]>
git.ipfire.org Git - thirdparty/pdns.git/blob - regression-tests.recursor-dnssec/test_TrustAnchors.py
2 from recursortests
import RecursorTest
5 class testTrustAnchorsEnabled(RecursorTest
):
6 """This test will do a query for "trustanchor.server CH TXT" and hopes to get
10 _confdir
= 'TrustAnchorsEnabled'
13 _lua_config_file
= """
14 addDS("powerdns.com", "44030 8 1 B763646757DF621DD1204AD3BFA0675B49BE3279")
16 addNTA("example.com", "some reason")
19 def testTrustanchorDotServer(self
):
20 expected
= dns
.rrset
.from_text_list(
21 'trustanchor.server.', 86400, dns
.rdataclass
.CH
, 'TXT',
22 ['". 19036 20326"', '"powerdns.com. 44030"'])
23 query
= dns
.message
.make_query('trustanchor.server', 'TXT',
25 result
= self
.sendUDPQuery(query
)
27 self
.assertRcodeEqual(result
, dns
.rcode
.NOERROR
)
28 self
.assertRRsetInAnswer(result
, expected
)
30 def testNegativerustanchorDotServer(self
):
31 expected
= dns
.rrset
.from_text_list(
32 'negativetrustanchor.server.', 86400, dns
.rdataclass
.CH
, 'TXT',
33 ['"example."', '"example.com. some reason"'])
34 query
= dns
.message
.make_query('negativetrustanchor.server', 'TXT',
36 result
= self
.sendUDPQuery(query
)
38 self
.assertRcodeEqual(result
, dns
.rcode
.NOERROR
)
39 self
.assertRRsetInAnswer(result
, expected
)
42 class testTrustAnchorsDisabled(RecursorTest
):
43 """This test will do a query for "trustanchor.server CH TXT" and hopes to get
47 _confdir
= 'TrustAnchorsDisabled'
50 _config_template
= """
51 allow-trust-anchor-query=no
54 def testTrustanchorDotServer(self
):
55 query
= dns
.message
.make_query('trustanchor.server', 'TXT',
57 result
= self
.sendUDPQuery(query
)
59 self
.assertRcodeEqual(result
, dns
.rcode
.SERVFAIL
)
61 def testNegativerustanchorDotServer(self
):
62 query
= dns
.message
.make_query('negativetrustanchor.server', 'TXT',
64 result
= self
.sendUDPQuery(query
)
66 self
.assertRcodeEqual(result
, dns
.rcode
.SERVFAIL
)