]>
git.ipfire.org Git - thirdparty/pdns.git/blob - regression-tests.recursor-dnssec/test_Flags.py
5 from recursortests
import RecursorTest
8 class TestFlags(RecursorTest
):
10 _config_template
= """dnssec=%s"""
11 _config_params
= ['_dnssec_setting']
12 _dnssec_setting
= None
15 _dnssec_setting_ports
= {'off': 5300,
16 'process-no-validate': 5301,
22 for setting
in cls
._dnssec
_setting
_ports
:
23 confdir
= os
.path
.join('configs', cls
._confdir
, setting
)
24 cls
.wipeRecursorCache(confdir
)
29 confdir
= os
.path
.join('configs', cls
._confdir
)
30 cls
.createConfigDir(confdir
)
32 cls
.generateAllAuthConfig(confdir
)
33 cls
.startAllAuth(confdir
)
35 for dnssec_setting
, port
in cls
._dnssec
_setting
_ports
.items():
36 cls
._dnssec
_setting
= dnssec_setting
37 recConfdir
= os
.path
.join(confdir
, dnssec_setting
)
38 cls
.createConfigDir(recConfdir
)
39 cls
.generateRecursorConfig(recConfdir
)
40 cls
.startRecursor(recConfdir
, port
)
41 cls
._recursors
[dnssec_setting
] = cls
._recursor
44 def setUpSockets(cls
):
46 for dnssec_setting
, port
in cls
._dnssec
_setting
_ports
.items():
47 print("Setting up UDP socket..")
48 cls
._sock
[dnssec_setting
] = socket
.socket(socket
.AF_INET
,
50 cls
._sock
[dnssec_setting
].settimeout(2.0)
51 cls
._sock
[dnssec_setting
].connect(("127.0.0.1", port
))
54 def sendUDPQuery(cls
, query
, dnssec_setting
, timeout
=2.0):
56 cls
._sock
[dnssec_setting
].settimeout(timeout
)
59 cls
._sock
[dnssec_setting
].send(query
.to_wire())
60 data
= cls
._sock
[dnssec_setting
].recv(4096)
61 except socket
.timeout
:
65 cls
._sock
[dnssec_setting
].settimeout(None)
69 msg
= dns
.message
.from_wire(data
)
73 def tearDownClass(cls
):
75 for _
, recursor
in cls
._recursors
.items():
76 cls
._recursor
= recursor
77 cls
.tearDownRecursor()
79 def createQuery(self
, name
, rdtype
, flags
, ednsflags
):
80 """Helper function that creates the query with the specified flags.
81 The flags need to be strings (no checking is performed atm)"""
82 msg
= dns
.message
.make_query(name
, rdtype
)
83 msg
.flags
= dns
.flags
.from_text(flags
)
84 msg
.flags
+= dns
.flags
.from_text('RD')
85 msg
.use_edns(edns
=0, ednsflags
=dns
.flags
.edns_from_text(ednsflags
))
88 def getQueryForSecure(self
, flags
='', ednsflags
=''):
89 return self
.createQuery('ns1.example.', 'A', flags
, ednsflags
)
94 def testOff_Secure_None(self
):
95 msg
= self
.getQueryForSecure()
96 res
= self
.sendUDPQuery(msg
, 'off')
97 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
98 self
.assertNoRRSIGsInAnswer(res
)
100 def testProcessNoValidate_Secure_None(self
):
101 msg
= self
.getQueryForSecure()
102 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
103 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
104 self
.assertNoRRSIGsInAnswer(res
)
106 def testProcess_Secure_None(self
):
107 msg
= self
.getQueryForSecure()
108 res
= self
.sendUDPQuery(msg
, 'process')
109 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
110 self
.assertNoRRSIGsInAnswer(res
)
112 def testValidate_Secure_None(self
):
113 msg
= self
.getQueryForSecure()
114 res
= self
.sendUDPQuery(msg
, 'validate')
115 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
116 self
.assertNoRRSIGsInAnswer(res
)
121 def testOff_Secure_AD(self
):
122 msg
= self
.getQueryForSecure('AD')
123 res
= self
.sendUDPQuery(msg
, 'off')
124 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
126 self
.assertNoRRSIGsInAnswer(res
)
128 def testProcessNoValidate_Secure_AD(self
):
129 msg
= self
.getQueryForSecure('AD')
130 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
131 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
132 self
.assertNoRRSIGsInAnswer(res
)
134 def testProcess_Secure_AD(self
):
135 msg
= self
.getQueryForSecure('AD')
136 res
= self
.sendUDPQuery(msg
, 'process')
137 self
.assertMessageIsAuthenticated(res
)
138 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD'])
139 self
.assertNoRRSIGsInAnswer(res
)
141 def testValidate_Secure_AD(self
):
142 msg
= self
.getQueryForSecure('AD')
143 res
= self
.sendUDPQuery(msg
, 'validate')
145 self
.assertMessageIsAuthenticated(res
)
146 self
.assertMessageHasFlags(res
, ['AD', 'RD', 'RA', 'QR'])
147 self
.assertNoRRSIGsInAnswer(res
)
152 def testOff_Secure_ADDO(self
):
153 msg
= self
.getQueryForSecure('AD', 'DO')
154 res
= self
.sendUDPQuery(msg
, 'off')
156 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
157 self
.assertNoRRSIGsInAnswer(res
)
159 def testProcessNoValidate_Secure_ADDO(self
):
160 msg
= self
.getQueryForSecure('AD', 'DO')
161 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
162 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
164 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
165 self
.assertMatchingRRSIGInAnswer(res
, expected
)
167 def testProcess_Secure_ADDO(self
):
168 msg
= self
.getQueryForSecure('AD', 'DO')
169 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
170 res
= self
.sendUDPQuery(msg
, 'process')
172 self
.assertMessageIsAuthenticated(res
)
173 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD'], ['DO'])
174 self
.assertMatchingRRSIGInAnswer(res
, expected
)
176 def testValidate_Secure_ADDO(self
):
177 msg
= self
.getQueryForSecure('AD', 'DO')
178 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
179 res
= self
.sendUDPQuery(msg
, 'validate')
181 self
.assertMessageIsAuthenticated(res
)
182 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD'], ['DO'])
183 self
.assertMatchingRRSIGInAnswer(res
, expected
)
188 def testOff_Secure_ADDOCD(self
):
189 msg
= self
.getQueryForSecure('AD CD', 'DO')
190 res
= self
.sendUDPQuery(msg
, 'off')
192 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
194 def testProcessNoValidate_Secure_ADDOCD(self
):
195 msg
= self
.getQueryForSecure('AD CD', 'DO')
196 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
197 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
199 self
.assertMessageHasFlags(res
, ['CD', 'QR', 'RA', 'RD'], ['DO'])
200 self
.assertMatchingRRSIGInAnswer(res
, expected
)
202 def testProcess_Secure_ADDOCD(self
):
203 msg
= self
.getQueryForSecure('AD CD', 'DO')
204 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
205 res
= self
.sendUDPQuery(msg
, 'process')
207 self
.assertMessageIsAuthenticated(res
)
208 self
.assertMessageHasFlags(res
, ['AD', 'CD', 'QR', 'RA', 'RD'], ['DO'])
209 self
.assertMatchingRRSIGInAnswer(res
, expected
)
211 def testValidate_Secure_ADDOCD(self
):
212 msg
= self
.getQueryForSecure('AD CD', 'DO')
213 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
214 res
= self
.sendUDPQuery(msg
, 'validate')
216 self
.assertMessageIsAuthenticated(res
)
217 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD', 'CD'], ['DO'])
218 self
.assertMatchingRRSIGInAnswer(res
, expected
)
223 def testOff_Secure_DO(self
):
224 msg
= self
.getQueryForSecure('', 'DO')
225 res
= self
.sendUDPQuery(msg
, 'off')
227 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
228 self
.assertNoRRSIGsInAnswer(res
)
230 def testProcessNoValidate_Secure_DO(self
):
231 msg
= self
.getQueryForSecure('', 'DO')
232 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
233 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
235 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
236 self
.assertMatchingRRSIGInAnswer(res
, expected
)
238 def testProcess_Secure_DO(self
):
239 msg
= self
.getQueryForSecure('', 'DO')
240 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
241 res
= self
.sendUDPQuery(msg
, 'process')
243 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD'], ['DO'])
244 self
.assertMatchingRRSIGInAnswer(res
, expected
)
246 def testValidate_Secure_DO(self
):
247 msg
= self
.getQueryForSecure('', 'DO')
248 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
249 res
= self
.sendUDPQuery(msg
, 'validate')
251 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD'], ['DO'])
252 self
.assertMatchingRRSIGInAnswer(res
, expected
)
257 def testOff_Secure_DOCD(self
):
258 msg
= self
.getQueryForSecure('CD', 'DO')
259 res
= self
.sendUDPQuery(msg
, 'off')
261 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
262 self
.assertNoRRSIGsInAnswer(res
)
264 def testProcessNoValidate_Secure_DOCD(self
):
265 msg
= self
.getQueryForSecure('CD', 'DO')
266 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
267 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
269 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
270 self
.assertMatchingRRSIGInAnswer(res
, expected
)
272 def testProcess_Secure_DOCD(self
):
273 msg
= self
.getQueryForSecure('CD', 'DO')
274 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
275 res
= self
.sendUDPQuery(msg
, 'process')
277 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD', 'CD'], ['DO'])
278 self
.assertMatchingRRSIGInAnswer(res
, expected
)
280 def testValidate_Secure_DOCD(self
):
281 msg
= self
.getQueryForSecure('CD', 'DO')
282 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
283 res
= self
.sendUDPQuery(msg
, 'validate')
285 self
.assertMessageHasFlags(res
, ['AD', 'QR', 'RA', 'RD', 'CD'], ['DO'])
286 self
.assertMatchingRRSIGInAnswer(res
, expected
)
291 def testOff_Secure_CD(self
):
292 msg
= self
.getQueryForSecure('CD')
293 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
294 res
= self
.sendUDPQuery(msg
, 'off')
296 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
297 self
.assertRRsetInAnswer(res
, expected
)
298 self
.assertNoRRSIGsInAnswer(res
)
300 def testProcessNoValidate_Secure_CD(self
):
301 msg
= self
.getQueryForSecure('CD')
302 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
303 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
305 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
306 self
.assertRRsetInAnswer(res
, expected
)
307 self
.assertNoRRSIGsInAnswer(res
)
309 def testProcess_Secure_CD(self
):
310 msg
= self
.getQueryForSecure('CD')
311 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
312 res
= self
.sendUDPQuery(msg
, 'process')
314 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
315 self
.assertRRsetInAnswer(res
, expected
)
316 self
.assertNoRRSIGsInAnswer(res
)
318 def testValidate_Secure_CD(self
):
319 msg
= self
.getQueryForSecure('CD')
320 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
321 res
= self
.sendUDPQuery(msg
, 'validate')
323 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
324 self
.assertRRsetInAnswer(res
, expected
)
325 self
.assertNoRRSIGsInAnswer(res
)
329 def getQueryForBogus(self
, flags
='', ednsflags
=''):
330 return self
.createQuery('ted.bogus.example.', 'A', flags
, ednsflags
)
335 def testOff_Bogus_None(self
):
336 msg
= self
.getQueryForBogus()
337 res
= self
.sendUDPQuery(msg
, 'off')
338 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
339 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
341 def testProcessNoValidate_Bogus_None(self
):
342 msg
= self
.getQueryForBogus()
343 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
344 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
345 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
347 def testProcess_Bogus_None(self
):
348 msg
= self
.getQueryForBogus()
349 res
= self
.sendUDPQuery(msg
, 'process')
350 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
351 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
353 def testValidate_Bogus_None(self
):
354 msg
= self
.getQueryForBogus()
355 res
= self
.sendUDPQuery(msg
, 'validate')
356 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
357 self
.assertRcodeEqual(res
, dns
.rcode
.SERVFAIL
)
358 self
.assertAnswerEmpty(res
)
363 def testOff_Bogus_AD(self
):
364 msg
= self
.getQueryForBogus('AD')
365 res
= self
.sendUDPQuery(msg
, 'off')
366 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
367 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
369 def testProcessNoValidate_Bogus_AD(self
):
370 msg
= self
.getQueryForBogus('AD')
371 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
372 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
373 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
375 def testProcess_Bogus_AD(self
):
376 msg
= self
.getQueryForBogus('AD')
377 res
= self
.sendUDPQuery(msg
, 'process')
378 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
379 self
.assertRcodeEqual(res
, dns
.rcode
.SERVFAIL
)
380 self
.assertAnswerEmpty(res
)
382 def testValidate_Bogus_AD(self
):
383 msg
= self
.getQueryForBogus('AD')
384 res
= self
.sendUDPQuery(msg
, 'validate')
386 self
.assertMessageHasFlags(res
, ['RD', 'RA', 'QR'])
387 self
.assertRcodeEqual(res
, dns
.rcode
.SERVFAIL
)
388 self
.assertAnswerEmpty(res
)
393 def testOff_Bogus_ADDO(self
):
394 msg
= self
.getQueryForBogus('AD', 'DO')
395 res
= self
.sendUDPQuery(msg
, 'off')
397 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
398 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
400 def testProcessNoValidate_Bogus_ADDO(self
):
401 msg
= self
.getQueryForBogus('AD', 'DO')
402 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
404 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
405 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
407 def testProcess_Bogus_ADDO(self
):
408 msg
= self
.getQueryForBogus('AD', 'DO')
409 res
= self
.sendUDPQuery(msg
, 'process')
411 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
412 self
.assertRcodeEqual(res
, dns
.rcode
.SERVFAIL
)
413 self
.assertAnswerEmpty(res
)
415 def testValidate_Bogus_ADDO(self
):
416 msg
= self
.getQueryForBogus('AD', 'DO')
417 res
= self
.sendUDPQuery(msg
, 'validate')
419 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
420 self
.assertRcodeEqual(res
, dns
.rcode
.SERVFAIL
)
421 self
.assertAnswerEmpty(res
)
425 def testOff_Bogus_ADDOCD(self
):
426 msg
= self
.getQueryForBogus('AD CD', 'DO')
427 res
= self
.sendUDPQuery(msg
, 'off')
429 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
430 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
432 def testProcessNoValidate_Bogus_ADDOCD(self
):
433 msg
= self
.getQueryForBogus('AD CD', 'DO')
434 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
435 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
437 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
438 self
.assertMessageHasFlags(res
, ['CD', 'QR', 'RA', 'RD'], ['DO'])
439 self
.assertMatchingRRSIGInAnswer(res
, expected
)
441 def testProcess_Bogus_ADDOCD(self
):
442 msg
= self
.getQueryForBogus('AD CD', 'DO')
443 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
444 res
= self
.sendUDPQuery(msg
, 'process')
446 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
447 self
.assertMessageHasFlags(res
, ['CD', 'QR', 'RA', 'RD'], ['DO'])
448 self
.assertMatchingRRSIGInAnswer(res
, expected
)
450 def testValidate_Bogus_ADDOCD(self
):
451 msg
= self
.getQueryForBogus('AD CD', 'DO')
452 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
453 res
= self
.sendUDPQuery(msg
, 'validate')
455 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
456 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
457 self
.assertMatchingRRSIGInAnswer(res
, expected
)
462 def testOff_Bogus_DO(self
):
463 msg
= self
.getQueryForBogus('', 'DO')
464 res
= self
.sendUDPQuery(msg
, 'off')
466 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
467 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
468 self
.assertNoRRSIGsInAnswer(res
)
470 def testProcessNoValidate_Bogus_DO(self
):
471 msg
= self
.getQueryForBogus('', 'DO')
472 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
473 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
475 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
476 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
477 self
.assertMatchingRRSIGInAnswer(res
, expected
)
479 def testProcess_Bogus_DO(self
):
480 msg
= self
.getQueryForBogus('', 'DO')
481 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
482 res
= self
.sendUDPQuery(msg
, 'process')
484 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
485 self
.assertRcodeEqual(res
, dns
.rcode
.SERVFAIL
)
486 self
.assertAnswerEmpty(res
)
488 def testValidate_Bogus_DO(self
):
489 msg
= self
.getQueryForBogus('', 'DO')
490 res
= self
.sendUDPQuery(msg
, 'validate')
492 self
.assertRcodeEqual(res
, dns
.rcode
.SERVFAIL
)
493 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
494 self
.assertAnswerEmpty(res
)
499 def testOff_Bogus_DOCD(self
):
500 msg
= self
.getQueryForBogus('CD', 'DO')
501 res
= self
.sendUDPQuery(msg
, 'off')
503 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
504 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
505 self
.assertNoRRSIGsInAnswer(res
)
507 def testProcessNoValidate_Bogus_DOCD(self
):
508 msg
= self
.getQueryForBogus('CD', 'DO')
509 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
510 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
512 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
513 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
514 self
.assertMatchingRRSIGInAnswer(res
, expected
)
516 def testProcess_Bogus_DOCD(self
):
517 msg
= self
.getQueryForBogus('CD', 'DO')
518 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
519 res
= self
.sendUDPQuery(msg
, 'process')
521 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
522 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
523 self
.assertMatchingRRSIGInAnswer(res
, expected
)
525 def testValidate_Bogus_DOCD(self
):
526 msg
= self
.getQueryForBogus('CD', 'DO')
527 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
528 res
= self
.sendUDPQuery(msg
, 'validate')
530 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
531 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
532 self
.assertMatchingRRSIGInAnswer(res
, expected
)
537 def testOff_Bogus_CD(self
):
538 msg
= self
.getQueryForBogus('CD')
539 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
540 res
= self
.sendUDPQuery(msg
, 'off')
542 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
543 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
544 self
.assertRRsetInAnswer(res
, expected
)
545 self
.assertNoRRSIGsInAnswer(res
)
547 def testProcessNoValidate_Bogus_CD(self
):
548 msg
= self
.getQueryForBogus('CD')
549 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
550 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
552 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
553 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
554 self
.assertRRsetInAnswer(res
, expected
)
555 self
.assertNoRRSIGsInAnswer(res
)
557 def testProcess_Bogus_CD(self
):
558 msg
= self
.getQueryForBogus('CD')
559 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
560 res
= self
.sendUDPQuery(msg
, 'process')
562 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
563 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
564 self
.assertRRsetInAnswer(res
, expected
)
565 self
.assertNoRRSIGsInAnswer(res
)
567 def testValidate_Bogus_CD(self
):
568 msg
= self
.getQueryForBogus('CD')
569 expected
= dns
.rrset
.from_text('ted.bogus.example.', 0, dns
.rdataclass
.IN
, 'A', '192.0.2.1')
570 res
= self
.sendUDPQuery(msg
, 'validate')
572 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
573 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
574 self
.assertRRsetInAnswer(res
, expected
)
575 self
.assertNoRRSIGsInAnswer(res
)
579 def getQueryForInsecure(self
, flags
='', ednsflags
=''):
580 return self
.createQuery('node1.insecure.example.', 'A', flags
, ednsflags
)
585 def testOff_Insecure_None(self
):
586 msg
= self
.getQueryForInsecure()
587 res
= self
.sendUDPQuery(msg
, 'off')
588 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
589 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
590 self
.assertNoRRSIGsInAnswer(res
)
592 def testProcessNoValidate_Insecure_None(self
):
593 msg
= self
.getQueryForInsecure()
594 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
595 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
596 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
597 self
.assertNoRRSIGsInAnswer(res
)
599 def testProcess_Insecure_None(self
):
600 msg
= self
.getQueryForInsecure()
601 res
= self
.sendUDPQuery(msg
, 'process')
602 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
603 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
604 self
.assertNoRRSIGsInAnswer(res
)
606 def testValidate_Insecure_None(self
):
607 msg
= self
.getQueryForInsecure()
608 res
= self
.sendUDPQuery(msg
, 'validate')
609 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
610 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
611 self
.assertNoRRSIGsInAnswer(res
)
616 def testOff_Insecure_AD(self
):
617 msg
= self
.getQueryForInsecure('AD')
618 res
= self
.sendUDPQuery(msg
, 'off')
620 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
621 self
.assertNoRRSIGsInAnswer(res
)
622 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
624 def testProcessNoValidate_Insecure_AD(self
):
625 msg
= self
.getQueryForInsecure('AD')
626 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
628 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
629 self
.assertNoRRSIGsInAnswer(res
)
630 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
632 def testProcess_Insecure_AD(self
):
633 msg
= self
.getQueryForInsecure('AD')
634 res
= self
.sendUDPQuery(msg
, 'process')
636 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
637 self
.assertNoRRSIGsInAnswer(res
)
638 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
640 def testValidate_Insecure_AD(self
):
641 msg
= self
.getQueryForInsecure('AD')
642 res
= self
.sendUDPQuery(msg
, 'validate')
644 self
.assertMessageHasFlags(res
, ['RD', 'RA', 'QR'])
645 self
.assertNoRRSIGsInAnswer(res
)
646 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
651 def testOff_Insecure_ADDO(self
):
652 msg
= self
.getQueryForInsecure('AD', 'DO')
653 res
= self
.sendUDPQuery(msg
, 'off')
655 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
656 self
.assertNoRRSIGsInAnswer(res
)
657 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
659 def testProcessNoValidate_Insecure_ADDO(self
):
660 msg
= self
.getQueryForInsecure('AD', 'DO')
661 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
663 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
664 self
.assertNoRRSIGsInAnswer(res
)
665 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
667 def testProcess_Insecure_ADDO(self
):
668 msg
= self
.getQueryForInsecure('AD', 'DO')
669 res
= self
.sendUDPQuery(msg
, 'process')
671 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
672 self
.assertNoRRSIGsInAnswer(res
)
673 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
675 def testValidate_Insecure_ADDO(self
):
676 msg
= self
.getQueryForInsecure('AD', 'DO')
677 res
= self
.sendUDPQuery(msg
, 'validate')
679 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
680 self
.assertNoRRSIGsInAnswer(res
)
681 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
686 def testOff_Insecure_ADDOCD(self
):
687 msg
= self
.getQueryForInsecure('AD CD', 'DO')
688 res
= self
.sendUDPQuery(msg
, 'off')
690 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
691 self
.assertNoRRSIGsInAnswer(res
)
692 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
694 def testProcessNoValidate_Insecure_ADDOCD(self
):
695 msg
= self
.getQueryForInsecure('AD CD', 'DO')
696 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
698 self
.assertMessageHasFlags(res
, ['CD', 'QR', 'RA', 'RD'], ['DO'])
699 self
.assertNoRRSIGsInAnswer(res
)
700 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
702 def testProcess_Insecure_ADDOCD(self
):
703 msg
= self
.getQueryForInsecure('AD CD', 'DO')
704 res
= self
.sendUDPQuery(msg
, 'process')
706 self
.assertMessageHasFlags(res
, ['CD', 'QR', 'RA', 'RD'], ['DO'])
707 self
.assertNoRRSIGsInAnswer(res
)
708 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
710 def testValidate_Insecure_ADDOCD(self
):
711 msg
= self
.getQueryForInsecure('AD CD', 'DO')
712 expected
= dns
.rrset
.from_text('ns1.example.', 0, dns
.rdataclass
.IN
, 'A', '{prefix}.10'.format(prefix
=self
._PREFIX
))
713 res
= self
.sendUDPQuery(msg
, 'validate')
715 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
716 self
.assertNoRRSIGsInAnswer(res
)
717 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
722 def testOff_Insecure_DO(self
):
723 msg
= self
.getQueryForInsecure('', 'DO')
724 res
= self
.sendUDPQuery(msg
, 'off')
726 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
727 self
.assertNoRRSIGsInAnswer(res
)
728 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
730 def testProcessNoValidate_Insecure_DO(self
):
731 msg
= self
.getQueryForInsecure('', 'DO')
732 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
734 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
735 self
.assertNoRRSIGsInAnswer(res
)
736 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
738 def testProcess_Insecure_DO(self
):
739 msg
= self
.getQueryForInsecure('', 'DO')
740 res
= self
.sendUDPQuery(msg
, 'process')
742 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
743 self
.assertNoRRSIGsInAnswer(res
)
744 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
746 def testValidate_Insecure_DO(self
):
747 msg
= self
.getQueryForInsecure('', 'DO')
748 res
= self
.sendUDPQuery(msg
, 'validate')
750 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'], ['DO'])
751 self
.assertNoRRSIGsInAnswer(res
)
752 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
757 def testOff_Insecure_DOCD(self
):
758 msg
= self
.getQueryForInsecure('CD', 'DO')
759 res
= self
.sendUDPQuery(msg
, 'off')
761 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
762 self
.assertNoRRSIGsInAnswer(res
)
763 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
765 def testProcessNoValidate_Insecure_DOCD(self
):
766 msg
= self
.getQueryForInsecure('CD', 'DO')
767 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
769 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
770 self
.assertNoRRSIGsInAnswer(res
)
771 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
773 def testProcess_Insecure_DOCD(self
):
774 msg
= self
.getQueryForInsecure('CD', 'DO')
775 res
= self
.sendUDPQuery(msg
, 'process')
777 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
778 self
.assertNoRRSIGsInAnswer(res
)
779 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
781 def testValidate_Insecure_DOCD(self
):
782 msg
= self
.getQueryForInsecure('CD', 'DO')
783 res
= self
.sendUDPQuery(msg
, 'validate')
785 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'], ['DO'])
786 self
.assertNoRRSIGsInAnswer(res
)
787 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
792 def testOff_Insecure_CD(self
):
793 msg
= self
.getQueryForInsecure('CD')
794 res
= self
.sendUDPQuery(msg
, 'off')
796 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD'])
797 self
.assertNoRRSIGsInAnswer(res
)
798 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
800 def testProcessNoValidate_Insecure_CD(self
):
801 msg
= self
.getQueryForInsecure('CD')
802 res
= self
.sendUDPQuery(msg
, 'process-no-validate')
804 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
805 self
.assertNoRRSIGsInAnswer(res
)
806 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
808 def testProcess_Insecure_CD(self
):
809 msg
= self
.getQueryForInsecure('CD')
810 res
= self
.sendUDPQuery(msg
, 'process')
812 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
813 self
.assertNoRRSIGsInAnswer(res
)
814 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)
816 def testValidate_Insecure_CD(self
):
817 msg
= self
.getQueryForInsecure('CD')
818 res
= self
.sendUDPQuery(msg
, 'validate')
820 self
.assertMessageHasFlags(res
, ['QR', 'RA', 'RD', 'CD'])
821 self
.assertNoRRSIGsInAnswer(res
)
822 self
.assertRcodeEqual(res
, dns
.rcode
.NOERROR
)