]> git.ipfire.org Git - thirdparty/pdns.git/blob - regression-tests.recursor-dnssec/test_Flags.py
projects / thirdparty / pdns.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #7299 from rgacogne/rec-load-suffix-list
[thirdparty/pdns.git] / regression-tests.recursor-dnssec / test_Flags.py
1 import os
2 import socket
3
4 import dns
5 from recursortests import RecursorTest
6
7
8 class TestFlags(RecursorTest):
9 _confdir = 'Flags'
10 _config_template = """dnssec=%s"""
11 _config_params = ['_dnssec_setting']
12 _dnssec_setting = None
13 _recursors = {}
14
15 _dnssec_setting_ports = {'off': 5300,
16 'process-no-validate': 5301,
17 'process': 5302,
18 'validate': 5303}
19
20 @classmethod
21 def setUp(cls):
22 for setting in cls._dnssec_setting_ports:
23 confdir = os.path.join('configs', cls._confdir, setting)
24 cls.wipeRecursorCache(confdir)
25
26 @classmethod
27 def setUpClass(cls):
28 cls.setUpSockets()
29 confdir = os.path.join('configs', cls._confdir)
30 cls.createConfigDir(confdir)
31
32 cls.generateAllAuthConfig(confdir)
33 cls.startAllAuth(confdir)
34
35 for dnssec_setting, port in cls._dnssec_setting_ports.items():
36 cls._dnssec_setting = dnssec_setting
37 recConfdir = os.path.join(confdir, dnssec_setting)
38 cls.createConfigDir(recConfdir)
39 cls.generateRecursorConfig(recConfdir)
40 cls.startRecursor(recConfdir, port)
41 cls._recursors[dnssec_setting] = cls._recursor
42
43 @classmethod
44 def setUpSockets(cls):
45 cls._sock = {}
46 for dnssec_setting, port in cls._dnssec_setting_ports.items():
47 print("Setting up UDP socket..")
48 cls._sock[dnssec_setting] = socket.socket(socket.AF_INET,
49 socket.SOCK_DGRAM)
50 cls._sock[dnssec_setting].settimeout(2.0)
51 cls._sock[dnssec_setting].connect(("127.0.0.1", port))
52
53 @classmethod
54 def sendUDPQuery(cls, query, dnssec_setting, timeout=2.0):
55 if timeout:
56 cls._sock[dnssec_setting].settimeout(timeout)
57
58 try:
59 cls._sock[dnssec_setting].send(query.to_wire())
60 data = cls._sock[dnssec_setting].recv(4096)
61 except socket.timeout:
62 data = None
63 finally:
64 if timeout:
65 cls._sock[dnssec_setting].settimeout(None)
66
67 msg = None
68 if data:
69 msg = dns.message.from_wire(data)
70 return msg
71
72 @classmethod
73 def tearDownClass(cls):
74 cls.tearDownAuth()
75 for _, recursor in cls._recursors.items():
76 cls._recursor = recursor
77 cls.tearDownRecursor()
78
79 def createQuery(self, name, rdtype, flags, ednsflags):
80 """Helper function that creates the query with the specified flags.
81 The flags need to be strings (no checking is performed atm)"""
82 msg = dns.message.make_query(name, rdtype)
83 msg.flags = dns.flags.from_text(flags)
84 msg.flags += dns.flags.from_text('RD')
85 msg.use_edns(edns=0, ednsflags=dns.flags.edns_from_text(ednsflags))
86 return msg
87
88 def getQueryForSecure(self, flags='', ednsflags=''):
89 return self.createQuery('ns1.example.', 'A', flags, ednsflags)
90
91 ##
92 # -AD -CD -DO
93 ##
94 def testOff_Secure_None(self):
95 msg = self.getQueryForSecure()
96 res = self.sendUDPQuery(msg, 'off')
97 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
98 self.assertNoRRSIGsInAnswer(res)
99
100 def testProcessNoValidate_Secure_None(self):
101 msg = self.getQueryForSecure()
102 res = self.sendUDPQuery(msg, 'process-no-validate')
103 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
104 self.assertNoRRSIGsInAnswer(res)
105
106 def testProcess_Secure_None(self):
107 msg = self.getQueryForSecure()
108 res = self.sendUDPQuery(msg, 'process')
109 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
110 self.assertNoRRSIGsInAnswer(res)
111
112 def testValidate_Secure_None(self):
113 msg = self.getQueryForSecure()
114 res = self.sendUDPQuery(msg, 'validate')
115 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
116 self.assertNoRRSIGsInAnswer(res)
117
118 ##
119 # +AD -CD -DO
120 ##
121 def testOff_Secure_AD(self):
122 msg = self.getQueryForSecure('AD')
123 res = self.sendUDPQuery(msg, 'off')
124 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
125
126 self.assertNoRRSIGsInAnswer(res)
127
128 def testProcessNoValidate_Secure_AD(self):
129 msg = self.getQueryForSecure('AD')
130 res = self.sendUDPQuery(msg, 'process-no-validate')
131 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
132 self.assertNoRRSIGsInAnswer(res)
133
134 def testProcess_Secure_AD(self):
135 msg = self.getQueryForSecure('AD')
136 res = self.sendUDPQuery(msg, 'process')
137 self.assertMessageIsAuthenticated(res)
138 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'])
139 self.assertNoRRSIGsInAnswer(res)
140
141 def testValidate_Secure_AD(self):
142 msg = self.getQueryForSecure('AD')
143 res = self.sendUDPQuery(msg, 'validate')
144
145 self.assertMessageIsAuthenticated(res)
146 self.assertMessageHasFlags(res, ['AD', 'RD', 'RA', 'QR'])
147 self.assertNoRRSIGsInAnswer(res)
148
149 ##
150 # +AD -CD +DO
151 ##
152 def testOff_Secure_ADDO(self):
153 msg = self.getQueryForSecure('AD', 'DO')
154 res = self.sendUDPQuery(msg, 'off')
155
156 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
157 self.assertNoRRSIGsInAnswer(res)
158
159 def testProcessNoValidate_Secure_ADDO(self):
160 msg = self.getQueryForSecure('AD', 'DO')
161 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
162 res = self.sendUDPQuery(msg, 'process-no-validate')
163
164 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
165 self.assertMatchingRRSIGInAnswer(res, expected)
166
167 def testProcess_Secure_ADDO(self):
168 msg = self.getQueryForSecure('AD', 'DO')
169 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
170 res = self.sendUDPQuery(msg, 'process')
171
172 self.assertMessageIsAuthenticated(res)
173 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'], ['DO'])
174 self.assertMatchingRRSIGInAnswer(res, expected)
175
176 def testValidate_Secure_ADDO(self):
177 msg = self.getQueryForSecure('AD', 'DO')
178 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
179 res = self.sendUDPQuery(msg, 'validate')
180
181 self.assertMessageIsAuthenticated(res)
182 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'], ['DO'])
183 self.assertMatchingRRSIGInAnswer(res, expected)
184
185 ##
186 # +AD +CD +DO
187 ##
188 def testOff_Secure_ADDOCD(self):
189 msg = self.getQueryForSecure('AD CD', 'DO')
190 res = self.sendUDPQuery(msg, 'off')
191
192 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
193
194 def testProcessNoValidate_Secure_ADDOCD(self):
195 msg = self.getQueryForSecure('AD CD', 'DO')
196 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
197 res = self.sendUDPQuery(msg, 'process-no-validate')
198
199 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
200 self.assertMatchingRRSIGInAnswer(res, expected)
201
202 def testProcess_Secure_ADDOCD(self):
203 msg = self.getQueryForSecure('AD CD', 'DO')
204 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
205 res = self.sendUDPQuery(msg, 'process')
206
207 self.assertMessageIsAuthenticated(res)
208 self.assertMessageHasFlags(res, ['AD', 'CD', 'QR', 'RA', 'RD'], ['DO'])
209 self.assertMatchingRRSIGInAnswer(res, expected)
210
211 def testValidate_Secure_ADDOCD(self):
212 msg = self.getQueryForSecure('AD CD', 'DO')
213 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
214 res = self.sendUDPQuery(msg, 'validate')
215
216 self.assertMessageIsAuthenticated(res)
217 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD', 'CD'], ['DO'])
218 self.assertMatchingRRSIGInAnswer(res, expected)
219
220 ##
221 # -AD -CD +DO
222 ##
223 def testOff_Secure_DO(self):
224 msg = self.getQueryForSecure('', 'DO')
225 res = self.sendUDPQuery(msg, 'off')
226
227 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
228 self.assertNoRRSIGsInAnswer(res)
229
230 def testProcessNoValidate_Secure_DO(self):
231 msg = self.getQueryForSecure('', 'DO')
232 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
233 res = self.sendUDPQuery(msg, 'process-no-validate')
234
235 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
236 self.assertMatchingRRSIGInAnswer(res, expected)
237
238 def testProcess_Secure_DO(self):
239 msg = self.getQueryForSecure('', 'DO')
240 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
241 res = self.sendUDPQuery(msg, 'process')
242
243 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'], ['DO'])
244 self.assertMatchingRRSIGInAnswer(res, expected)
245
246 def testValidate_Secure_DO(self):
247 msg = self.getQueryForSecure('', 'DO')
248 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
249 res = self.sendUDPQuery(msg, 'validate')
250
251 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD'], ['DO'])
252 self.assertMatchingRRSIGInAnswer(res, expected)
253
254 ##
255 # -AD +CD +DO
256 ##
257 def testOff_Secure_DOCD(self):
258 msg = self.getQueryForSecure('CD', 'DO')
259 res = self.sendUDPQuery(msg, 'off')
260
261 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
262 self.assertNoRRSIGsInAnswer(res)
263
264 def testProcessNoValidate_Secure_DOCD(self):
265 msg = self.getQueryForSecure('CD', 'DO')
266 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
267 res = self.sendUDPQuery(msg, 'process-no-validate')
268
269 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
270 self.assertMatchingRRSIGInAnswer(res, expected)
271
272 def testProcess_Secure_DOCD(self):
273 msg = self.getQueryForSecure('CD', 'DO')
274 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
275 res = self.sendUDPQuery(msg, 'process')
276
277 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD', 'CD'], ['DO'])
278 self.assertMatchingRRSIGInAnswer(res, expected)
279
280 def testValidate_Secure_DOCD(self):
281 msg = self.getQueryForSecure('CD', 'DO')
282 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
283 res = self.sendUDPQuery(msg, 'validate')
284
285 self.assertMessageHasFlags(res, ['AD', 'QR', 'RA', 'RD', 'CD'], ['DO'])
286 self.assertMatchingRRSIGInAnswer(res, expected)
287
288 ##
289 # -AD +CD -DO
290 ##
291 def testOff_Secure_CD(self):
292 msg = self.getQueryForSecure('CD')
293 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
294 res = self.sendUDPQuery(msg, 'off')
295
296 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
297 self.assertRRsetInAnswer(res, expected)
298 self.assertNoRRSIGsInAnswer(res)
299
300 def testProcessNoValidate_Secure_CD(self):
301 msg = self.getQueryForSecure('CD')
302 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
303 res = self.sendUDPQuery(msg, 'process-no-validate')
304
305 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
306 self.assertRRsetInAnswer(res, expected)
307 self.assertNoRRSIGsInAnswer(res)
308
309 def testProcess_Secure_CD(self):
310 msg = self.getQueryForSecure('CD')
311 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
312 res = self.sendUDPQuery(msg, 'process')
313
314 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
315 self.assertRRsetInAnswer(res, expected)
316 self.assertNoRRSIGsInAnswer(res)
317
318 def testValidate_Secure_CD(self):
319 msg = self.getQueryForSecure('CD')
320 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
321 res = self.sendUDPQuery(msg, 'validate')
322
323 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
324 self.assertRRsetInAnswer(res, expected)
325 self.assertNoRRSIGsInAnswer(res)
326
327
328 ### Bogus
329 def getQueryForBogus(self, flags='', ednsflags=''):
330 return self.createQuery('ted.bogus.example.', 'A', flags, ednsflags)
331
332 ##
333 # -AD -CD -DO
334 ##
335 def testOff_Bogus_None(self):
336 msg = self.getQueryForBogus()
337 res = self.sendUDPQuery(msg, 'off')
338 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
339 self.assertRcodeEqual(res, dns.rcode.NOERROR)
340
341 def testProcessNoValidate_Bogus_None(self):
342 msg = self.getQueryForBogus()
343 res = self.sendUDPQuery(msg, 'process-no-validate')
344 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
345 self.assertRcodeEqual(res, dns.rcode.NOERROR)
346
347 def testProcess_Bogus_None(self):
348 msg = self.getQueryForBogus()
349 res = self.sendUDPQuery(msg, 'process')
350 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
351 self.assertRcodeEqual(res, dns.rcode.NOERROR)
352
353 def testValidate_Bogus_None(self):
354 msg = self.getQueryForBogus()
355 res = self.sendUDPQuery(msg, 'validate')
356 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
357 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
358 self.assertAnswerEmpty(res)
359
360 ##
361 # +AD -CD -DO
362 ##
363 def testOff_Bogus_AD(self):
364 msg = self.getQueryForBogus('AD')
365 res = self.sendUDPQuery(msg, 'off')
366 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
367 self.assertRcodeEqual(res, dns.rcode.NOERROR)
368
369 def testProcessNoValidate_Bogus_AD(self):
370 msg = self.getQueryForBogus('AD')
371 res = self.sendUDPQuery(msg, 'process-no-validate')
372 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
373 self.assertRcodeEqual(res, dns.rcode.NOERROR)
374
375 def testProcess_Bogus_AD(self):
376 msg = self.getQueryForBogus('AD')
377 res = self.sendUDPQuery(msg, 'process')
378 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
379 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
380 self.assertAnswerEmpty(res)
381
382 def testValidate_Bogus_AD(self):
383 msg = self.getQueryForBogus('AD')
384 res = self.sendUDPQuery(msg, 'validate')
385
386 self.assertMessageHasFlags(res, ['RD', 'RA', 'QR'])
387 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
388 self.assertAnswerEmpty(res)
389
390 ##
391 # +AD -CD +DO
392 ##
393 def testOff_Bogus_ADDO(self):
394 msg = self.getQueryForBogus('AD', 'DO')
395 res = self.sendUDPQuery(msg, 'off')
396
397 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
398 self.assertRcodeEqual(res, dns.rcode.NOERROR)
399
400 def testProcessNoValidate_Bogus_ADDO(self):
401 msg = self.getQueryForBogus('AD', 'DO')
402 res = self.sendUDPQuery(msg, 'process-no-validate')
403
404 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
405 self.assertRcodeEqual(res, dns.rcode.NOERROR)
406
407 def testProcess_Bogus_ADDO(self):
408 msg = self.getQueryForBogus('AD', 'DO')
409 res = self.sendUDPQuery(msg, 'process')
410
411 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
412 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
413 self.assertAnswerEmpty(res)
414
415 def testValidate_Bogus_ADDO(self):
416 msg = self.getQueryForBogus('AD', 'DO')
417 res = self.sendUDPQuery(msg, 'validate')
418
419 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
420 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
421 self.assertAnswerEmpty(res)
422 ##
423 # +AD +CD +DO
424 ##
425 def testOff_Bogus_ADDOCD(self):
426 msg = self.getQueryForBogus('AD CD', 'DO')
427 res = self.sendUDPQuery(msg, 'off')
428
429 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
430 self.assertRcodeEqual(res, dns.rcode.NOERROR)
431
432 def testProcessNoValidate_Bogus_ADDOCD(self):
433 msg = self.getQueryForBogus('AD CD', 'DO')
434 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
435 res = self.sendUDPQuery(msg, 'process-no-validate')
436
437 self.assertRcodeEqual(res, dns.rcode.NOERROR)
438 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
439 self.assertMatchingRRSIGInAnswer(res, expected)
440
441 def testProcess_Bogus_ADDOCD(self):
442 msg = self.getQueryForBogus('AD CD', 'DO')
443 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
444 res = self.sendUDPQuery(msg, 'process')
445
446 self.assertRcodeEqual(res, dns.rcode.NOERROR)
447 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
448 self.assertMatchingRRSIGInAnswer(res, expected)
449
450 def testValidate_Bogus_ADDOCD(self):
451 msg = self.getQueryForBogus('AD CD', 'DO')
452 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
453 res = self.sendUDPQuery(msg, 'validate')
454
455 self.assertRcodeEqual(res, dns.rcode.NOERROR)
456 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
457 self.assertMatchingRRSIGInAnswer(res, expected)
458
459 ##
460 # -AD -CD +DO
461 ##
462 def testOff_Bogus_DO(self):
463 msg = self.getQueryForBogus('', 'DO')
464 res = self.sendUDPQuery(msg, 'off')
465
466 self.assertRcodeEqual(res, dns.rcode.NOERROR)
467 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
468 self.assertNoRRSIGsInAnswer(res)
469
470 def testProcessNoValidate_Bogus_DO(self):
471 msg = self.getQueryForBogus('', 'DO')
472 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
473 res = self.sendUDPQuery(msg, 'process-no-validate')
474
475 self.assertRcodeEqual(res, dns.rcode.NOERROR)
476 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
477 self.assertMatchingRRSIGInAnswer(res, expected)
478
479 def testProcess_Bogus_DO(self):
480 msg = self.getQueryForBogus('', 'DO')
481 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
482 res = self.sendUDPQuery(msg, 'process')
483
484 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
485 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
486 self.assertAnswerEmpty(res)
487
488 def testValidate_Bogus_DO(self):
489 msg = self.getQueryForBogus('', 'DO')
490 res = self.sendUDPQuery(msg, 'validate')
491
492 self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
493 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
494 self.assertAnswerEmpty(res)
495
496 ##
497 # -AD +CD +DO
498 ##
499 def testOff_Bogus_DOCD(self):
500 msg = self.getQueryForBogus('CD', 'DO')
501 res = self.sendUDPQuery(msg, 'off')
502
503 self.assertRcodeEqual(res, dns.rcode.NOERROR)
504 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
505 self.assertNoRRSIGsInAnswer(res)
506
507 def testProcessNoValidate_Bogus_DOCD(self):
508 msg = self.getQueryForBogus('CD', 'DO')
509 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
510 res = self.sendUDPQuery(msg, 'process-no-validate')
511
512 self.assertRcodeEqual(res, dns.rcode.NOERROR)
513 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
514 self.assertMatchingRRSIGInAnswer(res, expected)
515
516 def testProcess_Bogus_DOCD(self):
517 msg = self.getQueryForBogus('CD', 'DO')
518 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
519 res = self.sendUDPQuery(msg, 'process')
520
521 self.assertRcodeEqual(res, dns.rcode.NOERROR)
522 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
523 self.assertMatchingRRSIGInAnswer(res, expected)
524
525 def testValidate_Bogus_DOCD(self):
526 msg = self.getQueryForBogus('CD', 'DO')
527 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
528 res = self.sendUDPQuery(msg, 'validate')
529
530 self.assertRcodeEqual(res, dns.rcode.NOERROR)
531 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
532 self.assertMatchingRRSIGInAnswer(res, expected)
533
534 ##
535 # -AD +CD -DO
536 ##
537 def testOff_Bogus_CD(self):
538 msg = self.getQueryForBogus('CD')
539 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
540 res = self.sendUDPQuery(msg, 'off')
541
542 self.assertRcodeEqual(res, dns.rcode.NOERROR)
543 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
544 self.assertRRsetInAnswer(res, expected)
545 self.assertNoRRSIGsInAnswer(res)
546
547 def testProcessNoValidate_Bogus_CD(self):
548 msg = self.getQueryForBogus('CD')
549 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
550 res = self.sendUDPQuery(msg, 'process-no-validate')
551
552 self.assertRcodeEqual(res, dns.rcode.NOERROR)
553 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
554 self.assertRRsetInAnswer(res, expected)
555 self.assertNoRRSIGsInAnswer(res)
556
557 def testProcess_Bogus_CD(self):
558 msg = self.getQueryForBogus('CD')
559 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
560 res = self.sendUDPQuery(msg, 'process')
561
562 self.assertRcodeEqual(res, dns.rcode.NOERROR)
563 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
564 self.assertRRsetInAnswer(res, expected)
565 self.assertNoRRSIGsInAnswer(res)
566
567 def testValidate_Bogus_CD(self):
568 msg = self.getQueryForBogus('CD')
569 expected = dns.rrset.from_text('ted.bogus.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.1')
570 res = self.sendUDPQuery(msg, 'validate')
571
572 self.assertRcodeEqual(res, dns.rcode.NOERROR)
573 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
574 self.assertRRsetInAnswer(res, expected)
575 self.assertNoRRSIGsInAnswer(res)
576
577
578 ## Insecure
579 def getQueryForInsecure(self, flags='', ednsflags=''):
580 return self.createQuery('node1.insecure.example.', 'A', flags, ednsflags)
581
582 ##
583 # -AD -CD -DO
584 ##
585 def testOff_Insecure_None(self):
586 msg = self.getQueryForInsecure()
587 res = self.sendUDPQuery(msg, 'off')
588 self.assertRcodeEqual(res, dns.rcode.NOERROR)
589 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
590 self.assertNoRRSIGsInAnswer(res)
591
592 def testProcessNoValidate_Insecure_None(self):
593 msg = self.getQueryForInsecure()
594 res = self.sendUDPQuery(msg, 'process-no-validate')
595 self.assertRcodeEqual(res, dns.rcode.NOERROR)
596 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
597 self.assertNoRRSIGsInAnswer(res)
598
599 def testProcess_Insecure_None(self):
600 msg = self.getQueryForInsecure()
601 res = self.sendUDPQuery(msg, 'process')
602 self.assertRcodeEqual(res, dns.rcode.NOERROR)
603 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
604 self.assertNoRRSIGsInAnswer(res)
605
606 def testValidate_Insecure_None(self):
607 msg = self.getQueryForInsecure()
608 res = self.sendUDPQuery(msg, 'validate')
609 self.assertRcodeEqual(res, dns.rcode.NOERROR)
610 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
611 self.assertNoRRSIGsInAnswer(res)
612
613 ##
614 # +AD -CD -DO
615 ##
616 def testOff_Insecure_AD(self):
617 msg = self.getQueryForInsecure('AD')
618 res = self.sendUDPQuery(msg, 'off')
619
620 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
621 self.assertNoRRSIGsInAnswer(res)
622 self.assertRcodeEqual(res, dns.rcode.NOERROR)
623
624 def testProcessNoValidate_Insecure_AD(self):
625 msg = self.getQueryForInsecure('AD')
626 res = self.sendUDPQuery(msg, 'process-no-validate')
627
628 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
629 self.assertNoRRSIGsInAnswer(res)
630 self.assertRcodeEqual(res, dns.rcode.NOERROR)
631
632 def testProcess_Insecure_AD(self):
633 msg = self.getQueryForInsecure('AD')
634 res = self.sendUDPQuery(msg, 'process')
635
636 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
637 self.assertNoRRSIGsInAnswer(res)
638 self.assertRcodeEqual(res, dns.rcode.NOERROR)
639
640 def testValidate_Insecure_AD(self):
641 msg = self.getQueryForInsecure('AD')
642 res = self.sendUDPQuery(msg, 'validate')
643
644 self.assertMessageHasFlags(res, ['RD', 'RA', 'QR'])
645 self.assertNoRRSIGsInAnswer(res)
646 self.assertRcodeEqual(res, dns.rcode.NOERROR)
647
648 ##
649 # +AD -CD +DO
650 ##
651 def testOff_Insecure_ADDO(self):
652 msg = self.getQueryForInsecure('AD', 'DO')
653 res = self.sendUDPQuery(msg, 'off')
654
655 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
656 self.assertNoRRSIGsInAnswer(res)
657 self.assertRcodeEqual(res, dns.rcode.NOERROR)
658
659 def testProcessNoValidate_Insecure_ADDO(self):
660 msg = self.getQueryForInsecure('AD', 'DO')
661 res = self.sendUDPQuery(msg, 'process-no-validate')
662
663 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
664 self.assertNoRRSIGsInAnswer(res)
665 self.assertRcodeEqual(res, dns.rcode.NOERROR)
666
667 def testProcess_Insecure_ADDO(self):
668 msg = self.getQueryForInsecure('AD', 'DO')
669 res = self.sendUDPQuery(msg, 'process')
670
671 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
672 self.assertNoRRSIGsInAnswer(res)
673 self.assertRcodeEqual(res, dns.rcode.NOERROR)
674
675 def testValidate_Insecure_ADDO(self):
676 msg = self.getQueryForInsecure('AD', 'DO')
677 res = self.sendUDPQuery(msg, 'validate')
678
679 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
680 self.assertNoRRSIGsInAnswer(res)
681 self.assertRcodeEqual(res, dns.rcode.NOERROR)
682
683 ##
684 # +AD +CD +DO
685 ##
686 def testOff_Insecure_ADDOCD(self):
687 msg = self.getQueryForInsecure('AD CD', 'DO')
688 res = self.sendUDPQuery(msg, 'off')
689
690 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
691 self.assertNoRRSIGsInAnswer(res)
692 self.assertRcodeEqual(res, dns.rcode.NOERROR)
693
694 def testProcessNoValidate_Insecure_ADDOCD(self):
695 msg = self.getQueryForInsecure('AD CD', 'DO')
696 res = self.sendUDPQuery(msg, 'process-no-validate')
697
698 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
699 self.assertNoRRSIGsInAnswer(res)
700 self.assertRcodeEqual(res, dns.rcode.NOERROR)
701
702 def testProcess_Insecure_ADDOCD(self):
703 msg = self.getQueryForInsecure('AD CD', 'DO')
704 res = self.sendUDPQuery(msg, 'process')
705
706 self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
707 self.assertNoRRSIGsInAnswer(res)
708 self.assertRcodeEqual(res, dns.rcode.NOERROR)
709
710 def testValidate_Insecure_ADDOCD(self):
711 msg = self.getQueryForInsecure('AD CD', 'DO')
712 expected = dns.rrset.from_text('ns1.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
713 res = self.sendUDPQuery(msg, 'validate')
714
715 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
716 self.assertNoRRSIGsInAnswer(res)
717 self.assertRcodeEqual(res, dns.rcode.NOERROR)
718
719 ##
720 # -AD -CD +DO
721 ##
722 def testOff_Insecure_DO(self):
723 msg = self.getQueryForInsecure('', 'DO')
724 res = self.sendUDPQuery(msg, 'off')
725
726 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
727 self.assertNoRRSIGsInAnswer(res)
728 self.assertRcodeEqual(res, dns.rcode.NOERROR)
729
730 def testProcessNoValidate_Insecure_DO(self):
731 msg = self.getQueryForInsecure('', 'DO')
732 res = self.sendUDPQuery(msg, 'process-no-validate')
733
734 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
735 self.assertNoRRSIGsInAnswer(res)
736 self.assertRcodeEqual(res, dns.rcode.NOERROR)
737
738 def testProcess_Insecure_DO(self):
739 msg = self.getQueryForInsecure('', 'DO')
740 res = self.sendUDPQuery(msg, 'process')
741
742 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
743 self.assertNoRRSIGsInAnswer(res)
744 self.assertRcodeEqual(res, dns.rcode.NOERROR)
745
746 def testValidate_Insecure_DO(self):
747 msg = self.getQueryForInsecure('', 'DO')
748 res = self.sendUDPQuery(msg, 'validate')
749
750 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO'])
751 self.assertNoRRSIGsInAnswer(res)
752 self.assertRcodeEqual(res, dns.rcode.NOERROR)
753
754 ##
755 # -AD +CD +DO
756 ##
757 def testOff_Insecure_DOCD(self):
758 msg = self.getQueryForInsecure('CD', 'DO')
759 res = self.sendUDPQuery(msg, 'off')
760
761 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
762 self.assertNoRRSIGsInAnswer(res)
763 self.assertRcodeEqual(res, dns.rcode.NOERROR)
764
765 def testProcessNoValidate_Insecure_DOCD(self):
766 msg = self.getQueryForInsecure('CD', 'DO')
767 res = self.sendUDPQuery(msg, 'process-no-validate')
768
769 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
770 self.assertNoRRSIGsInAnswer(res)
771 self.assertRcodeEqual(res, dns.rcode.NOERROR)
772
773 def testProcess_Insecure_DOCD(self):
774 msg = self.getQueryForInsecure('CD', 'DO')
775 res = self.sendUDPQuery(msg, 'process')
776
777 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
778 self.assertNoRRSIGsInAnswer(res)
779 self.assertRcodeEqual(res, dns.rcode.NOERROR)
780
781 def testValidate_Insecure_DOCD(self):
782 msg = self.getQueryForInsecure('CD', 'DO')
783 res = self.sendUDPQuery(msg, 'validate')
784
785 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'], ['DO'])
786 self.assertNoRRSIGsInAnswer(res)
787 self.assertRcodeEqual(res, dns.rcode.NOERROR)
788
789 ##
790 # -AD +CD -DO
791 ##
792 def testOff_Insecure_CD(self):
793 msg = self.getQueryForInsecure('CD')
794 res = self.sendUDPQuery(msg, 'off')
795
796 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'])
797 self.assertNoRRSIGsInAnswer(res)
798 self.assertRcodeEqual(res, dns.rcode.NOERROR)
799
800 def testProcessNoValidate_Insecure_CD(self):
801 msg = self.getQueryForInsecure('CD')
802 res = self.sendUDPQuery(msg, 'process-no-validate')
803
804 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
805 self.assertNoRRSIGsInAnswer(res)
806 self.assertRcodeEqual(res, dns.rcode.NOERROR)
807
808 def testProcess_Insecure_CD(self):
809 msg = self.getQueryForInsecure('CD')
810 res = self.sendUDPQuery(msg, 'process')
811
812 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
813 self.assertNoRRSIGsInAnswer(res)
814 self.assertRcodeEqual(res, dns.rcode.NOERROR)
815
816 def testValidate_Insecure_CD(self):
817 msg = self.getQueryForInsecure('CD')
818 res = self.sendUDPQuery(msg, 'validate')
819
820 self.assertMessageHasFlags(res, ['QR', 'RA', 'RD', 'CD'])
821 self.assertNoRRSIGsInAnswer(res)
822 self.assertRcodeEqual(res, dns.rcode.NOERROR)
Unnamed repository; edit this file 'description' to name the repository.