8319ad6 3#import unittest
7568b07d
PL		 4
5import dns
6from recursortests import RecursorTest
7
d8319ad6 8
7568b07d
PL		 9class TestFlags(RecursorTest):
10 _confdir = 'Flags'
11 _config_template = """dnssec=%s"""
12 _config_params = ['_dnssec_setting']
13 _dnssec_setting = None
14 _recursors = {}
15
d8319ad6
PL		 16 _dnssec_setting_ports = {'off': 5300,
17 'process-no-validate': 5301,
18 'process': 5302,
19 'validate': 5303}
7568b07d
PL		 20
21 @classmethod
22 def setUp(cls):
23 for setting in cls._dnssec_setting_ports:
24 confdir = os.path.join('configs', cls._confdir, setting)
25 cls.wipeRecursorCache(confdir)
26
27 @classmethod
28 def setUpClass(cls):
29 cls.setUpSockets()
30 confdir = os.path.join('configs', cls._confdir)
31 cls.createConfigDir(confdir)
32
33 cls.generateAllAuthConfig(confdir)
34 cls.startAllAuth(confdir)
35
36 for dnssec_setting, port in cls._dnssec_setting_ports.items():
37 cls._dnssec_setting = dnssec_setting
38 recConfdir = os.path.join(confdir, dnssec_setting)
39 cls.createConfigDir(recConfdir)
40 cls.generateRecursorConfig(recConfdir)
41 cls.startRecursor(recConfdir, port)
42 cls._recursors[dnssec_setting] = cls._recursor
43
44 @classmethod
45 def setUpSockets(cls):
46 cls._sock = {}
47 for dnssec_setting, port in cls._dnssec_setting_ports.items():
48 print("Setting up UDP socket..")
d8319ad6
PL		 49 cls._sock[dnssec_setting] = socket.socket(socket.AF_INET,
50 socket.SOCK_DGRAM)
7568b07d
PL		 51 cls._sock[dnssec_setting].settimeout(2.0)
52 cls._sock[dnssec_setting].connect(("127.0.0.1", port))
53
54 @classmethod
55 def sendUDPQuery(cls, query, dnssec_setting, timeout=2.0):
56 if timeout:
57 cls._sock[dnssec_setting].settimeout(timeout)
58
59 try:
60 cls._sock[dnssec_setting].send(query.to_wire())
61 data = cls._sock[dnssec_setting].recv(4096)
62 except socket.timeout:
63 data = None
64 finally:
65 if timeout:
66 cls._sock[dnssec_setting].settimeout(None)
67
68 msg = None
69 if data:
70 msg = dns.message.from_wire(data)
71 return msg
72
73 @classmethod
74 def tearDownClass(cls):
75 cls.tearDownAuth()
76 for _, recursor in cls._recursors.items():
77 cls._recursor = recursor
78 cls.tearDownRecursor()
79
80 def createQuery(self, name, rdtype, flags, ednsflags):
81 """Helper function that creates the query with the specified flags.
82 The flags need to be strings (no checking is performed atm)"""
83 msg = dns.message.make_query(name, rdtype)
84 msg.flags = dns.flags.from_text(flags)
85 msg.flags += dns.flags.from_text('RD')
86 msg.use_edns(edns=0, ednsflags=dns.flags.edns_from_text(ednsflags))
87 return msg
88
89 def getQueryForSecure(self, flags='', ednsflags=''):
90 return self.createQuery('ns1.example.', 'A', flags, ednsflags)
91
92 ##
93 # -AD -CD -DO
94 ##
95 def testOff_Secure_None(self):
96 msg = self.getQueryForSecure()
97 res = self.sendUDPQuery(msg, 'off')
98 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
99 self.assertNoRRSIGsInAnswer(res)
100
d8319ad6
PL		 101 def testProcessNoValidate_Secure_None(self):
102 msg = self.getQueryForSecure()
103 res = self.sendUDPQuery(msg, 'process-no-validate')
104 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
105 self.assertNoRRSIGsInAnswer(res)
106
7568b07d
PL		 107 def testProcess_Secure_None(self):
108 msg = self.getQueryForSecure()
109 res = self.sendUDPQuery(msg, 'process')
110 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
111 self.assertNoRRSIGsInAnswer(res)
112
7568b07d
PL		 113 def testValidate_Secure_None(self):
114 msg = self.getQueryForSecure()
115 res = self.sendUDPQuery(msg, 'validate')
116 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
117 self.assertNoRRSIGsInAnswer(res)
118
119 ##
120 # +AD -CD -DO
121 ##
7568b07d
PL		 122 def testOff_Secure_AD(self):
123 msg = self.getQueryForSecure('AD')
124 res = self.sendUDPQuery(msg, 'off')
125 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
126
7568b07d
PL		 127 self.assertNoRRSIGsInAnswer(res)
128
d8319ad6
PL		 129 def testProcessNoValidate_Secure_AD(self):
130 msg = self.getQueryForSecure('AD')
131 res = self.sendUDPQuery(msg, 'process-no-validate')
132 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
133 self.assertNoRRSIGsInAnswer(res)
134
7568b07d
PL		 135 def testProcess_Secure_AD(self):
136 msg = self.getQueryForSecure('AD')
137 res = self.sendUDPQuery(msg, 'process')
138 self.assertMessageIsAuthenticated(res)
139 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'])
140 self.assertNoRRSIGsInAnswer(res)
141
7568b07d
PL		 142 def testValidate_Secure_AD(self):
143 msg = self.getQueryForSecure('AD')
144 res = self.sendUDPQuery(msg, 'validate')
145
146 self.assertMessageIsAuthenticated(res)
147 self.assertMessageHasFlags(res, ['AD', 'RD', 'RA', 'QR'])
7568b07d
PL		 148 self.assertNoRRSIGsInAnswer(res)
149
150 ##
151 # +AD -CD +DO
152 ##
153 def testOff_Secure_ADDO(self):
154 msg = self.getQueryForSecure('AD', 'DO')
155 res = self.sendUDPQuery(msg, 'off')
156
157 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
158 self.assertNoRRSIGsInAnswer(res)
159
d8319ad6
PL		 160 def testProcessNoValidate_Secure_ADDO(self):
161 msg = self.getQueryForSecure('AD', 'DO')
162 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
163 res = self.sendUDPQuery(msg, 'process-no-validate')
164
165 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
166 self.assertMatchingRRSIGInAnswer(res, expected)
167
7568b07d
PL		 168 def testProcess_Secure_ADDO(self):
169 msg = self.getQueryForSecure('AD', 'DO')
170 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
171 res = self.sendUDPQuery(msg, 'process')
172
173 self.assertMessageIsAuthenticated(res)
174 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'], ['DO'])
175 self.assertMatchingRRSIGInAnswer(res, expected)
176
177 def testValidate_Secure_ADDO(self):
178 msg = self.getQueryForSecure('AD', 'DO')
179 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
180 res = self.sendUDPQuery(msg, 'validate')
181
182 self.assertMessageIsAuthenticated(res)
183 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'], ['DO'])
184 self.assertMatchingRRSIGInAnswer(res, expected)
185
186 ##
187 # +AD +CD +DO
188 ##
189 def testOff_Secure_ADDOCD(self):
190 msg = self.getQueryForSecure('AD CD', 'DO')
191 res = self.sendUDPQuery(msg, 'off')
192
7e6ad9dc 193 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
7568b07d 194
d8319ad6
PL		 195 def testProcessNoValidate_Secure_ADDOCD(self):
196 msg = self.getQueryForSecure('AD CD', 'DO')
197 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
198 res = self.sendUDPQuery(msg, 'process-no-validate')
199
200 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
201 self.assertMatchingRRSIGInAnswer(res, expected)
202
7568b07d
PL		 203 def testProcess_Secure_ADDOCD(self):
204 msg = self.getQueryForSecure('AD CD', 'DO')
205 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
206 res = self.sendUDPQuery(msg, 'process')
207
208 self.assertMessageIsAuthenticated(res)
209 self.assertMessageHasFlags(res, ['AD', 'CD', 'QR', 'RA', 'RD'], ['DO'])
210 self.assertMatchingRRSIGInAnswer(res, expected)
211
212 def testValidate_Secure_ADDOCD(self):
213 msg = self.getQueryForSecure('AD CD', 'DO')
214 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
215 res = self.sendUDPQuery(msg, 'validate')
216
217 self.assertMessageIsAuthenticated(res)
218 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD', 'CD'], ['DO'])
219 self.assertMatchingRRSIGInAnswer(res, expected)
220
221 ##
222 # -AD -CD +DO
223 ##
224 def testOff_Secure_DO(self):
225 msg = self.getQueryForSecure('', 'DO')
226 res = self.sendUDPQuery(msg, 'off')
227
228 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
229 self.assertNoRRSIGsInAnswer(res)
230
d8319ad6
PL		 231 def testProcessNoValidate_Secure_DO(self):
232 msg = self.getQueryForSecure('', 'DO')
233 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
234 res = self.sendUDPQuery(msg, 'process-no-validate')
235
236 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
237 self.assertMatchingRRSIGInAnswer(res, expected)
238
7568b07d
PL		 239 def testProcess_Secure_DO(self):
240 msg = self.getQueryForSecure('', 'DO')
241 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
242 res = self.sendUDPQuery(msg, 'process')
243
244 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
245 self.assertMatchingRRSIGInAnswer(res, expected)
246
7568b07d
PL		 247 def testValidate_Secure_DO(self):
248 msg = self.getQueryForSecure('', 'DO')
249 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
250 res = self.sendUDPQuery(msg, 'validate')
251
252 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
253 self.assertMatchingRRSIGInAnswer(res, expected)
254
255 ##
256 # -AD +CD +DO
257 ##
7568b07d
PL		 258 def testOff_Secure_DOCD(self):
259 msg = self.getQueryForSecure('CD', 'DO')
260 res = self.sendUDPQuery(msg, 'off')
261
262 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
263 self.assertNoRRSIGsInAnswer(res)
264
d8319ad6
PL		 265 def testProcessNoValidate_Secure_DOCD(self):
266 msg = self.getQueryForSecure('CD', 'DO')
267 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
268 res = self.sendUDPQuery(msg, 'process-no-validate')
269
270 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
271 self.assertMatchingRRSIGInAnswer(res, expected)
272
7568b07d
PL		 273 def testProcess_Secure_DOCD(self):
274 msg = self.getQueryForSecure('CD', 'DO')
275 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
276 res = self.sendUDPQuery(msg, 'process')
277
278 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
279 self.assertMatchingRRSIGInAnswer(res, expected)
280
7568b07d
PL		 281 def testValidate_Secure_DOCD(self):
282 msg = self.getQueryForSecure('CD', 'DO')
283 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
284 res = self.sendUDPQuery(msg, 'validate')
285
286 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
287 self.assertMatchingRRSIGInAnswer(res, expected)
288
289 ##
290 # -AD +CD -DO
291 ##
7568b07d
PL		 292 def testOff_Secure_CD(self):
293 msg = self.getQueryForSecure('CD')
294 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
295 res = self.sendUDPQuery(msg, 'off')
296
297 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
298 self.assertRRsetInAnswer(res, expected)
299 self.assertNoRRSIGsInAnswer(res)
300
d8319ad6
PL		 301 def testProcessNoValidate_Secure_CD(self):
302 msg = self.getQueryForSecure('CD')
303 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
304 res = self.sendUDPQuery(msg, 'process-no-validate')
305
306 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
307 self.assertRRsetInAnswer(res, expected)
308 self.assertNoRRSIGsInAnswer(res)
309
7568b07d
PL		 310 def testProcess_Secure_CD(self):
311 msg = self.getQueryForSecure('CD')
312 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
313 res = self.sendUDPQuery(msg, 'process')
314
315 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
316 self.assertRRsetInAnswer(res, expected)
317 self.assertNoRRSIGsInAnswer(res)
318
7568b07d
PL		 319 def testValidate_Secure_CD(self):
320 msg = self.getQueryForSecure('CD')
321 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
322 res = self.sendUDPQuery(msg, 'validate')
323
324 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
325 self.assertRRsetInAnswer(res, expected)
326 self.assertNoRRSIGsInAnswer(res)
327
328
329 ### Bogus
330 def getQueryForBogus(self, flags='', ednsflags=''):
331 return self.createQuery('ted.bogus.example.', 'A', flags, ednsflags)
332
333 ##
334 # -AD -CD -DO
335 ##
336 def testOff_Bogus_None(self):
337 msg = self.getQueryForBogus()
338 res = self.sendUDPQuery(msg, 'off')
339 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
340 self.assertRcodeEqual(res, dns.rcode.NOERROR)
341
d8319ad6
PL		 342 def testProcessNoValidate_Bogus_None(self):
343 msg = self.getQueryForBogus()
344 res = self.sendUDPQuery(msg, 'process-no-validate')
345 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
346 self.assertRcodeEqual(res, dns.rcode.NOERROR)
347
7568b07d
PL		 348 def testProcess_Bogus_None(self):
349 msg = self.getQueryForBogus()
350 res = self.sendUDPQuery(msg, 'process')
351 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
352 self.assertRcodeEqual(res, dns.rcode.NOERROR)
353
354 def testValidate_Bogus_None(self):
355 msg = self.getQueryForBogus()
356 res = self.sendUDPQuery(msg, 'validate')
357 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
358 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
359 self.assertAnswerEmpty(res)
360
361 ##
362 # +AD -CD -DO
363 ##
364 def testOff_Bogus_AD(self):
365 msg = self.getQueryForBogus('AD')
366 res = self.sendUDPQuery(msg, 'off')
367 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
368 self.assertRcodeEqual(res, dns.rcode.NOERROR)
369
d8319ad6
PL		 370 def testProcessNoValidate_Bogus_AD(self):
371 msg = self.getQueryForBogus('AD')
372 res = self.sendUDPQuery(msg, 'process-no-validate')
373 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
374 self.assertRcodeEqual(res, dns.rcode.NOERROR)
375
7568b07d
PL		 376 def testProcess_Bogus_AD(self):
377 msg = self.getQueryForBogus('AD')
378 res = self.sendUDPQuery(msg, 'process')
379 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
7568b07d
PL		 380 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
381 self.assertAnswerEmpty(res)
382
383 def testValidate_Bogus_AD(self):
384 msg = self.getQueryForBogus('AD')
385 res = self.sendUDPQuery(msg, 'validate')
386
387 self.assertMessageHasFlags(res, ['RD', 'RA', 'QR'])
388 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
389 self.assertAnswerEmpty(res)
390
391 ##
392 # +AD -CD +DO
393 ##
394 def testOff_Bogus_ADDO(self):
395 msg = self.getQueryForBogus('AD', 'DO')
396 res = self.sendUDPQuery(msg, 'off')
397
398 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
399 self.assertRcodeEqual(res, dns.rcode.NOERROR)
400
d8319ad6
PL		 401 def testProcessNoValidate_Bogus_ADDO(self):
402 msg = self.getQueryForBogus('AD', 'DO')
403 res = self.sendUDPQuery(msg, 'process-no-validate')
404
405 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
406 self.assertRcodeEqual(res, dns.rcode.NOERROR)
407
7568b07d
PL		 408 def testProcess_Bogus_ADDO(self):
409 msg = self.getQueryForBogus('AD', 'DO')
410 res = self.sendUDPQuery(msg, 'process')
411
412 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
7568b07d
PL		 413 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
414 self.assertAnswerEmpty(res)
415
416 def testValidate_Bogus_ADDO(self):
417 msg = self.getQueryForBogus('AD', 'DO')
418 res = self.sendUDPQuery(msg, 'validate')
419
420 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
421 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
422 self.assertAnswerEmpty(res)
423 ##
424 # +AD +CD +DO
425 ##
426 def testOff_Bogus_ADDOCD(self):
427 msg = self.getQueryForBogus('AD CD', 'DO')
428 res = self.sendUDPQuery(msg, 'off')
429
7e6ad9dc 430 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
7568b07d
PL		 431 self.assertRcodeEqual(res, dns.rcode.NOERROR)
432
d8319ad6
PL		 433 def testProcessNoValidate_Bogus_ADDOCD(self):
434 msg = self.getQueryForBogus('AD CD', 'DO')
435 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
436 res = self.sendUDPQuery(msg, 'process-no-validate')
437
438 self.assertRcodeEqual(res, dns.rcode.NOERROR)
439 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
440 self.assertMatchingRRSIGInAnswer(res, expected)
441
7568b07d
PL		 442 def testProcess_Bogus_ADDOCD(self):
443 msg = self.getQueryForBogus('AD CD', 'DO')
444 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
445 res = self.sendUDPQuery(msg, 'process')
446
447 self.assertRcodeEqual(res, dns.rcode.NOERROR)
448 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
449 self.assertMatchingRRSIGInAnswer(res, expected)
450
451 def testValidate_Bogus_ADDOCD(self):
452 msg = self.getQueryForBogus('AD CD', 'DO')
453 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
454 res = self.sendUDPQuery(msg, 'validate')
455
456 self.assertRcodeEqual(res, dns.rcode.NOERROR)
457 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
458 self.assertMatchingRRSIGInAnswer(res, expected)
459
460 ##
461 # -AD -CD +DO
462 ##
463 def testOff_Bogus_DO(self):
464 msg = self.getQueryForBogus('', 'DO')
465 res = self.sendUDPQuery(msg, 'off')
466
467 self.assertRcodeEqual(res, dns.rcode.NOERROR)
468 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
469 self.assertNoRRSIGsInAnswer(res)
470
d8319ad6
PL		 471 def testProcessNoValidate_Bogus_DO(self):
472 msg = self.getQueryForBogus('', 'DO')
473 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
474 res = self.sendUDPQuery(msg, 'process-no-validate')
475
476 self.assertRcodeEqual(res, dns.rcode.NOERROR)
477 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
478 self.assertMatchingRRSIGInAnswer(res, expected)
479
7568b07d
PL		 480 def testProcess_Bogus_DO(self):
481 msg = self.getQueryForBogus('', 'DO')
482 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
483 res = self.sendUDPQuery(msg, 'process')
484
485 self.assertRcodeEqual(res, dns.rcode.NOERROR)
486 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
487 self.assertMatchingRRSIGInAnswer(res, expected)
488
489 def testValidate_Bogus_DO(self):
490 msg = self.getQueryForBogus('', 'DO')
491 res = self.sendUDPQuery(msg, 'validate')
492
493 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
494 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
495 self.assertAnswerEmpty(res)
496
497 ##
498 # -AD +CD +DO
499 ##
7568b07d
PL		 500 def testOff_Bogus_DOCD(self):
501 msg = self.getQueryForBogus('CD', 'DO')
502 res = self.sendUDPQuery(msg, 'off')
503
504 self.assertRcodeEqual(res, dns.rcode.NOERROR)
505 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
506 self.assertNoRRSIGsInAnswer(res)
507
d8319ad6
PL		 508 def testProcessNoValidate_Bogus_DOCD(self):
509 msg = self.getQueryForBogus('CD', 'DO')
510 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
511 res = self.sendUDPQuery(msg, 'process-no-validate')
512
513 self.assertRcodeEqual(res, dns.rcode.NOERROR)
514 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
515 self.assertMatchingRRSIGInAnswer(res, expected)
516
7568b07d
PL		 517 def testProcess_Bogus_DOCD(self):
518 msg = self.getQueryForBogus('CD', 'DO')
519 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
520 res = self.sendUDPQuery(msg, 'process')
521
522 self.assertRcodeEqual(res, dns.rcode.NOERROR)
523 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
524 self.assertMatchingRRSIGInAnswer(res, expected)
525
526 def testValidate_Bogus_DOCD(self):
527 msg = self.getQueryForBogus('CD', 'DO')
528 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
529 res = self.sendUDPQuery(msg, 'validate')
530
531 self.assertRcodeEqual(res, dns.rcode.NOERROR)
532 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
533 self.assertMatchingRRSIGInAnswer(res, expected)
534
535 ##
536 # -AD +CD -DO
537 ##
7568b07d
PL		 538 def testOff_Bogus_CD(self):
539 msg = self.getQueryForBogus('CD')
540 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
541 res = self.sendUDPQuery(msg, 'off')
542
543 self.assertRcodeEqual(res, dns.rcode.NOERROR)
544 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
545 self.assertRRsetInAnswer(res, expected)
546 self.assertNoRRSIGsInAnswer(res)
547
d8319ad6
PL		 548 def testProcessNoValidate_Bogus_CD(self):
549 msg = self.getQueryForBogus('CD')
550 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
551 res = self.sendUDPQuery(msg, 'process-no-validate')
552
553 self.assertRcodeEqual(res, dns.rcode.NOERROR)
554 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
555 self.assertRRsetInAnswer(res, expected)
556 self.assertNoRRSIGsInAnswer(res)
557
7568b07d
PL		 558 def testProcess_Bogus_CD(self):
559 msg = self.getQueryForBogus('CD')
560 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
561 res = self.sendUDPQuery(msg, 'process')
562
563 self.assertRcodeEqual(res, dns.rcode.NOERROR)
564 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
565 self.assertRRsetInAnswer(res, expected)
566 self.assertNoRRSIGsInAnswer(res)
567
7568b07d
PL		 568 def testValidate_Bogus_CD(self):
569 msg = self.getQueryForBogus('CD')
570 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
571 res = self.sendUDPQuery(msg, 'validate')
572
573 self.assertRcodeEqual(res, dns.rcode.NOERROR)
574 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
575 self.assertRRsetInAnswer(res, expected)
576 self.assertNoRRSIGsInAnswer(res)
577
578
579 ## Insecure
580 def getQueryForInsecure(self, flags='', ednsflags=''):
581 return self.createQuery('node1.insecure.example.', 'A', flags, ednsflags)
582
583 ##
584 # -AD -CD -DO
585 ##
586 def testOff_Insecure_None(self):
587 msg = self.getQueryForInsecure()
588 res = self.sendUDPQuery(msg, 'off')
589 self.assertRcodeEqual(res, dns.rcode.NOERROR)
590 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
591 self.assertNoRRSIGsInAnswer(res)
592
d8319ad6
PL		 593 def testProcessNoValidate_Insecure_None(self):
594 msg = self.getQueryForInsecure()
595 res = self.sendUDPQuery(msg, 'process-no-validate')
596 self.assertRcodeEqual(res, dns.rcode.NOERROR)
597 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
598 self.assertNoRRSIGsInAnswer(res)
599
7568b07d
PL		 600 def testProcess_Insecure_None(self):
601 msg = self.getQueryForInsecure()
602 res = self.sendUDPQuery(msg, 'process')
603 self.assertRcodeEqual(res, dns.rcode.NOERROR)
604 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
605 self.assertNoRRSIGsInAnswer(res)
606
607 def testValidate_Insecure_None(self):
608 msg = self.getQueryForInsecure()
609 res = self.sendUDPQuery(msg, 'validate')
610 self.assertRcodeEqual(res, dns.rcode.NOERROR)
611 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
612 self.assertNoRRSIGsInAnswer(res)
613
614 ##
615 # +AD -CD -DO
616 ##
617 def testOff_Insecure_AD(self):
618 msg = self.getQueryForInsecure('AD')
619 res = self.sendUDPQuery(msg, 'off')
620
621 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
622 self.assertNoRRSIGsInAnswer(res)
623 self.assertRcodeEqual(res, dns.rcode.NOERROR)
624
d8319ad6
PL		 625 def testProcessNoValidate_Insecure_AD(self):
626 msg = self.getQueryForInsecure('AD')
627 res = self.sendUDPQuery(msg, 'process-no-validate')
628
629 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
630 self.assertNoRRSIGsInAnswer(res)
631 self.assertRcodeEqual(res, dns.rcode.NOERROR)
632
7568b07d
PL		 633 def testProcess_Insecure_AD(self):
634 msg = self.getQueryForInsecure('AD')
635 res = self.sendUDPQuery(msg, 'process')
636
637 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
638 self.assertNoRRSIGsInAnswer(res)
639 self.assertRcodeEqual(res, dns.rcode.NOERROR)
640
641 def testValidate_Insecure_AD(self):
642 msg = self.getQueryForInsecure('AD')
643 res = self.sendUDPQuery(msg, 'validate')
644
645 self.assertMessageHasFlags(res, ['RD', 'RA', 'QR'])
646 self.assertNoRRSIGsInAnswer(res)
647 self.assertRcodeEqual(res, dns.rcode.NOERROR)
648
649 ##
650 # +AD -CD +DO
651 ##
652 def testOff_Insecure_ADDO(self):
653 msg = self.getQueryForInsecure('AD', 'DO')
654 res = self.sendUDPQuery(msg, 'off')
655
656 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
657 self.assertNoRRSIGsInAnswer(res)
658 self.assertRcodeEqual(res, dns.rcode.NOERROR)
659
d8319ad6
PL		 660 def testProcessNoValidate_Insecure_ADDO(self):
661 msg = self.getQueryForInsecure('AD', 'DO')
662 res = self.sendUDPQuery(msg, 'process-no-validate')
663
664 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
665 self.assertNoRRSIGsInAnswer(res)
666 self.assertRcodeEqual(res, dns.rcode.NOERROR)
667
7568b07d
PL		 668 def testProcess_Insecure_ADDO(self):
669 msg = self.getQueryForInsecure('AD', 'DO')
670 res = self.sendUDPQuery(msg, 'process')
671
672 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
673 self.assertNoRRSIGsInAnswer(res)
674 self.assertRcodeEqual(res, dns.rcode.NOERROR)
675
676 def testValidate_Insecure_ADDO(self):
677 msg = self.getQueryForInsecure('AD', 'DO')
678 res = self.sendUDPQuery(msg, 'validate')
679
680 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
681 self.assertNoRRSIGsInAnswer(res)
682 self.assertRcodeEqual(res, dns.rcode.NOERROR)
683
684 ##
685 # +AD +CD +DO
686 ##
687 def testOff_Insecure_ADDOCD(self):
688 msg = self.getQueryForInsecure('AD CD', 'DO')
689 res = self.sendUDPQuery(msg, 'off')
690
7e6ad9dc 691 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
7568b07d
PL		 692 self.assertNoRRSIGsInAnswer(res)
693 self.assertRcodeEqual(res, dns.rcode.NOERROR)
694
d8319ad6
PL		 695 def testProcessNoValidate_Insecure_ADDOCD(self):
696 msg = self.getQueryForInsecure('AD CD', 'DO')
697 res = self.sendUDPQuery(msg, 'process-no-validate')
698
699 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
700 self.assertNoRRSIGsInAnswer(res)
701 self.assertRcodeEqual(res, dns.rcode.NOERROR)
702
7568b07d
PL		 703 def testProcess_Insecure_ADDOCD(self):
704 msg = self.getQueryForInsecure('AD CD', 'DO')
705 res = self.sendUDPQuery(msg, 'process')
706
707 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
708 self.assertNoRRSIGsInAnswer(res)
709 self.assertRcodeEqual(res, dns.rcode.NOERROR)
710
711 def testValidate_Insecure_ADDOCD(self):
712 msg = self.getQueryForInsecure('AD CD', 'DO')
713 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
714 res = self.sendUDPQuery(msg, 'validate')
715
716 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
717 self.assertNoRRSIGsInAnswer(res)
718 self.assertRcodeEqual(res, dns.rcode.NOERROR)
719
720 ##
721 # -AD -CD +DO
722 ##
723 def testOff_Insecure_DO(self):
724 msg = self.getQueryForInsecure('', 'DO')
725 res = self.sendUDPQuery(msg, 'off')
726
727 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
728 self.assertNoRRSIGsInAnswer(res)
729 self.assertRcodeEqual(res, dns.rcode.NOERROR)
730
d8319ad6
PL		 731 def testProcessNoValidate_Insecure_DO(self):
732 msg = self.getQueryForInsecure('', 'DO')
733 res = self.sendUDPQuery(msg, 'process-no-validate')
734
735 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
736 self.assertNoRRSIGsInAnswer(res)
737 self.assertRcodeEqual(res, dns.rcode.NOERROR)
738
7568b07d
PL		 739 def testProcess_Insecure_DO(self):
740 msg = self.getQueryForInsecure('', 'DO')
741 res = self.sendUDPQuery(msg, 'process')
742
743 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
744 self.assertNoRRSIGsInAnswer(res)
745 self.assertRcodeEqual(res, dns.rcode.NOERROR)
746
747 def testValidate_Insecure_DO(self):
748 msg = self.getQueryForInsecure('', 'DO')
749 res = self.sendUDPQuery(msg, 'validate')
750
751 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
752 self.assertNoRRSIGsInAnswer(res)
753 self.assertRcodeEqual(res, dns.rcode.NOERROR)
754
755 ##
756 # -AD +CD +DO
757 ##
7568b07d
PL		 758 def testOff_Insecure_DOCD(self):
759 msg = self.getQueryForInsecure('CD', 'DO')
760 res = self.sendUDPQuery(msg, 'off')
761
762 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
763 self.assertNoRRSIGsInAnswer(res)
764 self.assertRcodeEqual(res, dns.rcode.NOERROR)
765
d8319ad6
PL		 766 def testProcessNoValidate_Insecure_DOCD(self):
767 msg = self.getQueryForInsecure('CD', 'DO')
768 res = self.sendUDPQuery(msg, 'process-no-validate')
769
770 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
771 self.assertNoRRSIGsInAnswer(res)
772 self.assertRcodeEqual(res, dns.rcode.NOERROR)
773
7568b07d
PL		 774 def testProcess_Insecure_DOCD(self):
775 msg = self.getQueryForInsecure('CD', 'DO')
776 res = self.sendUDPQuery(msg, 'process')
777
778 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
779 self.assertNoRRSIGsInAnswer(res)
780 self.assertRcodeEqual(res, dns.rcode.NOERROR)
781
782 def testValidate_Insecure_DOCD(self):
783 msg = self.getQueryForInsecure('CD', 'DO')
784 res = self.sendUDPQuery(msg, 'validate')
785
786 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
787 self.assertNoRRSIGsInAnswer(res)
788 self.assertRcodeEqual(res, dns.rcode.NOERROR)
789
790 ##
791 # -AD +CD -DO
792 ##
7568b07d
PL		 793 def testOff_Insecure_CD(self):
794 msg = self.getQueryForInsecure('CD')
795 res = self.sendUDPQuery(msg, 'off')
796
797 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
798 self.assertNoRRSIGsInAnswer(res)
799 self.assertRcodeEqual(res, dns.rcode.NOERROR)
800
d8319ad6
PL		 801 def testProcessNoValidate_Insecure_CD(self):
802 msg = self.getQueryForInsecure('CD')
803 res = self.sendUDPQuery(msg, 'process-no-validate')
804
805 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
806 self.assertNoRRSIGsInAnswer(res)
807 self.assertRcodeEqual(res, dns.rcode.NOERROR)
808
7568b07d
PL		 809 def testProcess_Insecure_CD(self):
810 msg = self.getQueryForInsecure('CD')
811 res = self.sendUDPQuery(msg, 'process')
812
813 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
814 self.assertNoRRSIGsInAnswer(res)
815 self.assertRcodeEqual(res, dns.rcode.NOERROR)
816
817 def testValidate_Insecure_CD(self):
818 msg = self.getQueryForInsecure('CD')
819 res = self.sendUDPQuery(msg, 'validate')
820
821 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
822 self.assertNoRRSIGsInAnswer(res)
823 self.assertRcodeEqual(res, dns.rcode.NOERROR)
Unnamed repository; edit this file 'description' to name the repository.