]> git.ipfire.org Git - thirdparty/pdns.git/blob - regression-tests.recursor-dnssec/test_TrustAnchors.py
Merge pull request #13743 from Habbie/auth-api-priority-error
[thirdparty/pdns.git] / regression-tests.recursor-dnssec / test_TrustAnchors.py
1 import dns
2 from recursortests import RecursorTest
3
4
5 class testTrustAnchorsEnabled(RecursorTest):
6 """This test will do a query for "trustanchor.server CH TXT" and hopes to get
7 a proper answer"""
8
9 _auth_zones = None
10 _confdir = 'TrustAnchorsEnabled'
11 _roothints = None
12 _root_DS = None
13 _config_template = """
14 allow-trust-anchor-query=yes
15 """
16 _lua_config_file = """
17 addDS("powerdns.com", "44030 8 1 B763646757DF621DD1204AD3BFA0675B49BE3279")
18 addNTA("example")
19 addNTA("example.com", "some reason")
20 """
21
22 def testTrustanchorDotServer(self):
23 expected = dns.rrset.from_text_list(
24 'trustanchor.server.', 86400, dns.rdataclass.CH, 'TXT',
25 ['". 20326"', '"powerdns.com. 44030"'])
26 query = dns.message.make_query('trustanchor.server', 'TXT',
27 dns.rdataclass.CH)
28 result = self.sendUDPQuery(query)
29
30 self.assertRcodeEqual(result, dns.rcode.NOERROR)
31 self.assertRRsetInAnswer(result, expected)
32
33 def testNegativerustanchorDotServer(self):
34 expected = dns.rrset.from_text_list(
35 'negativetrustanchor.server.', 86400, dns.rdataclass.CH, 'TXT',
36 ['"example."', '"example.com. some reason"'])
37 query = dns.message.make_query('negativetrustanchor.server', 'TXT',
38 dns.rdataclass.CH)
39 result = self.sendUDPQuery(query)
40
41 self.assertRcodeEqual(result, dns.rcode.NOERROR)
42 self.assertRRsetInAnswer(result, expected)
43
44
45 class testTrustAnchorsDisabled(RecursorTest):
46 """This test will do a query for "trustanchor.server CH TXT" and hopes to get
47 a proper answer"""
48
49 _auth_zones = None
50 _confdir = 'TrustAnchorsDisabled'
51 _roothints = None
52 _root_DS = None
53 _config_template = """
54 """
55
56 def testTrustanchorDotServer(self):
57 query = dns.message.make_query('trustanchor.server', 'TXT',
58 dns.rdataclass.CH)
59 result = self.sendUDPQuery(query)
60
61 self.assertRcodeEqual(result, dns.rcode.SERVFAIL)
62
63 def testNegativerustanchorDotServer(self):
64 query = dns.message.make_query('negativetrustanchor.server', 'TXT',
65 dns.rdataclass.CH)
66 result = self.sendUDPQuery(query)
67
68 self.assertRcodeEqual(result, dns.rcode.SERVFAIL)