class BasicDNSSEC(RecursorTest):
__test__ = False
_config_template = """dnssec=validate"""
+ _auth_zones = RecursorTest._default_auth_zones
@classmethod
def setUp(cls):
# This dict is keyed with the suffix of the IP address and its value
# is a list of zones hosted on that IP. Note that delegations should
# go into the _zones's zonecontent
- _auth_zones = {
+ _default_auth_zones = {
'8': {'threads': 1,
'zones': ['ROOT']},
'9': {'threads': 1,
'18': {'threads': 1,
'zones': ['example']}
}
+ _auth_zones = {}
# Other IPs used:
# 2: test_Interop.py
# 3-7: free?
from recursortests import RecursorTest
-class APIRecursorTest(RecursorTest):
-
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
-class APIAllowedRecursorTest(APIRecursorTest):
+class APIAllowedRecursorTest(RecursorTest):
_confdir = 'APIAllowedRecursor'
_wsPort = 8042
_wsTimeout = 2
self.assertEqual(r.status_code, 200)
self.assertTrue(r.json())
-class APIDeniedRecursorTest(APIRecursorTest):
+class APIDeniedRecursorTest(RecursorTest):
_confdir = 'APIDeniedRecursor'
_wsPort = 8042
_wsTimeout = 2
class AdditionalsDefaultTest(RecursorTest):
_confdir = 'AdditionalsDefault'
-
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec=validate
disable-packetcache
class AdditionalsResolveImmediatelyTest(RecursorTest):
_confdir = 'AdditionalsResolveImmediately'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec=validate
disable-packetcache
class AdditionalsResolveCacheOnlyTest(RecursorTest):
_confdir = 'AdditionalsResolveCacheOnly'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec=validate
disable-packetcache
_wsTimeout = 10
_wsPassword = 'secretpassword'
_apiKey = 'secretapikey'
- #_recursorStartupDelay = 4.0
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec=validate
aggressive-nsec-cache-size=10000
class AnyBindTest(RecursorTest):
_confdir = 'AnyBind'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
local-address=0.0.0.0
carbon-ourname=%s
carbon-server=127.0.0.1:%s,127.0.01:%s
""" % (_carbonNamespace, _carbonInstance, _carbonInterval, _carbonServerName, _carbonServer1Port, _carbonServer2Port)
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
@classmethod
def CarbonResponder(cls, port):
"""
These regression tests test the chaining of outgoing requests.
"""
+ _auth_zones = RecursorTest._default_auth_zones
_chainSize = 200
_confdir = 'Chain'
_wsPort = 8042
class DNS64Test(RecursorTest):
_confdir = 'DNS64'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
serve-rfc6303=no
auth-zones=example.dns64=configs/%s/example.dns64.zone
cls._UDPResponder.daemon = True
cls._UDPResponder.start()
- @classmethod
- def setUpClass(cls):
- cls.setUpSockets()
-
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- print("Launching tests..")
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
class NoECSTest(ECSTest):
_confdir = 'NoECS'
_roothints = None
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
@classmethod
def generateRecursorConfig(cls, confdir):
class RecursorEDNSPaddingTest(RecursorTest):
_confdir = 'RecursorEDNSPadding'
-
- @classmethod
- def setUpClass(cls):
- cls.setUpSockets()
-
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
- cls.generateAllAuthConfig(confdir)
-
- # we only need these auths and this cuts the needed time in half
- if cls._auth_zones:
- for auth_suffix in ['8', '9', '10']:
- authconfdir = os.path.join(confdir, 'auth-%s' % auth_suffix)
- ipaddress = cls._PREFIX + '.' + auth_suffix
- cls.startAuth(authconfdir, ipaddress)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- print("Launching tests..")
+ _auth_zones = {
+ '8': {'threads': 1,
+ 'zones': ['ROOT']},
+ '9': {'threads': 1,
+ 'zones': ['secure.example', 'islandofsecurity.example']},
+ '10': {'threads': 1,
+ 'zones': ['example']},
+ }
def checkPadding(self, message, numberOfBytes=None):
self.assertEqual(message.edns, 0)
because they are expired.
"""
_confdir = 'Expired'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate"""
because they are expired.
"""
_confdir = 'ExpiredWithEDE'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec=validate
_roothints = None
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
@classmethod
def generateRecursorConfig(cls, confdir):
rpzFilePath = os.path.join(confdir, 'zone.rpz')
"""
_roothints = None
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
- @classmethod
- def generateRecursorConfig(cls, confdir):
- super(NoExtendedErrorsTest, cls).generateRecursorConfig(confdir)
-
@pytest.mark.external
def testNotIncepted(self):
qname = 'signotincepted.bad-dnssec.wb.sidnlabs.nl.'
class FlagsTest(RecursorTest):
_confdir = 'Flags'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=%s"""
_config_params = ['_dnssec_setting']
_dnssec_setting = None
class InteropTest(RecursorTest):
_confdir = 'Interop'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
packetcache-ttl=0 # explicitly disable packetcache
class InteropProcessTest(RecursorTest):
_confdir = 'InteropProcess'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=process
packetcache-ttl=0 # explicitly disable packetcache
class KeepOpenTCPTest(RecursorTest):
_confdir = 'KeepOpenTCP'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
packetcache-ttl=10
Test that a locked cached entry is *not* updated by the same additional encountered in a second query
"""
_confdir = 'LockedCache'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec=validate
Test that a not locked cached entry *is* updated by the same additional encountered in a second query
"""
_confdir = 'NotLockedCache'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec=validate
end
"""
- @classmethod
- def setUpClass(cls):
-
- cls.setUpSockets()
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
def testA(self):
name = 'gettag.lua.'
expected = [
cls._UDPResponder.setDaemon(True)
cls._UDPResponder.start()
- @classmethod
- def setUpClass(cls):
- cls.setUpSockets()
-
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- print("Launching tests..")
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
def testNoData(self):
expected = dns.rrset.from_text('nodata.luahooks.example.', 3600, dns.rdataclass.IN, 'AAAA', '2001:DB8::1')
query = dns.message.make_query('nodata.luahooks.example.', 'AAAA', 'IN')
"""Tests the dq.followupAction("getFakeAAAARecords")"""
_confdir = 'LuaDNS64'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
"""
_lua_dns_script_file = """
"""
_confdir = 'PolicyEventFilterOnFollowUp'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
"""
_lua_config_file = """
"""
_confdir = 'PolicyEventFilterOnFollowUpWithNativeDNS64'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dns64-prefix=1234::/96
"""
"""Tests postresolve_ffi interface"""
_confdir = 'LuaPostResolveFFI'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
"""
_lua_dns_script_file = """
class NTATest(RecursorTest):
_confdir = 'NTA'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate"""
_lua_config_file = """addNTA("bogus.example")
system-resolver-ttl=10
"""
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
def testA(self):
expected = dns.rrset.from_text('dns.google.', 0, dns.rdataclass.IN, 'A', '8.8.8.8', '8.8.4.4')
query = dns.message.make_query('dns.google', 'A', want_dnssec=True)
class NoDSTest(RecursorTest):
_confdir = 'NoDS'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate"""
_lua_config_file = """clearDS(".")"""
class NoDSYAMLTest(RecursorTest):
_confdir = 'NoDSYAML'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
dnssec:
class OOOTCPTest(RecursorTest):
_confdir = 'OOOTCP'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
"""
from recursortests import RecursorTest
class RecPrometheusTest(RecursorTest):
-
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
def checkPrometheusContentBasic(self, content):
for line in content.splitlines():
This test makes sure that we correctly use the proxy-mapped address during the ACL check
"""
_confdir = 'ProxyByTable'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
auth-zones=authzone.example=configs/%s/authzone.zone
from recursortests import RecursorTest
from proxyprotocol import ProxyProtocol
-class ProxyProtocolTest(RecursorTest):
-
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
-class ProxyProtocolAllowedTest(ProxyProtocolTest):
+class ProxyProtocolAllowedTest(RecursorTest):
_confdir = 'ProxyProtocolAllowed'
_wsPort = 8042
_wsTimeout = 2
dq:addAnswer(pdns.A, '192.0.2.1', 60)
return true
end
- """ % (ProxyProtocolTest._recursorPort, ProxyProtocolTest._recursorPort)
+ """ % (RecursorTest._recursorPort, RecursorTest._recursorPort)
_config_template = """
proxy-protocol-from=127.0.0.1
end
""" % (ProxyProtocolAllowedTest._recursorPort)
-class ProxyProtocolNotAllowedTest(ProxyProtocolTest):
+class ProxyProtocolNotAllowedTest(RecursorTest):
_confdir = 'ProxyProtocolNotAllowed'
_lua_dns_script_file = """
res = sender(query, False, '127.0.0.42', '255.255.255.255', 0, 65535, [ [0, b'foo' ], [ 255, b'bar'] ])
self.assertEqual(res, None)
-class ProxyProtocolExceptionTest(ProxyProtocolTest):
+class ProxyProtocolExceptionTest(RecursorTest):
_confdir = 'ProxyProtocolException'
_lua_dns_script_file = """
proxy-protocol-from=127.0.0.1/32
proxy-protocol-exceptions=127.0.0.1:%d
allow-from=127.0.0.0/24, ::1/128
-""" % (ProxyProtocolTest._recursorPort)
+""" % (RecursorTest._recursorPort)
def testNoHeaderProxyProtocol(self):
qname = 'no-header.proxy-protocol-not-allowed.recursor-tests.powerdns.com.'
res = sender(query, False, '127.0.0.42', '255.255.255.255', 0, 65535, [ [0, b'foo' ], [ 255, b'bar'] ])
self.assertEqual(res, None)
-class ProxyProtocolConfigReloadTest(ProxyProtocolTest):
+class ProxyProtocolConfigReloadTest(RecursorTest):
_confdir = 'ProxyProtocolConfigReload'
_lua_dns_script_file = """
class RDNotAllowedTest(RecursorTest):
_confdir = 'RDNotAllowed'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
"""
class RDAllowedTest(RecursorTest):
_confdir = 'RDAllowed'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
disable-packetcache=yes
class RootNXTrustDisabledTest(RootNXTrustRecursorTest):
_confdir = 'RootNXTrustDisabled'
+ _auth_zones = RecursorTest._default_auth_zones
_wsPort = 8042
_wsTimeout = 2
_wsPassword = 'secretpassword'
class RootNXTrustEnabledTest(RootNXTrustRecursorTest):
_confdir = 'RootNXTrustEnabled'
+ _auth_zones = RecursorTest._default_auth_zones
_wsPort = 8042
_wsTimeout = 2
_wsPassword = 'secretpassword'
cls._UDPResponder.setDaemon(True)
cls._UDPResponder.start()
- @classmethod
- def setUpClass(cls):
- cls.setUpSockets()
-
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- print("Launching tests..")
-
@classmethod
def tearDownClass(cls):
cls.tearDownRecursor()
"""
_confdir = 'ServerNames'
+ _auth_zones = RecursorTest._default_auth_zones
_servername = 'awesome-pdns1.example.com'
_versionbind = 'Awesome!'
_versionbind_expected = dns.rrset.from_text('version.bind.', 86400, 'CH', 'TXT', _versionbind)
class SimpleTest(RecursorTest):
_confdir = 'Simple'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
auth-zones=authzone.example=configs/%s/authzone.zone""" % _confdir
_roothints = None
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
@pytest.mark.external
def testTXT(self):
expected = dns.rrset.from_text('dot-test-target.powerdns.org.', 0, dns.rdataclass.IN, 'TXT', 'https://github.com/PowerDNS/pdns/pull/12825')
devonly-regression-test-mode
"""
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
@pytest.mark.external
def testA(self):
expected = dns.rrset.from_text('dns.google.', 0, dns.rdataclass.IN, 'A', '8.8.8.8', '8.8.4.4')
class SimpleTCPTest(RecursorTest):
_confdir = 'SimpleTCP'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
auth-zones=authzone.example=configs/%s/authzone.zone""" % _confdir
class SimpleYAMLTest(RecursorTest):
_confdir = 'SimpleYAML'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """
recursor:
class SortlistTest(RecursorTest):
_confdir = 'Sortlist'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=off"""
_lua_config_file = """addSortList("0.0.0.0/0",
class BogusMaxTTLTest(RecursorTest):
_confdir = 'BogusMaxTTL'
+ _auth_zones = RecursorTest._default_auth_zones
_config_template = """dnssec=validate
max-cache-bogus-ttl=5"""
forward-zones-recurse=.=127.0.0.1:9999
"""
- @classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorConfig(confdir)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
-
def testA(self):
query = dns.message.make_query('example', 'A', want_dnssec=False)
res = self.sendUDPQuery(query)
from recursortests import RecursorTest
class ZTCTest(RecursorTest):
-
_confdir = 'ZTC'
_config_template = """
dnssec:
"""
@classmethod
- def setUpClass(cls):
-
- # we don't need all the auth stuff
- cls.setUpSockets()
- cls.startResponders()
-
- confdir = os.path.join('configs', cls._confdir)
- cls.createConfigDir(confdir)
-
- cls.generateRecursorYamlConfig(confdir, False)
- cls.startRecursor(confdir, cls._recursorPort)
-
- @classmethod
- def tearDownClass(cls):
- cls.tearDownRecursor()
+ def generateRecursorConfig(cls, confdir):
+ super(ZTCTest, cls).generateRecursorYamlConfig(confdir, False)
def testZTC(self):
grepCmd = ['grep', 'validationStatus="Secure"', 'configs/' + self._confdir + '/recursor.log']
ret = b''
- for i in range(30):
- time.sleep(1)
+ for i in range(300):
+ time.sleep(0.1)
try:
ret = subprocess.check_output(grepCmd, stderr=subprocess.STDOUT)
except subprocess.CalledProcessError as e:
class basicNSECTest(BasicDNSSEC):
__test__ = True
_confdir = 'basicNSEC'
+ _auth_zones = BasicDNSSEC._auth_zones
class basicNSEC3Test(BasicDNSSEC):
__test__ = True
_confdir = 'basicNSEC3'
+ _auth_zones = BasicDNSSEC._auth_zones
@classmethod
def secureZone(cls, confdir, zonename, key=None):
projects / thirdparty / pdns.git / commitdiff
