policy.rpz: test coverage for SOA-defined origin

diff --git a/modules/policy/policy.rpz.test.lua b/modules/policy/policy.rpz.test.lua
index 047b27f5cd1fb069da3754a97413e03e40f41607..70ef9fb6f7a6cbbc513ea48c3868de04bfc7ca99 100644 (file)
--- a/modules/policy/policy.rpz.test.lua
+++ b/modules/policy/policy.rpz.test.lua
@@ -44,13 +44,22 @@ local function test_rpz()
                {'2001:db8::2', '2001:db8::1'})
 end
 
+local function test_rpz_soa()
+       check_answer('"CNAME ." return NXDOMAIN (SOA origin)',
+               'nxdomain-fqdn.', kres.type.A, kres.rcode.NXDOMAIN)
+       check_answer('"CNAME *." return NODATA (SOA origin)',
+               'nodata-fqdn.', kres.type.A, kres.rcode.NOERROR, {})
+end
+
 net.ipv4 = false
 net.ipv6 = false
 
 prepare_cache()
 
 policy.add(policy.rpz(policy.DENY, 'policy.test.rpz'))
+policy.add(policy.rpz(policy.DENY, 'policy.test.rpz.soa'))
 
 return {
        test_rpz,
+       test_rpz_soa,
 }

diff --git a/modules/policy/policy.test.rpz.soa b/modules/policy/policy.test.rpz.soa
new file mode 100644 (file)
index 0000000..ad18aa4
--- /dev/null
+++ b/modules/policy/policy.test.rpz.soa
@@ -0,0 +1,5 @@
+test2domain.   SOA nonexistent.test2domain. test2domain. 1 12h 15m 3w 2h
+               NS  nonexistent.test2domain.
+
+nxdomain-fqdn.test2domain.             CNAME   .
+nodata-fqdn.test2domain.               CNAME   *.